Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Ahead of the U.S.

Accountability 88

Accountability Phishing Financial Services Surveillance 88

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 225

Ransomware Accountability Cybercrime Backups 225

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. In 2022, Kaspersky solutions detected over 74.2M

Ransomware 121

Ransomware Malware Architecture Telecommunications 121

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. According to an Aug.

Social Engineering 327

Social Engineering Mobile Cybercrime Passwords 327

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 87

Cybercrime Malware Hacking Accountability 87

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” He also co-runs SURBL , an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

DDOS 274

DDOS Internet Internet Government 274

Krebs on Security

MARCH 22, 2023

28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove. .

Malware 272

Malware eCommerce Mobile Media 272

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. com, malicious activity increased significantly in March 2023. EvilExtractor is a modular info-stealer, it exfiltrates data via an FTP service. . ” reads the report published by Fortinet.

Cybercrime 86

Cybercrime Malware Education Phishing 86

BH Consulting

JUNE 13, 2023

Target the human, swipe the cash: Verizon DBIR 2023 highlights crime trends Manage the human risk and mind your money: those are two key takeaways from Verizon’s 2023 Data Breach Investigations Report. It said the criminals often take over victims’ accounts and empty them of funds.

Social Engineering 52

Social Engineering Data breaches Scams DDOS 52

BH Consulting

NOVEMBER 14, 2023

Gardaí established that over €40 million was stolen and laundered through Irish bank accounts, and that a trade-based money laundering and underground banking system is operating from Ireland. while cybercrime incidents increase More than seven out of 10 Irish companies experienced at least one cybersecurity incident in the past 12 months.

Scams 59

Scams Insurance Banking Data breaches 59

Security Affairs

MAY 12, 2023

Recently, VIPRE Security Group published their Email Security in 2023 report , where they shared insights on the development of email-based threats and how they can impact organizations. What Can We Expect in 2023? It’s not likely to stop there. Bad actors use the domain until it starts getting blocked, and then move onto the next one.

Phishing 87

Phishing Social Engineering Small Business B2B 87

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 83

Spyware Surveillance Artificial Intelligence Data breaches 83

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec hacking activity surged in the past year and the cybercrime gang was spotted using a new GhostLocker 2.0 is written in Go, it was announced in November 2023. The GhostLocker 2.0 GhostLocker 2.0

Ransomware 113

Ransomware Encryption Cybercrime Hacking 113

Security Affairs

APRIL 5, 2023

The STYX marketplace was launched at the beginning of 2023. The discovery of STYX coincides with Resecurity financial crime risk analysts observing a significant increase in threat actors offering money-laundering services that exploit digital banking and cryptocurrency accounts.

Banking 77

Banking Cybercrime Accountability Risk 77

Security Affairs

APRIL 21, 2023

The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. “On March 17, 2023, the ABA observed unusual activity on its network. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018.

Data breaches 88

Data breaches Passwords Education Accountability 88

Security Affairs

APRIL 18, 2023

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force reported that former members of the now-defunct Conti gang have been using Domino since at least late February 2023. ” reads the report published by IBM Security X-Force.

Ransomware 75

Ransomware Cybercrime Malware Education 75

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware 81

Ransomware Education Media Malware 81

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. Anyway, the archive in which this sample was included shown bundled date as March 20.

Encryption 96

Encryption Architecture Ransomware Education 96

SecureList

JANUARY 17, 2024

In 2023, for instance, there was a significant rise in posts offering login credentials and passwords for various personal and work accounts. To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022.

Marketing 111

Marketing Cryptocurrency Malware Ransomware 111

Krebs on Security

APRIL 4, 2024

For example, this account at Medium has authored more than a dozen blog posts in the past year singing the praises of Tornote as a secure, self-destructing messaging service. Throughout 2023, Tornote was hosted with the Russian provider DDoS-Guard , at the Internet address 186.2.163[.]216. io seem like a legitimate website.

Phishing 223

Phishing Cryptocurrency DDOS Internet 223

Security Affairs

MAY 3, 2023

. “Since March alone, our security analysts have found around 10 malware families posing as ChatGPT and similar tools to compromise accounts across the internet. ” reads the Meta’s Q1 2023 Security Reports. “In fact, some of these malicious extensions did include working ChatGPT functionality alongside the malware.

Malware 93

Malware Education Accountability Media 93

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. Earlier 2023, Elastic Security Labs observed multiple infections with an interesting attach chain that lead to the execution of the LOBSHOT malware.

Malware 86

Malware Cybercrime Banking Software 86

Security Affairs

APRIL 11, 2023

On January 13, 2023, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Brands, the company that owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach after the January ransomware attack. “As we announced publicly in mid-January, Yum!

Data breaches 92

Data breaches Identity Theft Education Ransomware 92

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft 85

Identity Theft Ransomware Scams Education 85

Security Boulevard

JANUARY 2, 2024

While the “prediction season” gains momentum, it's pivotal to reflect on the high impact of the 2023 cybersecurity landscape. Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking 302

Banking Government Information Security Authentication 302

Security Affairs

APRIL 14, 2023

The cyber attack was discovered on Tuesday, April 11, 2023, it is investigating the incident with the help of cybersecurity experts. “On April 11, 2023, Cornwall Community Hospital (CCH) identified a network issue, which an investigation has revealed to be a cyber incident. ” reads a statement published by the hospital.

Healthcare 76

Healthcare Cyber Attacks Education Media 76

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 71

Spyware Ransomware Malware Data breaches 71

Security Affairs

APRIL 5, 2023

Those days are behind us, however, as cybercrime is establishing itself as a business in and of itself. The backbone of this planning is the JCDC’s 2023 Planning Agenda. Systemic Risk Cybercrime is a broad-reaching threat relevant to both individuals and organizations.

Energy and Utilities 75

Energy and Utilities Cyber threats Risk Cyber Risk 75

Security Affairs

APRIL 3, 2023

” reads the status page of the company on April 2, 2023. “On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. “We are working to restore service. We apologize for any inconvenience. Next update will be posted on Monday, April 3.

Wireless 87

Wireless Education Ransomware Media 87

Security Affairs

APRIL 18, 2023

1/4 pic.twitter.com/7JjOSbYEBx — ESET Research (@ESETresearch) April 17, 2023 The RedLine is an info stealing malware written in.NET that is active since at least early 2020. While this doesn’t affect the actual back-end servers, it will force the RedLine operators to distribute new panels to their customers.

Malware 85

Malware Education Media Authentication 85

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS 89

DDOS Engineering Firmware Architecture 89

Digital Shadows

NOVEMBER 1, 2022

As we move towards the end of 2022, now is the time to take a look back at the major trends from the last eleven months and identify what might happen from a cyber threat perspective in 2023. It is realistically possible that any attempts at undermining the 2022 midterm elections could also have an impact on US policy making in 2023.

Cyber threats 52

Cyber threats Ransomware Media Data breaches 52

Security Affairs

APRIL 6, 2023

The group published a series of screenshots of the company’s CTMS and ERP databases The Money Message group threatens to publish the stolen files by Wednesday, April 12, 2023, if the company will not pay the ransom. BleepingComputer reported that the ransomware gang has demanded a ransom payment of $4,000,000.

Hacking 75

Hacking Ransomware Manufacturing Education 75

Security Affairs

OCTOBER 12, 2023

The Balada Injector malware campaign performed a series of attacks targeting both the vulnerability in the tagDiv Composer plugin and blog administrators of already infected sites.” In another wave, the threat actors were observed using a malicious script to create rogue WordPress administrator accounts. ” continues Sucuri.

Malware 111

Malware Hacking Accountability Cybercrime 111

Security Affairs

MAY 4, 2023

NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first spotted in late January 2023 while targeting the browsers of Windows systems. ” reads the post published by Facebook.

Malware 91

Malware Accountability Advertising Education 91

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The campaigns have been relatively small in volume, sent from spoofed domains, and targeting users’ Gmail accounts.”

Phishing 85

Phishing Education Accountability Telecommunications 85