SecureList

JUNE 26, 2023

In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe. We then ran these software names against Kaspersky Security Network (KSN)* telemetry to find out how much malware and unwanted software was distributed under the guise of these applications.

Cybercrime 90

Cybercrime Phishing Banking Malware 90

Krebs on Security

MARCH 22, 2023

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. 3, 2023 post on BreachForums, comparing the redacted code from the DarkNavy analysis with the same function in the Pinduoduo app available for download at the time.

Malware 272

Malware eCommerce Mobile Media 272

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 109

Ransomware Hacking Healthcare Retail 109

The Last Watchdog

NOVEMBER 16, 2023

2023 – Given the sharpening complexity of cyber threats, our digital and physical infrastructure faces mounting challenges. This is accelerating the professionalization of cybercrime. AI will enable more sophisticated attack methods such as polymorphic malware, which mutates with every infection, making detection a difficult task.

Cybercrime 100

Cybercrime Malware Technology Cyber threats 100

Security Affairs

OCTOBER 22, 2023

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the usage of Ducktail stealer. ” reads the report published by WithSecure.

Malware 103

Malware Cybercrime Hacking Information Security 103

Security Affairs

MAY 3, 2024

This feature prevents malware execution outside the infected machine, a feature that had been abandoned by many malware variants that borrow the Zeus leaked source code. “Zloader has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus.” “The latest version, 2.4.1.0,

Malware 117

Malware Banking Hacking Cybercrime 117

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 115

Cybercrime Ransomware DDOS Encryption 115

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 243

Malware Passwords Accountability Advertising 243

Security Affairs

AUGUST 15, 2023

Researchers discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with information stealers. Threat intelligence firm Hudson Rock has discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with various information stealer malware.

Cybercrime 68

Cybercrime Passwords Data breaches Malware 68

Security Affairs

MARCH 23, 2024

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. Malware uses this difference to try and stay hidden.

Malware 129

Malware Engineering Hacking Cybercrime 129

Thales Cloud Protection & Licensing

OCTOBER 11, 2023

Protect Your Organization from Cybercrime-as-a-Service Attacks madhav Thu, 10/12/2023 - 04:53 In years gone by, only large enterprises needed to be concerned with cybercrime. However, Cybercrime-as-a-Service (CaaS) offerings have essentially democratized cybercrime. What is Cybercrime-as-a-Service?

Cybercrime 77

Cybercrime Encryption DDOS Backups 77

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023. ” reads the analysis published by Kaspersky. .”

Cybercrime 90

Cybercrime Ransomware Education Media 90

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3 before 5.17.6

Ransomware 116

Ransomware Cybercrime Software Encryption 116

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

Security Affairs

MAY 20, 2023

The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. — Microsoft Threat Intelligence (@MsftSecIntel) May 18, 2023 The Clop ransomware is just the newest strain the cybercrime gang has used to attacks in the wild.

Cybercrime 86

Cybercrime Ransomware Security Intelligence Hacking 86

Security Affairs

MAY 26, 2024

million individuals North Korea-linked Kimsuky used a new Linux backdoor in recent attacks International Press – Newsletter Cybercrime Healthcare company WebTPA discloses breach affecting 2.5 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Fix it now!

Healthcare 97

Healthcare Spyware Data breaches Banking 97

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 103

VPN Cybercrime Ransomware Hacking 103

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. If successful, it initiates a self-forking mechanism, constituting the sole anti-debugging/anti-analysis measure incorporated into the malware. 4 Run a Linux command in a separate thread.

Malware 96

Malware VPN Encryption Hacking 96

SecureWorld News

MARCH 29, 2024

Malvertising acts as a vessel for malware propagation. Just to illustrate the scope of the issue, the Malwarebytes Threat Intelligence team spotted more than 800 malvertising campaigns in only the first six months of 2023, noting that the number of attacks that flew under researchers' radar was likely much higher.

Cybercrime 82

Cybercrime Advertising Engineering Antivirus 82

Security Affairs

JANUARY 1, 2024

In October 2023, a developer known as PRISMA first uncovered an exploit that allows the generation of persistent Google cookies through token manipulation. Subsequently, other malware integrated the exploit, including Rhadamanthys, Risepro, Meduza , Stealc Stealer and recently the White Snake. ” continues the report.

Malware 128

Malware Penetration Testing Passwords Encryption 128

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. We created a private report about this after an article claimed that the malware was used in the geopolitical conflict. Meanwhile, the malware itself evolved, adding an LDAP-based self-spreading mechanism.

Ransomware 121

Ransomware Malware Architecture Telecommunications 121

Security Affairs

JANUARY 30, 2024

The company is working to restore the impacted systems and is investigating the incident with the help of leading cybersecurity firms, The Cactus ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware 123

Ransomware Hacking Data breaches Digital transformation 123

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 102

Ransomware Data collection Hacking Cybersecurity 102

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 89

Malware Cybercrime Banking Hacking 89

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 104

Ransomware Data collection Cyber threats Hacking 104

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE 1.7

Cybersecurity 104

Cybersecurity Spyware Data breaches Passwords 104

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. of attacks in 2023), while summer was the most active for ransomware attacks (30.4%). The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023.

Ransomware 117

Ransomware Manufacturing Retail Insurance 117

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 93

Cybercrime Spyware Data breaches Antivirus 93

Security Affairs

MARCH 24, 2024

Players hacked during the matches of Apex Legends Global Series. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Is it a Russia’s weapon?

Malware 96

Malware Cybercrime Hacking Cyber threats 96

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The Rhysida ransomware group has been active since May 2023.

Hacking 119

Hacking Ransomware Manufacturing Healthcare 119

Security Affairs

JANUARY 9, 2024

The malware supports multiple capabilities, including bypassing anti-viruses and covertly launching hidden applications, browsers, and keyloggers. Another malware developed by the same group is called S500 RAT. A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT.

Malware 111

Malware Media Hacking Encryption 111

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 86

Malware Cybercrime Banking Software 86

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpol and ran from September to November 2023 involving law enforcement agencies from 50 countries.

Cybercrime 91

Cybercrime Banking Phishing Malware 91

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” The CVE-2023-27350 (CVSS score – 9.8)

Cybercrime 73

Cybercrime Software Education Ransomware 73

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 96

Antivirus Malware DNS Cryptocurrency 96

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. These are attractive aspects that cybercrime groups will be unable to resist. Analysis of forecasts for 2022.

Cryptocurrency 92

Cryptocurrency Mobile Ransomware Banking 92

SecureList

NOVEMBER 28, 2022

Although the main types of threats (phishing, scams, malware, etc.) Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. 2023 promises a wealth of new releases.

Education 121

Education Phishing Scams Social Engineering 121