Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. In November 2018, a GandCrab affiliate posted a screenshot on the Exploit[.]in The GandCrab identity on Exploit[.]in

Ransomware 260

Ransomware Accountability Cybercrime Passwords 260

Security Affairs

NOVEMBER 3, 2022

Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. Security researchers at Sentinel Labs shared details about Black Basta ‘s TTPs and assess it is highly likely the ransomware operation has ties with FIN7. SecurityAffairs – hacking, FIN7).

Cybercrime 90

Cybercrime Ransomware Antivirus Malware 90

Security Affairs

FEBRUARY 13, 2020

In May 2017, Google introduced a security defense system called Google Play Protect to protect the devices running its mobile OS. billion, reported in the last two years ([ 2017 ], [ 2018 ]), they demonstrate the huge effort spent by the company to protect its users. billion malware installs from Third-party stores.

Malware 72

Malware Mobile Advertising Security Defenses 72

eSecurity Planet

OCTOBER 30, 2023

Russian Attackers Exploit Zero-day One-Click Exploit in Roundcube Email Servers Type of attack: Cross-site scripting (XSS) attacks by Winter Vivern, a Russian hacking group, use carefully crafted HTML emails to inject arbitrary JavaScript code into the Roundcube email server. Once the server is compromised, the attackers can steal emails.

Authentication 103

Authentication Mobile Accountability Software 103

Security Affairs

JULY 19, 2019

.” Both macro builders allow crooks to easily create malicious Office documents that are usually involved in hacking campaigns as a first-stage loader for other malware. The Rubella Macro Builder crimeware kit appeared in the threat landscape on April 2018 and rapidly gained popularity in the cybercriminal underground.

Malware 67

Malware Social Engineering Advertising Antivirus 67

CyberSecurity Insiders

MAY 16, 2022

That investment requires shifting attitudes from general awareness of security, which most workers already have, to genuinely caring about it and seeing themselves as a true part of their company’s security defenses. In certain circumstances, anyone, even a security professional, can be hacked.

CSO 131

CSO Passwords Password Management Accountability 131

eSecurity Planet

FEBRUARY 26, 2024

Attackers Can Steal Your Credentials In one of the worst-case XSS scenarios, a threat actor can steal credentials once the user inputs them into a web page they don’t realize has been hacked. In 2018, British Airways was attacked by a group of hackers that used an XSS vulnerability in a JavaScript library.

Risk 103

Risk Financial Services Engineering Software 103