Cybersecurity, Hacking, Information Security and Malware

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline. Primary analysis made by the technology giant stated that the malware was being distributed via browser extensions and fake ads running on compromised business accounts.

Information Security

Information Security Healthcare Social Engineering Ransomware

Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware

Security Boulevard

MARCH 10, 2024

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part. The post Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware appeared first on Security Boulevard.

Media

Media Accountability Hacking Malware

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware

Malware Banking Accountability Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Team82 and Claroty have been unable to verify the attackers’ claims, however, they conducted a detailed analysis of the Fuxnet malware relying on information provided by the attackers.

Malware

Malware Firmware IoT Hacking

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. ” the company said on X.

Accountability

Accountability Hacking Cryptocurrency Cybersecurity

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. SecurityAffairs – hacking, Lockbit).

Hacking

Hacking Ransomware Cybersecurity Cybercrime

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

The company is working to restore the impacted systems and is investigating the incident with the help of leading cybersecurity firms, The Cactus ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware

Ransomware Hacking Data breaches Digital transformation

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware.

Ransomware

Ransomware Hacking Healthcare Retail

Black Basta ransomware gang hacked Hyundai Motor Europe

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. The carmaker launched an investigation into the incident with the help of external cybersecurity and legal experts. The threat actors claim to have stolen three terabytes of data from the company.

Hacking

Hacking Ransomware Data breaches Manufacturing

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN

VPN Malware Authentication Hacking

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. While purporting to work as a cybersecurity specialist for Iran-based clients, Mr. Nasab allegedly participated in a persistent campaign to compromise U.S. sensitive information and critical infrastructure.

Hacking

Hacking Identity Theft Social Engineering Accountability

Cybersecurity in the Evolving Threat Landscape

Security Affairs

APRIL 10, 2024

As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their assets and data. Cybersecurity has always been seen as a catch-up game, with determined adversaries a step ahead.

Cybersecurity

Cybersecurity Digital transformation Threat Detection Cyber threats

Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

Security Affairs

MARCH 20, 2024

security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. In early March, Rapid7 researchers disclosed two new critical security vulnerabilities, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score:7.3), in JetBrains TeamCity On-Premises.

Malware

Malware Authentication Cryptocurrency Ransomware

The source code of Zeppelin Ransomware sold on a hacking forum

Security Affairs

JANUARY 5, 2024

Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Hacking Encryption Malware

Hackers are taking advantage of the interest in generative AI to install Malware

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware

Malware Education Accountability Media

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job. ”

Hacking

Hacking Ransomware Banking Accountability

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising

Advertising Cybercrime Malware Cryptocurrency

“gitgub” malware campaign targets Github users with RisePro info-stealer

Security Affairs

MARCH 17, 2024

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. The malware exfiltrates gathered data to two Telegram channels. “The malware collects a variety of valuable information.

Malware

Malware Passwords Software Hacking

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Hacking

Hacking Ransomware Manufacturing Healthcare

If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

Malwarebytes

FEBRUARY 12, 2024

Today on the Lock and Code podcast … If your IT and security teams think malware is bad, wait until they learn about everything else. In fact, some attacks have gone so “quiet” that they involve no malware at all. But not every organization has that at hand. What, then, are IT-constrained businesses to do?

Malware

Malware Ransomware Antivirus Information Security

Top cybersecurity firm FireEye hacked by a nation-state actor

Security Affairs

DECEMBER 8, 2020

The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The cybersecurity firm FireEye is one of the most prominent cybersecurity firms, it provides products and services to government agencies and companies worldwide. Pierluigi Paganini.

Hacking

Hacking Cybersecurity Penetration Testing Cyber threats

OrBit, a new sophisticated Linux malware still undetected

Security Affairs

JULY 7, 2022

Cybersecurity researchers warn of new malware, tracked as OrBit, which is a fully undetected Linux threat. Cybersecurity researchers at Intezer have uncovered a new Linux malware, tracked as OrBit, that is still undetected. The experts pointed out that the malware outstands for its almost hermetic hooking of libraries.

Malware

Malware Authentication Hacking Cybersecurity

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. Top Cybersecurity Experts to Follow on Twitter. Binni Shah | @binitamshah.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. SecurityAffairs – hacking, Redis). In March 2022, the U.S.

Malware

Malware DDOS Architecture Cryptocurrency

Symbiote, a nearly-impossible-to-detect Linux malware?

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. “Symbiote is a malware that is highly evasive. ” concludes the report.

Malware

Malware DNS Antivirus Passwords

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. x and Ivanti Policy Secure. The flaw CVE-2023-46805 (CVSS score 8.2)

VPN

VPN Malware Authentication Small Business

Lockbit ransomware gang hacked California Department of Finance

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. On December 12, the California Department of Finance confirmed the security incident with a statement. “The intrusion was proactively identified through coordination with state and federal security partners.

Hacking

Hacking Ransomware Cybersecurity Technology

DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’

Security Boulevard

NOVEMBER 17, 2023

Permalink The post DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Hacking

Hacking Malware Architecture Education

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware

Malware Authentication Threat Detection Government

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. ” concludes the report.

Malware

Malware Phishing Banking Hacking

3 hacking forums have been hacked and database have been leaked online

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking

Hacking Data breaches Advertising Cybercrime

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware

Malware Passwords Identity Theft Data collection

New PowerDrop malware targets U.S. aerospace defense industry

Security Affairs

JUNE 7, 2023

aerospace defense sector with a new PowerShell malware dubbed PowerDrop. The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption. The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption.

Malware

Malware Encryption Internet Internet

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Security Affairs

AUGUST 4, 2023

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. The technique is not new but continues to be effective, multiple malware such as the banking Trojan SharkBot used it to bypass checks implemented by Google for its Play Store.

Malware

Malware Mobile Banking Hacking

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. Last week, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks. Energy China [link] TL;DR That's huuuge!

Ransomware

Ransomware Hacking Engineering Manufacturing

The Cybersecurity Perception Problem in 2023

Approachable Cyber Threats

DECEMBER 6, 2023

The 2023 update to our research on the perception of cybersecurity incident and data breach causes that’s helped organizations re-evaluate how they are at risk of a cybersecurity incident or data breach instead of what feels right. Source: Verizon DBIR [1] Patterns over time in cybersecurity data breaches. Keep reading below!

Cybersecurity

Cybersecurity Social Engineering Data breaches Engineering

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

New Wiper Malware HermeticWiper targets Ukrainian systems

Security Affairs

FEBRUARY 24, 2022

Cybersecurity experts discovered a new data wiper malware that was used in attacks against hundreds of machines in Ukraine. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.

Malware

Malware DDOS Banking Government

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware

Malware Cybercrime Banking Software

Rhysida Ransomware gang claims to have hacked three more US hospitals

Security Affairs

SEPTEMBER 10, 2023

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. Now the cybersecurity researcher Dominic Alvieri first noticed that the ransomware gang claimed to have breached other three US hospitals.

Hacking

Hacking Ransomware Healthcare Cyber Attacks

Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 26, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fix it now!

Healthcare

Healthcare Spyware Data breaches Banking

New CosmicEnergy ICS malware threatens energy grid assets

Security Affairs

MAY 26, 2023

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS). Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. ” concludes the report.

Malware

Malware Hacking Technology Cybersecurity

Information Security News headlines trending on Google

Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware

Webinars

Trending Sources

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Webinars

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Carbanak malware returned in ransomware attacks

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Cactus ransomware gang claims the Schneider Electric hack

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Black Basta ransomware gang hacked Hyundai Motor Europe

Multiple malware used in attacks exploiting Ivanti VPN flaws

U.S. authorities charged an Iranian national for long-running hacking campaign

Cybersecurity in the Evolving Threat Landscape

Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

The source code of Zeppelin Ransomware sold on a hacking forum

Hackers are taking advantage of the interest in generative AI to install Malware

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

“gitgub” malware campaign targets Github users with RisePro info-stealer

Rhysida ransomware group hacked Abdali Hospital in Jordan

If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

Top cybersecurity firm FireEye hacked by a nation-state actor

OrBit, a new sophisticated Linux malware still undetected

Top Cybersecurity Accounts to Follow on Twitter

New Go-based Redigo malware targets Redis servers

Symbiote, a nearly-impossible-to-detect Linux malware?

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Lockbit ransomware gang hacked California Department of Finance

DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

IcedID malware campaign targets Zoom users

Top 2023 Security Affairs cybersecurity stories

3 hacking forums have been hacked and database have been leaked online

Alleged FruitFly malware creator ruled incompetent to stand trial

New PowerDrop malware targets U.S. aerospace defense industry

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Rhysida ransomware gang claimed China Energy hack

The Cybersecurity Perception Problem in 2023

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

New Wiper Malware HermeticWiper targets Ukrainian systems

New Lobshot hVNC malware spreads via Google ads

Rhysida Ransomware gang claims to have hacked three more US hospitals

Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

New CosmicEnergy ICS malware threatens energy grid assets

Stay Connected