Security Affairs

MAY 30, 2022

Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK ’s Threat Intelligence Research team has disclosed a new ransomware strain called GoodWill, that demands victims the payment of a ransom through donations for social causes and financially helping people in need.

Ransomware 114

Ransomware Media Hacking Cybersecurity 114

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. ” reads the analysis published by Mandiant.

Ransomware 138

Ransomware Cybercrime Malware Hacking 138

Security Affairs

JUNE 10, 2022

Threat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have observed threat actors exploiting the recently disclosed CVE-2022-26134 remote code execution vulnerability in Atlassian Confluence servers to deploy cryptocurrency miners.

Cryptocurrency 130

Cryptocurrency Malware Hacking Cybersecurity 130

Security Affairs

MAY 26, 2022

Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary observed a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. ” reads the analysis published by the experts.

Malware 127

Malware Spyware Threat Detection Engineering 127

Security Affairs

JUNE 16, 2022

Researchers at antivirus firm Dr. Web discovered malware in the Google Play Store that was downloaded two million times. However, the experts warn that info-stealing Trojans are the most dangerous threats for Android users, they could be used to steal sensitive data such as login credentials and authorization for multiple services online.

Adware 97

Adware Antivirus Malware Software 97

Security Affairs

MAY 25, 2022

Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Government 116

Government Malware Phishing Hacking 116

Cisco Security

MARCH 11, 2021

Part 1: Top threat categories. The challenge is that the most active threats change over time, as the prevalence of different attacks ebb and flows. This is where it becomes helpful to know about the larger trends on the threat landscape. While performing this analysis we looked at a wide variety of threat trends.

DNS 138

DNS Phishing Ransomware Internet 138

Security Affairs

MAY 23, 2022

Researchers from SEKOIA.IO SEKOIA researchers started their investigation after the publication of Google’s Threat Analysis Group (TAG)’s report “ Update on cyber activity in Eastern Europe ” which detailed the activity of nation-state actors against Eastern Europe. org jadlactnato.webredirect[.]org. Pierluigi Paganini.

Government 124

Government Hacking Cybersecurity Information Security 124

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. The virtualization giant recently warned that a threat actor can exploit the CVE-2022-22972 flaw (CVSSv3 base score of 9.8) ” reads the analysis published by the researchers.

Authentication 137

Authentication Healthcare Education Cybersecurity 137

Jane Frankland

OCTOBER 31, 2023

C-suites across all industries, from traditional finance to the latest “unicorns” emerging in the fintech industry, are facing a formidable challenge: how to protect their business and customer data against growing cyber threats. I’ve partnered with e2e-assure, a leading managed threat detection and response firm as I believe in their brand.

CISO 147

CISO Threat Detection Cyber threats Cybercrime 147

Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. It was reported via the Sophos bug bounty program by an external security researcher. The threat actors used a zero-day exploit to drop a webshell backdoor and target the customer’s staff.

Firewall 136

Firewall DNS Authentication Malware 136

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. The PingPull Trojan is written in Visual C++, it was used by threat actors to access a reverse shell and run arbitrary commands on compromised systems.

Telecommunications 97

Telecommunications Government Internet Internet 97

Security Affairs

JUNE 11, 2022

The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. “The dropped binary is a .NET

DNS 144

DNS Telecommunications Malware Phishing 144

Security Affairs

MAY 24, 2022

Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy malware. Trend Micro addressed a DLL hijacking flaw in Trend Micro Security that a China-linked threat actor actively exploited to deploy malware. ” reads the advisory published by Trend Micro.

Malware 103

Malware Telecommunications Internet Internet 103

Security Affairs

MAY 27, 2022

ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. According to the experts, ERMAC is operated by threat actors behind the BlackRock mobile malware. According to the experts, ERMAC is operated by threat actors behind the BlackRock mobile malware.

Banking 141

Banking Malware Cybercrime Phishing 141

Security Affairs

MAY 31, 2022

Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. Pierluigi Paganini.

Encryption 99

Encryption Malware Phishing Hacking 99

Security Affairs

JUNE 12, 2022

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Ransomware 128

Ransomware DNS Cybercrime Hacking 128

Security Affairs

JUNE 13, 2022

The HelloXD ransomware first appeared in the threat landscape on November 30, 2021, it borrows the code from Babuk ransomware , which is available in Russian-speaking hacking forums since September 2021. The second sample analyzed by the researchers is more obfuscated and is executed in memory by a packer instead of a loader.

Ransomware 95

Ransomware Malware Hacking Cybersecurity 95

Security Affairs

JUNE 21, 2022

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020.

Architecture 126

Architecture Malware Hacking Cybersecurity 126

Security Affairs

MAY 23, 2022

Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. ” continues the report. To nominate, please visit:?.

DDOS 121

DDOS Media Hacking Engineering 121

Security Affairs

MAY 26, 2022

video scam led Cybernews researchers into exposing threat actors who are poisoning Facebook. video scam has led Cybernews researchers to a cybercriminal stronghold, from which threat actors have been infecting the social media giant with thousands of malicious links every day. Original post @ [link]. Pierluigi Paganini.

Scams 132

Scams Phishing Media Passwords 132

Security Affairs

MAY 28, 2022

MalwareHunterTeam researchers spotted malware samples [ 1 , 2 ] that drop the following wallpaper that promotes the site. Recently MalwareHunterTeam researchers discovered a new sample of the Industrial Spy malware, which appeared like a ransom note. Here is the wallpaper that gets dropped on systems where one of their samples run.

Ransomware 137

Ransomware Malware Hacking Accountability 137

Security Affairs

JUNE 19, 2022

In middle June, the Wordfence Threat Intelligence team noticed a back-ported security update in the popular WordPress plugin Ninja Forms, which has over one million active installations. The researchers believe that this vulnerability is being actively exploited in the wild, it has been rated with a CVSS score of 9.8. and 3.6.11.

Hacking 124

Hacking Cybersecurity Information Security 124

Security Affairs

JUNE 16, 2022

Microsoft researchers have observed BlackCat ransomware gang targeting unpatched Exchange servers to compromise organizations worldwide. The compromise of Exchange servers allows threat actors to access the target networks, perform internal reconnaissance and lateral movement activities, and steal sensitive documents before encrypting them.

Ransomware 113

Ransomware Cybercrime Malware Advertising 113

Security Affairs

JUNE 3, 2022

Volexity researchers discovered the issue as part of an investigation into an attack that took over the Memorial Day weekend. Volexity determined that threat actors launched an exploit to achieve remote code execution, they triggered a zero-day vulnerability that impacted fully up-to-date versions of Confluence Server.

Internet 142

Internet Internet Authentication Hacking 142

Security Affairs

JUNE 15, 2022

Researchers discovered a new Golang-based peer-to-peer (P2P) botnet, dubbed Panchan, targeting Linux servers in the education sector since March 2022. Akamai security researchers discovered a new Golang-based P2P Botnet, tracked as Panchan, that is targeting Linux servers that has been active since March 2022. Pierluigi Paganini.

Malware 98

Malware Cryptocurrency Education Engineering 98

Thales Cloud Protection & Licensing

APRIL 16, 2024

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection madhav Wed, 04/17/2024 - 05:22 Our last blog Ransomware Attacks: The Constant and Evolving Cybersecurity Threat described the ever dangerous and evolving cybersecurity threat of ransomware.

Encryption 62

Encryption Ransomware Antivirus Government 62

Security Affairs

JUNE 14, 2022

Researchers from Confiant have uncovered a sophisticated malware campaign, tracked as SeaFlower, targeting Web3 wallet users. The threat actors targeted the following web3 wallets: Coinbase Wallet (iOS, Android) MetaMask wallet (iOS, Android) TokenPocket (iOS, Android) imToken (iOS, Android). Pierluigi Paganini.

Engineering 87

Engineering Malware Hacking Cybersecurity 87

Security Affairs

JUNE 1, 2022

This week, the cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) Researchers from Proofpoint reported that TA413 is conducting a spear-phishing campaign that uses ZIP archives containing weaponized Word Documents. in Microsoft Office in attacks in the wild. Pierluigi Paganini.

Malware 104

Malware Phishing Hacking Cybersecurity 104

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Upon installing the threat, the bot drops a file in /tmp/.pwned Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. CVE-2022-22947 : RCE flaw in Spring.

Malware 142

Malware DDOS IoT Cybercrime 142

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Hacking 88

Hacking Cybersecurity Information Security 88

Security Affairs

MAY 25, 2022

” SilverTerrier has been active since at least 2014 and focuses on BEC attacks, it is a collective of over hundreds of individual threat actors. In May 2020, researchers at Palo Alto Networks observed the Nigerian cyber gang using COVID-19 lures in a wave of attacks on healthcare and government organizations.

Cybercrime 132

Cybercrime Healthcare Cybersecurity Phishing 132

Security Affairs

JUNE 3, 2022

Researchers from Kaspersky have uncovered an “extremely sophisticated” China-linked APT group, tracked as LuoYu, that has been observed using a malicious Windows tool called WinDealer. The threat actors developed capabilities to target almost any OS, including Windows, Linux, macOS, and Android devices. Pierluigi Paganini.

Malware 139

Malware Telecommunications Internet Internet 139

Security Affairs

MAY 24, 2022

Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid detection. Microsoft security researchers recently observed web skimming campaigns that used multiple obfuscation techniques to avoid detection. ” reads the analysis published by Microsoft.

Hacking 86

Hacking eCommerce Cybersecurity Information Security 86

Security Affairs

JUNE 18, 2022

F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. “MaliBot is most obviously a threat to customers of Spanish and Italian banks, but we can expect a broader range of targets to be added to the app as time goes on.

Banking 129

Banking Cryptocurrency Malware Mobile 129

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. The researchers reported that they observed the use of the Hermit spyware in other circumstance. To nominate, please visit:?. Pierluigi Paganini.

Spyware 92

Spyware Surveillance Telecommunications Mobile 92

Centraleyes

APRIL 23, 2024

This section seeks to objectively explore specific categories of digital risks, unraveling strategic approaches to mitigate them effectively. This category encompasses threats like data breaches and inadequate privacy controls. Security Risks Security risks encompass threats to digital assets, networks, and information systems.

Risk 52

Risk Technology Artificial Intelligence Data privacy 52