SC Magazine

MARCH 5, 2021

The author claims the program, dubbed Povlsomware, is designed to be an educational tool for testing anti-virus protections; however, it’s possible that cybercriminals could adopt and modify the code in order to launch their own attacks, warns Trend Micro, which detailed the ransomware in a new company blog post this week.

Education 82

Education Ransomware Malware Cybercrime 82

Security Affairs

APRIL 24, 2023

It is interesting to note that the domain was also hosting malware a variant of the TrueBot malware. .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybercrime 75

Cybercrime Software Education Ransomware 75

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. The malicious code appended the extension .

Education 96

Education Ransomware Encryption Antivirus 96

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. The tool was developed by a company named Kodex, which claims that the tool was developed for an educational purpose. The malware environment checking and Anti-VM functions.

Cybercrime 88

Cybercrime Malware Education Phishing 88

SecureWorld News

JULY 3, 2023

As we rely increasingly on digital technologies for our work, communication, entertainment, and education, we also expose ourselves to more and more cyber risks. Cyberattacks can devastate individuals, businesses, and even nations, affecting our privacy, security, and economy. Cybercrime is a highly profitable business.

Cybercrime 87

Cybercrime Social Engineering Data breaches Education 87

Security Affairs

OCTOBER 31, 2022

The infection chain was divided into four stages : The malware was installed through a dropper, a program executed by opening an attachment to a deceptive e-mail, probably a fake pdf or doc file, or executed directly from the Internet, without user interaction, exploiting the exploit described in the point 4. The infection chain.

Malware 99

Malware Computers and Electronics Encryption Ransomware 99

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware 83

Malware Social Engineering Architecture Education 83

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported. TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. ” concludes the report.

Malware 88

Malware Antivirus Manufacturing Healthcare 88

Security Affairs

APRIL 13, 2023

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware.

Malware 95

Malware Mobile Education Media 95

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 79

Surveillance Malware Spyware Education 79

Security Affairs

APRIL 5, 2023

The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com , the personal online tax preparation and e-file service authorized by the US Internal Revenue Service (IRS), was spotted serving malware to visitors.

Malware 80

Malware Education Media Internet 80

Security Affairs

APRIL 28, 2023

Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information stealer Cryptbot. to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. ” concludes the announcemebt.

Malware 93

Malware Cybercrime Cryptocurrency Media 93

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 89

Cybercrime Malware Hacking Accountability 89

Security Affairs

SEPTEMBER 12, 2023

The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufactoring, media and entertainment, and healthcare. In July 2023, security firm Avast released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files.

Cyber Attacks 112

Cyber Attacks Healthcare Education Data breaches 112

Security Affairs

AUGUST 13, 2023

Police dismantled bulletproof hosting service provider Lolek Hosted Python URL parsing function flaw can enable command execution UK govt contractor MPD FM leaks employee passport data Power Generator in South Africa hit with DroxiDat and Cobalt Strike The Evolution of API: From Commerce to Cloud Gafgyt botnet is targeting EoL Zyxel routers Charming (..)

Data breaches 88

Data breaches Artificial Intelligence Cybercrime Adware 88

Security Affairs

MAY 2, 2023

“Through exchanges, attackers channeled assets obtained as a result of malware attacks (cryptoviruses) and online fraud. ” Many of these services are advertised on cybercrime forums, the services were offering support in both Russian and English. Exchange services were advertised on closed hacker forums.”

Cybercrime 89

Cybercrime Cryptocurrency Advertising Education 89

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide.

Ransomware 108

Ransomware Encryption Antivirus VPN 108

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. “Of these, three were found to be activated during the longer vacations of the Christmas season. In addition, during Christmas, there was one incident caused by another ransomware malware family.”

Ransomware 113

Ransomware Backups VPN Authentication 113

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority.

Social Engineering 115

Social Engineering Ransomware Engineering Phishing 115

Security Affairs

DECEMBER 15, 2022

The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum. ” The seller, who is a forum member that goes online with moniker USDoD, is demanding $50,000 for the full user database containing names and contact information.

Cybercrime 92

Cybercrime Accountability Hacking Education 92

Security Affairs

APRIL 7, 2023

. “More specifically, cracked versions of Cobalt Strike allow Defendants to gain control of their victim’s machine and move laterally through the connected network to find other victims and install malware. ” reads the court order. ” Example of an attack flow by threat actor DEV-0243. .” ” concludes the report.

Penetration Testing 83

Penetration Testing Ransomware Malware Hacking 83

Security Affairs

APRIL 18, 2023

The two companies teamed up with Flare to curb the operations of the malware operators. The experts discovered that the malware control panels use GitHub repositories as dead-drop resolvers. The info-stealer is considered a commodity malware that is available through malware-as-a-service model.

Malware 87

Malware Education Media Authentication 87

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. In addition, during Christmas, there was one incident caused by another ransomware malware family.” “Of these, three were found to be activated during the longer vacations of the Christmas season.

Ransomware 88

Ransomware Backups VPN Authentication 88

Security Affairs

DECEMBER 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Nissan said it is still working to restore its systems and plans to provide updates through its websites nissan.com.au

Ransomware 128

Ransomware Data breaches Financial Services Scams 128

Security Affairs

APRIL 29, 2023

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). ” reads the report published by Cyble.

Advertising 82

Advertising Passwords Malware Password Management 82

Security Affairs

APRIL 7, 2023

.” The company reported the security breach to the relevant authorities, and it downplayed the incident, saying that the attack had no significant financial and operational impact. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 87

Ransomware Firmware Hacking Manufacturing 87

Security Affairs

OCTOBER 16, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Engineering 110

Engineering Ransomware Hacking Education 110

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 73

Spyware Ransomware Malware Data breaches 73

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com ” continues the report.

Encryption 88

Encryption Malware Cryptocurrency Software 88

IT Security Guru

AUGUST 16, 2021

million to cybercrime, as per official police statistics. One of the most damaging forms of cybercrime comes in the form of Ransomware. . Not only that, but 81% of cyber security experts believe we are likely to see more ransomware than ever across the next few years, thanks to its increasing prevalence. What is Ransomware?

Ransomware 102

Ransomware Cybercrime Backups Encryption 102

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT 90

IoT DDOS Architecture Internet 90

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. ISS reveals malware attack impacted parts of the IT environment. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019.

Banking 91

Banking Malware Advertising Ransomware 91

Security Affairs

APRIL 20, 2023

Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to deploy Trigona ransomware. “V3 should be updated to the latest version so that malware infection can be prevented.

Ransomware 84

Ransomware Malware Encryption Hacking 84

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 89

Data breaches DDOS Artificial Intelligence Ransomware 89

Security Affairs

APRIL 17, 2023

Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts observed a surge in attacks that QBot malware attacks (aka Qakbot , QuackBot, and Pinkslipbot ). Its modular structure allows operators to implement new features to extend their capabilities.

Malware 91

Malware Education Banking Media 91

Security Affairs

JANUARY 24, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware 110

Ransomware VPN Government Retail 110