SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. In 2022, Kaspersky solutions detected over 74.2M

Ransomware 120

Ransomware Malware Architecture Telecommunications 120

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 83

Malware Cybercrime Banking Software 83

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. Kloster’s blog enthused. “We A copy of the passport for Denis Emelyantsev, a.k.a.

Cybercrime 227

Cybercrime Advertising IoT Malware 227

Graham Cluley

MAY 11, 2023

Akira is a new family of ransomware, first used in cybercrime attacks in March 2023. Read more about the threat in my article on the Tripwire State of Security blog.

Ransomware 109

Ransomware Cybercrime Data breaches Malware 109

BH Consulting

AUGUST 16, 2023

Shedding the light of the law on cybercrime methods Today’s cybercrime landscape involves criminals operating across borders as business-like syndicates, says Europol. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 91

Malware Education Accountability Media 91

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. The malware environment checking and Anti-VM functions. com, malicious activity increased significantly in March 2023. “Based on our traffic source data to the host, evilextractor[.]com,

Cybercrime 83

Cybercrime Malware Education Phishing 83

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 73

Ransomware Cybercrime Cybersecurity Hacking 73

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 84

Cybercrime Malware Hacking Accountability 84

Security Affairs

MAY 4, 2023

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. environment.

Malware 89

Malware Accountability Advertising Education 89

SecureList

JANUARY 17, 2024

In 2023, for instance, there was a significant rise in posts offering login credentials and passwords for various personal and work accounts. To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022.

Marketing 110

Marketing Cryptocurrency Malware Ransomware 110

BH Consulting

NOVEMBER 22, 2023

From the off, 2023 struck a more downbeat tone than last year’s edition. Rising attacks against critical infrastructure Data Breach Today reported that cyberattacks against Ukrainian critical infrastructure have intensified during 2023. “In Stuxnet in 2010 was the first the most recent was CosmicEnergy in 2023.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

BH Consulting

OCTOBER 15, 2023

Ransomware an ongoing threat to industry as crime gangs organise Malware-based cyber-attacks are the most prominent threat to industry, Europol says. A companion to Europol’s IOCTA 2023 report , it digs deeper into malware – ransomware in particular – and DDoS attacks. MORE Have you signed up to our monthly newsletter?

Ransomware 52

Ransomware Data breaches CSO Cyber Attacks 52

Security Affairs

APRIL 13, 2023

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware. ” reads the advisory published by the JVN.

Malware 91

Malware Mobile Education Media 91

SecureList

NOVEMBER 14, 2022

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor.

Firmware 110

Firmware Surveillance Mobile Telecommunications 110

CyberSecurity Insiders

MARCH 31, 2023

Here are the latest threats and advisories for the week of March 31, 2023. The fears of the remaining Breached hacking forum admin, who shut down the notorious cybercrime meeting ground last week, have come true. To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog.

Malware 52

Malware Phishing DDOS Scams 52

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 73

Surveillance Malware Spyware Education 73

Security Affairs

APRIL 18, 2023

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force researchers recently discovered a new malware family, called Domino, which was created by developers associated with the FIN7 cybercriminal group (tracked by X-Force as ITG14).

Ransomware 73

Ransomware Cybercrime Malware Education 73

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 80

Spyware Surveillance Artificial Intelligence Data breaches 80

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 224

Ransomware Accountability Cybercrime Backups 224

CyberSecurity Insiders

MARCH 24, 2023

Here are the latest threats and advisories for the week of March 24, 2023. functions as a Ransomware-as-a-Service (RaaS) model and an affiliate-based malware. Breached was a cybercrime forum that was a hotbed for criminal activity. Threat Advisories and Alerts CISA and FBI Release Advisory on LockBit Ransomware The U.S.

Financial Services 52

Financial Services Ransomware Cybercrime Hacking 52

Security Affairs

MARCH 2, 2023

Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. One campaign attempted to infect law firm employees with the GootLoader malware.

Malware 77

Malware Ransomware Engineering Internet 77

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec hacking activity surged in the past year and the cybercrime gang was spotted using a new GhostLocker 2.0 is written in Go, it was announced in November 2023. The GhostLocker 2.0 GhostLocker 2.0

Ransomware 110

Ransomware Encryption Cybercrime Hacking 110

Security Affairs

APRIL 18, 2023

The two companies teamed up with Flare to curb the operations of the malware operators. The experts discovered that the malware control panels use GitHub repositories as dead-drop resolvers. The info-stealer is considered a commodity malware that is available through malware-as-a-service model.

Malware 82

Malware Education Media Authentication 82

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. It appears we are late to the game. The MacOS variant has been available since November 11th, 2022.

Encryption 95

Encryption Architecture Ransomware Education 95

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware 78

Ransomware Education Media Malware 78

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 68

Spyware Ransomware Malware Data breaches 68

Security Affairs

OCTOBER 12, 2023

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. The Balada injector is a malware family that has been active since 2017. The malware supports multiple attack vectors and persistence mechanisms. . ” continues Sucuri.

Malware 108

Malware Hacking Accountability Cybercrime 108

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. This blog post contains excerpts from those reports.

Banking 97

Banking Malware Cybercrime Encryption 97

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 83

Data breaches Cybercrime Ransomware Passwords 83

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 84

Data breaches DDOS Artificial Intelligence Ransomware 84

Digital Shadows

NOVEMBER 1, 2022

As we move towards the end of 2022, now is the time to take a look back at the major trends from the last eleven months and identify what might happen from a cyber threat perspective in 2023. Taking this approach allows the group to speed up the process of an attack, given destructive malware is less complicated than ransomware.

Cyber threats 52

Cyber threats Ransomware Media Data breaches 52

Security Affairs

MAY 15, 2023

Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. A sample of the ransomware analyzed by Talos is written in C++ and was compiled on April 23, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware 79

Ransomware Encryption Cybercrime Insurance 79

Security Boulevard

JANUARY 2, 2024

While the “prediction season” gains momentum, it's pivotal to reflect on the high impact of the 2023 cybersecurity landscape. Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Security Affairs

APRIL 6, 2023

The submissions were classified as either phishing or malware. Phishing and Malware Q3 & Q4 2022 The results depicted in Figure 1 show that phishing campaigns (98,7%) were more prevalent than malware (1,3%) during Q3 and Q4 2022. of the total, in comparison with 31.1% in Q2 2022.

Threat Reports 76

Threat Reports Phishing Malware Banking 76

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT. .”

Malware 88

Malware Phishing VPN Accountability 88

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com c2 arrowlchat[.]com

Encryption 82

Encryption Malware Cryptocurrency Software 82