SecureWorld News

OCTOBER 31, 2022

Persistent ransomware threats, increasing risk to critical infrastructure, state-sponsored activity, more bad actors, and new, disruptive technologies are the five cyber threat narratives noted in the National Cyber Threat Assessment 2023-2024 recently released by the Canadian Centre for Cyber Security. Ransomware.

Cyber threats 81

Cyber threats Consumer Services Technology Cybercrime 81

Malwarebytes

SEPTEMBER 19, 2023

In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations (FBI), apprehended two suspects and seized computer equipment. Cryptocurrency investigators use specialized strategies to track down criminals.

Ransomware 111

Ransomware Backups Cryptocurrency Cybercrime 111

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 81

Data breaches Cybercrime Firewall Artificial Intelligence 81

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 78

Malware Cybercrime Cryptocurrency Social Engineering 78

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus.

Malware 80

Malware Spyware Cryptocurrency Government 80

Security Affairs

JULY 2, 2023

Illicit Telegram Communities Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant Malware Trojanized Super Mario Game Installer Spreads SupremeBot Malware Initial research exposing JOKERSPY Who is 8BASE?

Cybercrime 87

Cybercrime Hacking Ransomware Malware 87

Security Affairs

AUGUST 4, 2023

On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were developed to exfiltrate sensitive developer source code and other confidential information. “This seems to be another highly-targeted attack on developers involved in the cryptocurrency sphere.

Cryptocurrency 85

Cryptocurrency Marketing Encryption Passwords 85

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 94

Data breaches Malware Mobile Spyware 94

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. eScan acknowledged the flaw and addressed it on July 31, 2023. Puppeteer orchestrates the core functionality of the malware, including the cryptocurrency mining as well as the backdoor deployment.

Antivirus 100

Antivirus Malware DNS Cryptocurrency 100

Security Affairs

MARCH 23, 2023

Telegram) since January 2023. “Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals and cryptocurrency services, such as credentials stealing and SMS interception. The Nexus Trojan can target multiple banking and cryptocurrency in an attempt to take over customers’ accounts.

Banking 80

Banking Cryptocurrency Malware Advertising 80

Security Affairs

DECEMBER 20, 2023

The macOS variant of the malware was first spotted in July 2023, it was spreading in the form of installers for pirated legitimate software such as CapCut or AnyConnect. Writing to the clipboard:a common tactic for stealing cryptocurrency funds. Password encryption keys key4.db Executing shell commands.

Malware 111

Malware Passwords Cryptocurrency Software 111

SecureList

SEPTEMBER 28, 2023

Last month we covered a wide range of cybercrime topics. But there’s more going on in the cybercrime landscape, so we also published reports on new versions of the Lumma stealer and Zanubis Android banking trojan. They are now hex encoded and encrypted with an XOR key (first 4 bytes of the string).

Banking 107

Banking Malware Cybercrime Encryption 107

SecureList

NOVEMBER 23, 2023

In our previous summary of consumer predictions , we delved into tactics that we expected scammers and cybercriminals to use in 2023. Despite the fact that our predictions regarding Metaverse did not fully materialize in 2023, we reiterate what we said earlier, as we consider this a long-term trend.

VPN 105

VPN Scams Education Internet 105

SecureList

DECEMBER 13, 2023

In many ways, Akira is no different from other ransomware families: shadow copies are deleted (using a combination of PowerShell and WMI); logical drives are encrypted, and certain file types and directories are skipped; there is a leak/communication site on TOR; and so on. AMOS was first discovered in April 2023.

Ransomware 105

Ransomware Passwords Malware Encryption 105

Security Affairs

FEBRUARY 21, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data.

Energy and Utilities 91

Energy and Utilities Ransomware Manufacturing Financial Services 91

SecureList

OCTOBER 24, 2023

Next, Lumar starts three different threads, each one looking for specific data: txt,doc,jpg,rdp,xls, etc files; browser cookies and cached passwords; files associated with cryptocurrency wallets. The data is then gathered, zipped and sent to the C2. The C2 is hosted by the malware author as they are selling the whole package as a MaaS.

Ransomware 107

Ransomware Malware Advertising Passwords 107

Security Affairs

FEBRUARY 20, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data.

Energy and Utilities 101

Energy and Utilities Ransomware Manufacturing Financial Services 101

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing. agencies]. .”

Cryptocurrency 238

Cryptocurrency Cybercrime Computers and Electronics Scams 238

Security Affairs

MARCH 27, 2023

Introduction During March 2023, we obtained information and data regarding an ongoing malware operation hitting more than 8.000 targets within a few weeks, with a particular emphasis on North American, Italian, and French targets. After this, it downloads the payload and executes it through the “Process.Start”.NET

Malware 84

Malware Social Engineering Encryption Marketing 84

SecureList

APRIL 10, 2023

The offers presented in this report were published between 2019 and 2023 and were collected from the nine most popular forums for the purchase and sale of goods and services related to malware and unwanted software. Most frequently, sellers promise to inject code into an app with 5,000 downloads or more.

Malware 115

Malware Encryption Mobile Accountability 115

SecureList

JANUARY 17, 2024

In 2023, for instance, there was a significant rise in posts offering login credentials and passwords for various personal and work accounts. To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022.

Marketing 120

Marketing Cryptocurrency Malware Ransomware 120

SecureWorld News

FEBRUARY 16, 2023

9, 2023, alert issued by the U.S. This advisory highlights TTPs and IOCs DPRK cyber actors used to gain access to and conduct ransomware attacks against Healthcare and Public Health (HPH) Sector organizations and other critical infrastructure sector entities, as well as DPRK cyber actors' use of cryptocurrency to demand ransoms."

Healthcare 93

Healthcare Ransomware Cryptocurrency Cybercrime 93

SecureList

NOVEMBER 14, 2023

In this article, we will review the past year’s trends to see which of our 2023 predictions have come true, and try to predict what is to come in 2024. However, instead of encrypting the data, it purposefully destroyed it in the affected systems. We have not seen anything of the kind in 2023. Drone hacking!

Hacking 119

Hacking Energy and Utilities Media Malware 119

Security Affairs

FEBRUARY 25, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. If I may have used the same cryptocurrency exchange service that someone from Evil Corp used it absolutely does not mean I have anything to do with Evil Corp, again where are the transactions?

Government 116

Government Hacking Cryptocurrency Penetration Testing 116

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 89

Data breaches Ransomware Hacking Financial Services 89