Malwarebytes

FEBRUARY 6, 2024

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV.

Ransomware 100

Ransomware Cybercrime Malware Social Engineering 100

Security Affairs

OCTOBER 18, 2023

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day. ” reported Google TAG.

Cybercrime 122

Cybercrime Malware Software Hacking 122

Bleeping Computer

JUNE 18, 2023

A new information-stealing malware named 'Mystic Stealer,' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community. [.]

Malware 125

Malware Cybercrime Marketing Hacking 125

Malwarebytes

FEBRUARY 14, 2024

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. There were about 4,500 known ransomware attacks in 2023, although the true figure is probably twice that.

Ransomware 73

Ransomware Cybercrime Backups Malware 73

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept. defense contractors.

Cybercrime 286

Cybercrime Passwords Authentication Malware 286

The Hacker News

AUGUST 15, 2023

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023.

Cybercrime 88

Cybercrime Data collection Malware Software 88

Security Affairs

OCTOBER 22, 2023

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the usage of Ducktail stealer. ” reads the report published by WithSecure.

Malware 107

Malware Cybercrime Hacking Information Security 107

Security Affairs

MAY 3, 2024

This feature prevents malware execution outside the infected machine, a feature that had been abandoned by many malware variants that borrow the Zeus leaked source code. “Zloader has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus.” “The latest version, 2.4.1.0,

Malware 120

Malware Banking Hacking Cybercrime 120

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 119

Cybercrime Ransomware DDOS Encryption 119

CyberSecurity Insiders

JANUARY 25, 2023

By Immanuel Chavoya, Emerging Threat Expert, SonicWall 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. In 2023, we should expect continued change as emerging tech and geopolitical conflicts meet to create an even more complicated and risky threat landscape.

Cyber threats 127

Cyber threats Cybercrime Healthcare IoT 127

Security Affairs

MARCH 23, 2024

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. Malware uses this difference to try and stay hidden.

Malware 132

Malware Engineering Hacking Cybercrime 132

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 143

Ransomware CISO Software Cybercrime 143

CSO Magazine

JANUARY 10, 2023

Today, cybercrime-as-a-service is a lucrative and growing business model among criminals. These are among the findings of the Sophos’ 2023 Threat Report, which details how the cyberthreat landscape has changed due to an easier barrier of entry for criminal hopefuls. Ransomware is still a massive threat to organizations.

Cybercrime 88

Cybercrime Ransomware Threat Reports Malware 88

SecureWorld News

MARCH 29, 2024

Malvertising acts as a vessel for malware propagation. Just to illustrate the scope of the issue, the Malwarebytes Threat Intelligence team spotted more than 800 malvertising campaigns in only the first six months of 2023, noting that the number of attacks that flew under researchers' radar was likely much higher.

Cybercrime 84

Cybercrime Advertising Engineering Antivirus 84

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. An interesting detail about the organization is that they do not make their own strains of malware. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023. ” reads the analysis published by Kaspersky. .”

Cybercrime 91

Cybercrime Ransomware Education Media 91

SecureWorld News

AUGUST 16, 2023

Recent research conducted by Hudson Rock has shed light on the extensive compromise of computers and the exposure of hackers within cybercrime forums. Hudson Rock's research delved deep into the underbelly of the cyber world, focusing on the top 100 cybercrime forums.

Cybercrime 72

Cybercrime Passwords Data collection Data breaches 72

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3 before 5.17.6

Ransomware 119

Ransomware Cybercrime Software Encryption 119

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 234

Malware Passwords Accountability Advertising 234

SecureList

NOVEMBER 9, 2022

What cyberthreats for business will be the greatest in 2023? The ongoing geopolitical storm brings not only classical cyberthreats for business, but also unpredictable risks and ‘black swans’ The main problem for 2023 will be supply-chain stability and cybersecurity. Threat modeling approaches will be changed in 2023.

Cybersecurity 121

Cybersecurity Cyber Insurance Cybercrime IoT 121

Security Affairs

MAY 20, 2023

The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. — Microsoft Threat Intelligence (@MsftSecIntel) May 18, 2023 The Clop ransomware is just the newest strain the cybercrime gang has used to attacks in the wild.

Cybercrime 86

Cybercrime Ransomware Security Intelligence Hacking 86

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 93

Malware Cybercrime Banking Hacking 93

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. These include: Magento – CVE-2022-24086 Qlik Sense – CVE-2023-41265, CVE-2023-41266 , and CVE-2023-48365 Ivanti Connect Secure – CVE-2023-46805 and CVE-2024-21887 , CVE-2024-21888 and CVE-2024-21893.

Malware 100

Malware VPN Encryption Hacking 100

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 107

Ransomware Data collection Cyber threats Hacking 107

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 105

Ransomware Data collection Hacking Cybersecurity 105

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Source: Reliaquest.com.

Hacking 253

Hacking Malware Ransomware Government 253

Security Affairs

JANUARY 1, 2024

In October 2023, a developer known as PRISMA first uncovered an exploit that allows the generation of persistent Google cookies through token manipulation. Subsequently, other malware integrated the exploit, including Rhadamanthys, Risepro, Meduza , Stealc Stealer and recently the White Snake. ” continues the report.

Malware 131

Malware Penetration Testing Passwords Encryption 131

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. Until now, DarkGate was typically distributed via phishing emails.

Malware 113

Malware Social Engineering Cryptocurrency Cybercrime 113

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. of attacks in 2023), while summer was the most active for ransomware attacks (30.4%). The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023.

Ransomware 121

Ransomware Manufacturing Retail Insurance 121

Identity IQ

DECEMBER 20, 2023

2023: A Year of Record-Breaking Data Breaches IdentityIQ This past year has been an eye-opening year in the realm of digital security. Here, we review the largest data breaches of 2023, analyze the trends, and review proactive measures to navigate the future of security. But the numbers alone tell only part of the story.

Data breaches 72

Data breaches Identity Theft Cybercrime Social Engineering 72

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Firmware 116

SecureWorld News

JUNE 7, 2023

Free speech and digital privacy appear to be key components left out of a United Nations (UN) Cybercrime Treaty being proposed, primarily, by Russia. And what has emerged so far contemplates [ PDF ] more than 30 new cybercrime offenses, with few concessions to free speech or human rights."

Cybercrime 85

Cybercrime CSO Technology Surveillance 85

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 100

Antivirus Malware DNS Cryptocurrency 100

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” The CVE-2023-27350 (CVSS score – 9.8)

Cybercrime 74

Cybercrime Software Education Ransomware 74

Tech Republic Security

JUNE 29, 2023

A new report from Kaspersky reveals the top cyber threats for SMBs in 2023. The post Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023 appeared first on TechRepublic. Read more about it and how to protect organizations from it.

Cyber threats 141

Cyber threats Scams Phishing Cybercrime 141

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 87

Malware Cybercrime Banking Software 87

BH Consulting

AUGUST 16, 2023

Shedding the light of the law on cybercrime methods Today’s cybercrime landscape involves criminals operating across borders as business-like syndicates, says Europol. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52