Remove Download Remove Phishing Remove Ransomware
article thumbnail

A large-scale phishing campaign targets WordPress WooCommerce users

Security Affairs

A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a ‘critical patch’ hiding a backdoor. Patchstack researchers uncovered a large-scale phishing campaign targeting WordPress WooCommerce users with a fake security alert.

article thumbnail

Authorities released free decryptor for Phobos and 8base ransomware

Security Affairs

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware , allowing victims to recover files without paying. Europol and the FBI are promoting it as an official recovery solution.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Report Shows Ransomware Has Grown 41% for Construction Industry

Digital Shadows

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

article thumbnail

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

article thumbnail

Hertz data breach caused by CL0P ransomware attack on vendor

Malwarebytes

The car rental giants data was stolen in a ransomware attack leveraging a vulnerability in Cleo file sharing products. A screenshot of some of CL0P’s list of victims (other victims’ names obscured) This leak site is also where the stolen data is available for download. 2FA that relies on a FIDO2 device cant be phished.

article thumbnail

Experts warn of a new wave of Bumblebee malware attacks

Security Affairs

According to the experts, the malware was developed by the TrickBot group and replaced the BazarLoader backdoor to provide initial access to the victim’s infrastructure in ransomware attacks. The malware is distributed through phishing messages using a malicious attachment or a link to the malicious archive containing Bumblebee.

Malware 128
article thumbnail

Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations

Security Affairs

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.