Security Affairs

MARCH 23, 2024

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. Malware uses this difference to try and stay hidden.

Malware 132

Malware Engineering Hacking Cybercrime 132

Security Affairs

MAY 20, 2023

The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. — Microsoft Threat Intelligence (@MsftSecIntel) May 18, 2023 The Clop ransomware is just the newest strain the cybercrime gang has used to attacks in the wild.

Cybercrime 94

Cybercrime Ransomware Security Intelligence Hacking 94

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3

Ransomware 119

Ransomware Cybercrime Software Encryption 119

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 98

Malware Cybercrime Banking Hacking 98

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 113

Ransomware Data collection Cyber threats Hacking 113

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN. 4 Run a Linux command in a separate thread.

Malware 107

Malware VPN Encryption Hacking 107

Security Affairs

JANUARY 1, 2024

In October 2023, a developer known as PRISMA first uncovered an exploit that allows the generation of persistent Google cookies through token manipulation. Subsequently, other malware integrated the exploit, including Rhadamanthys, Risepro, Meduza , Stealc Stealer and recently the White Snake. ” continues the report.

Malware 136

Malware Penetration Testing Passwords Encryption 136

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 111

Ransomware Data collection Hacking Cybersecurity 111

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” The CVE-2023-27350 (CVSS score – 9.8)

Cybercrime 83

Cybercrime Software Education Ransomware 83

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. of attacks in 2023), while summer was the most active for ransomware attacks (30.4%). The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023.

Ransomware 126

Ransomware Manufacturing Retail Insurance 126

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware 94

Malware Cybercrime Banking Software 94

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. The new Beep malware is top of mind for organizations and individuals.

Cyber threats 72

Cyber threats Malware Phishing Penetration Testing 72

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 106

Antivirus Malware DNS Cryptocurrency 106

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories) TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE 1.7

Cybersecurity 114

Cybersecurity Spyware Data breaches Passwords 114

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 113

VPN Cybercrime Ransomware Hacking 113

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpol and ran from September to November 2023 involving law enforcement agencies from 50 countries.

Cybercrime 101

Cybercrime Banking Phishing Malware 101

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 105

Malware Identity Theft Banking Ransomware 105

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Thus, user interaction is required to begin the malware installation.”

Malware 96

Malware Phishing Banking Hacking 96

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. On January 2023, the experts observed a minor number of campaigns, but with greater email volumes. ” reads the post published by Proofpoint.

Malware 90

Malware Phishing Spyware Cybercrime 90

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime 226

Cybercrime Advertising IoT Malware 226

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 86

Ransomware Cybercrime Cybersecurity Hacking 86

Security Affairs

JUNE 5, 2023

VMware’s Carbon Black Managed Detection and Response (MDR) team observed a surge of TrueBot activity in May 2023. Researchers at VMware’s Carbon Black Managed Detection and Response (MDR) team warn of a surge of TrueBot activity in May 2023. “TrueBot can be a particularly nasty infection for any network.

Malware 86

Malware Ransomware Hacking Software 86

Security Affairs

MARCH 24, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices.

Malware 105

Malware Cybercrime Hacking Cyber threats 105

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 97

Malware Education Accountability Media 97

Security Affairs

JANUARY 17, 2023

The packages were discovered on January 10, 2023, the packages “colorslib” and “httpslib” were published on January 7, 2023, while “libhttps” was published on January 12, 2023. The packages are designed to drop malware on compromised developer systems. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware 95

Malware Hacking Cybercrime Information Security 95

Security Affairs

SEPTEMBER 15, 2023

The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrute malware. In February 2023, Pankov was charged with conspiracy, access device fraud, and computer fraud. The NLBrute malware allows operators to compromise protected computers by decrypting login credentials. The sentencing date has yet to be set.

Malware 102

Malware Marketing Passwords Hacking 102

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 104

Data breaches Banking Hacking Malware 104

BH Consulting

NOVEMBER 22, 2023

Among them were: attacks against critical infrastructure, increasing regulation, the need for empathy from security pros, and – naturally – AI. From the off, 2023 struck a more downbeat tone than last year’s edition. Stuxnet in 2010 was the first the most recent was CosmicEnergy in 2023.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. Ensure that your systems are up to date with the latest security patches and software updates. Employ robust antivirus and anti-malware solutions, along with intrusion detection systems, to identify and block potential threats.

Social Engineering 118

Social Engineering Ransomware Engineering Phishing 118

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches 108

Data breaches Cybercrime Ransomware Hacking 108

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 86

Data breaches VPN Hacking Banking 86

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 119

Ransomware Hacking Healthcare Retail 119

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 104

Artificial Intelligence VPN Hacking Firewall 104

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 94

Cybercrime Malware Hacking Accountability 94

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 85

Malware Cybercrime Cryptocurrency Social Engineering 85

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware 114

Malware Banking Phishing Engineering 114

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.

Ransomware 137

Ransomware Encryption Malware Accountability 137