Pen Test

OCTOBER 10, 2023

A particularly insidious new trend is the rise of "double extortion" attacks, in which cybercriminals not only encrypt an organization's data but also threaten to publicly release sensitive stolen information if the ransom is not paid. CryptoLocker, in 2013, pioneered the use of strong encryption algorithms.

Ransomware 52

Ransomware Backups Insurance Cyber Insurance 52

SecureList

OCTOBER 17, 2023

The most remarkable findings In early 2023, we discovered an ongoing attack targeting government entities in the APAC region by compromising a specific type of a secure USB drive, which provides hardware encryption. StrongyPity (aka PROMETHIUM) is a Turkish-speaking threat actor known to have been active since at least 2012.

Government 110

Government Malware VPN Manufacturing 110

Herjavec Group

AUGUST 26, 2021

1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the most highly-guarded networks in the world, including Nokia and Motorola, using elaborate social engineering schemes, tricking insiders into handing over codes and passwords, and using the codes to access internal computer systems.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

NOVEMBER 1, 2022

KeyPlug is a modular backdoor with the capability of communicating to its server via several network communication protocols set in its XOR-encrypted embedded configuration block. This backdoor comprises an encrypted shellcode that allows the attacker to execute arbitrary code received over an encrypted channel. Final thoughts.

Malware 142

Malware Ransomware Spyware Encryption 142

Spinone

NOVEMBER 30, 2018

Details included names, addresses, telephone numbers, dates of birth and encrypted passwords, all of which could be used to access other accounts belonging to these users. The Hacker had discovered Zuckerberg’s password in a 2012 LinkedIn data breach and he had used the same password across several accounts.

Data breaches 40

Data breaches Passwords Backups Mobile 40

The Last Watchdog

JULY 25, 2019

Then in 2017, a self-spreading worm, dubbed WannaCry , raced around the world encrypting servers at hospitals, banks and transportation companies, then demanding a ransom, paid in Bitcoin, for a decryption key. Iran is believed to be behind a progressing series of hacks that began in 2012 targeting Saudi petrochemical plants.

IoT 171

IoT Hacking Banking Government 171

Security Boulevard

APRIL 13, 2022

I’d also like to thank Duane Michael ( @subat0mik ) and Evan McBroom ( @mcbroom_evan ) for researching Network Access Account (NAA) policy encryption and decryption with me (coming soon), as well as Elad Shamir ( @elad_shamir ) and Nick Powers ( @zyn3rgy ) for helping me identify the attacks that are possible using the relayed credentials.

Authentication 52

Authentication Accountability Penetration Testing Software 52

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? Modern variants of ransomware, called crypto ransomware, entomb the files stored on a hard drive using strong encryption. If you’ve read cybersecurity news lately, you’ve probably heard that it’s back.

Cyber threats 40

Cyber threats Ransomware Cyber Attacks Manufacturing 40

SecureList

MARCH 1, 2021

In their campaigns to infect mobile devices, cybercriminals always resort to social engineering tools, the most common of these passing a malicious application off as another, popular and desirable one. This is a typical example of the kind of old-school text-message scams that were popular in 2011 and 2012. Trends of the year.

Mobile 138

Mobile Malware Adware Banking 138

Kali Linux

MARCH 28, 2023

2021-04-01: kali4kids 2022-04-01: Hollywood mode Kali4Kids What started out as a poster put out by a government agency that did not give the message they were expecting. 2021-04-01: kali4kids 2022-04-01: Hollywood mode Kali4Kids What started out as a poster put out by a government agency that did not give the message they were expecting.

InfoSec 52

InfoSec Penetration Testing Architecture Software 52