Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 95

Malware Education Accountability Media 95

BH Consulting

AUGUST 16, 2023

Shedding the light of the law on cybercrime methods Today’s cybercrime landscape involves criminals operating across borders as business-like syndicates, says Europol. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. The malware environment checking and Anti-VM functions. com, malicious activity increased significantly in March 2023. “Based on our traffic source data to the host, evilextractor[.]com,

Cybercrime 88

Cybercrime Malware Education Phishing 88

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 79

Ransomware Cybercrime Cybersecurity Hacking 79

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 89

Cybercrime Malware Hacking Accountability 89

BH Consulting

NOVEMBER 22, 2023

From the off, 2023 struck a more downbeat tone than last year’s edition. Rising attacks against critical infrastructure Data Breach Today reported that cyberattacks against Ukrainian critical infrastructure have intensified during 2023. “In Stuxnet in 2010 was the first the most recent was CosmicEnergy in 2023.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

Security Affairs

APRIL 13, 2023

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware. ” reads the advisory published by the JVN.

Malware 95

Malware Mobile Education Media 95

BH Consulting

OCTOBER 15, 2023

Ransomware an ongoing threat to industry as crime gangs organise Malware-based cyber-attacks are the most prominent threat to industry, Europol says. A companion to Europol’s IOCTA 2023 report , it digs deeper into malware – ransomware in particular – and DDoS attacks. MORE Have you signed up to our monthly newsletter?

Ransomware 52

Ransomware Data breaches CSO Cyber Attacks 52

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 79

Surveillance Malware Spyware Education 79

Security Affairs

MARCH 2, 2023

Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. One campaign attempted to infect law firm employees with the GootLoader malware.

Malware 82

Malware Ransomware Engineering Hacking 82

CyberSecurity Insiders

MARCH 31, 2023

Here are the latest threats and advisories for the week of March 31, 2023. The fears of the remaining Breached hacking forum admin, who shut down the notorious cybercrime meeting ground last week, have come true. To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog.

Malware 52

Malware Phishing DDOS Scams 52

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 222

Ransomware Accountability Cybercrime Backups 222

CyberSecurity Insiders

MARCH 24, 2023

Here are the latest threats and advisories for the week of March 24, 2023. functions as a Ransomware-as-a-Service (RaaS) model and an affiliate-based malware. Breached was a cybercrime forum that was a hotbed for criminal activity. Threat Advisories and Alerts CISA and FBI Release Advisory on LockBit Ransomware The U.S.

Financial Services 52

Financial Services Ransomware Cybercrime Hacking 52

Security Affairs

APRIL 18, 2023

The two companies teamed up with Flare to curb the operations of the malware operators. The experts discovered that the malware control panels use GitHub repositories as dead-drop resolvers. The info-stealer is considered a commodity malware that is available through malware-as-a-service model.

Malware 87

Malware Education Media Authentication 87

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware 84

Ransomware Education Media Malware 84

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 73

Spyware Ransomware Malware Data breaches 73

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. It appears we are late to the game. The MacOS variant has been available since November 11th, 2022.

Encryption 97

Encryption Architecture Ransomware Education 97

Security Affairs

OCTOBER 12, 2023

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. The Balada injector is a malware family that has been active since 2017. The malware supports multiple attack vectors and persistence mechanisms. . ” continues Sucuri.

Malware 114

Malware Hacking Accountability Cybercrime 114

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. This blog post contains excerpts from those reports.

Banking 105

Banking Malware Cybercrime Encryption 105

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 88

Data breaches Cybercrime Ransomware Passwords 88

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 89

Data breaches DDOS Artificial Intelligence Ransomware 89

Security Affairs

MAY 15, 2023

Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. A sample of the ransomware analyzed by Talos is written in C++ and was compiled on April 23, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware 85

Ransomware Encryption Cybercrime Insurance 85

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com c2 arrowlchat[.]com

Encryption 88

Encryption Malware Cryptocurrency Software 88

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT. .”

Malware 93

Malware Phishing VPN Accountability 93

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. 231 banking malware.

Mobile 87

Mobile Advertising Malware Cybercrime 87

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing 87

Phishing Education Accountability Telecommunications 87

Security Affairs

MAY 12, 2023

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. According to the FBI, threat actors started exploiting the CVE-2023-27350 flaw in mid-April 2023 and the attacks are still ongoing.

Education 82

Education Ransomware Encryption Malware 82

Security Boulevard

FEBRUARY 23, 2023

In 2023, small businesses experienced a 424-percent increase in breaches, and half of all SMBs reported suffering at least one attack. Thankfully, nearly all malware depends on DNS at some point in their kill chain, making the protocol a critical vector for shutting down these threats.

Antivirus 98

Antivirus DNS Threat Detection Small Business 98

Security Affairs

FEBRUARY 6, 2023

Linux variant of Royal Ransomware from ELF 64-bit b57e5f0c857e807a03770feb4d3aa254d2c4c8c8d9e08687796be30e2093286c 0/62 FUD pic.twitter.com/GXu7GOuMDm — Will (@BushidoToken) February 2, 2023 Querying VirusTotal for the hash that was shared by the expert we can verify that currently the ransomware variant has a detection rate of 32 our of 63.

Encryption 96

Encryption Ransomware Malware Healthcare 96

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft 88

Identity Theft Ransomware Scams Education 88

Security Affairs

APRIL 11, 2023

On January 13, 2023, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Brands, the company that owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach after the January ransomware attack. “As we announced publicly in mid-January, Yum!

Data breaches 93

Data breaches Identity Theft Education Ransomware 93

Security Affairs

APRIL 7, 2023

The group published a series of screenshots of the company’s CTMS and ERP databases The Money Message group threatens to publish the stolen files by Wednesday, April 12, 2023, if the company will not pay the ransom. Today MSI confirmed the security breach, it confirmed that threat actors had access to some of its information service systems.

Ransomware 87

Ransomware Firmware Hacking Manufacturing 87

SecureList

DECEMBER 13, 2023

Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, we have written private reports on a wide range of topics, such as new cross-platform ransomware, macOS stealers and malware distribution campaigns.

Ransomware 103

Ransomware Passwords Malware Encryption 103

Security Affairs

APRIL 16, 2023

The phishing attacks began in February 2023, the IT giant reported. In 2021, CISA added Remcos to the list of top malware strains due to its use in mass phishing attacks using COVID-19 pandemic themes targeting businesses and individuals.

Accountability 90

Accountability Phishing Financial Services Surveillance 90

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS 91

DDOS Engineering Firmware Architecture 91

Security Boulevard

MARCH 6, 2024

Protective DNS acts as a first line of defense against malware, supply-chain attacks, breaches, and phishing by blocking access to the infrastructure that commands & controls these attacks and is known to host malicious content. That's where technologies like protective DNS come in. million — 15% more than it was in 2020.

DNS 86

DNS Phishing Data breaches Cyber threats 86

Security Affairs

MAY 21, 2023

In February 2023, eSentire reported another BatLoader campaign targeting users searching for AI tools. The experts also detailed a separate case, that was observed on May 2023, using a similar infection scheme to advertise a rogue page for Midjourney. “Generative AI technologies and chatbots have exploded in popularity in 2023.

System Administration 94

System Administration Advertising Malware Hacking 94