Infosecurity News
Ukraine Police Dismantle Major Ransomware Group
Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Latest Hacking News
Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers
Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat
Cyber Security News
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware
Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.
The Hacker News
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
Novel attack methods targeting Google Workspace & Cloud Platform could enable ransomware and data breaches.
CyberNews
Hive reborn: new ransomware group emerges from the ashes
Hive lost its aura in January 2023, when the FBI and other law enforcement agencies in Germany penetrated Hive’s computer network.
The Hacker News
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
U.S. Government Dismantles Global IPStorm Botnet Network! From Windows to Linux, Mac, and Android, the botnet turned infected devices into proxies for
Security Affairs
Law enforcement agencies dismantled botnet proxy service IPStorm
The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm.
The Record
FBI takes down IPStorm malware botnet as hacker behind it pleads guilty
The FBI dismantled the IPStorm botnet proxy network and its infrastructure this week following a September plea deal with the hacker behind the operation.
DarkReading
'Hunters International' Cyberattackers Take Over Hive Ransomware
Hunters International appears to have acquired Hive ransomware from its original operators and may be seeking to cash in on the malware's reputation.
The Hacker News
New Ransomware Group Emerges with Hive's Source Code and Infrastructure
A new ransomware group, Hunters International, has taken over the reins from Hive, acquiring its source code and infrastructure.
The Record
Researchers spot an increase in Jupyter infostealer infections
Education and healthcare institutions seem to be targets in the latest wave of Jupyter infections, according to VMware's Carbon Black team.
The Hacker News
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Cybercriminals are using compromised business accounts to lure victims with "revealing photos of young women," distributing NodeStealer malware.
The Record
An info-stealer campaign is now targeting Facebook users with revealing photos
The NodeStealer malware, spotted earlier this year, is now being inserted into Facebook advertising aimed at average users — often men in their 40s or older — instead of business accounts, according to Bitdefender.
The Record
Medical firm reaches $100,000 settlement with HHS over 2017 ransomware attack
Doctors’ Management Services — which provides medical billing and payer credentialing services — was attacked by the now-defunct GandCrab ransomware gang in April 2017. The settlement with HHS is the first for the agency over a ransomware attack.
Bleeping Computer
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services.
The Record
Russian artists’ Spotify accounts defaced by pro-Ukraine hackers
A group of pro-Ukraine hackers recently compromised the Spotify accounts of several well-known Russian musicians, swapping out their profile pictures for images of Ukraine’s flag and a Ukrainian rapper with a call to stop Russia's war in Ukraine.
Cyber Security News
Best Unified Network Security Solutions for Small Businesses
Best Unified Network Security Solutions for Small Businesses. 1. Perimeter 81, 2. Snort, 3. OSSEC, 4. Wireshark, 5. Burp Suite, 6. Splunk.
The Record
Scammers hijack YouTube channels to promote Elon Musk-themed crypto schemes
The "stream-jacking" technique involves inserting malicious QR codes or links in the video or comments section, directing users to cryptocurrency scam websites.
Cyber Security News
HiddenGh0st Malware Attacking MS-SQL & MySQL Servers
A remote control malware called Gh0st RAT, which is popular with Chinese threat actors and has publicly available source code was created by China's C. Rufus Security Team.
SecurityWeek
Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement
Finnish authorities have seized the drugs marketplace Piilopuoti, which has been operating on the Tor network since May 2022.
The Hacker News
Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
Finnish authorities shut down PIILOPUOTI, a dark web hub for illegal narcotics.
Infosecurity News
Finnish Authorities Shutter Dark Web Drugs Marketplace
Customs officers announce seizure of Piilopuoti server
The Record
Finland, Europol take down PIILOPUOTI dark web marketplace
Law enforcement officials in Finland worked with Europol and a cybersecurity firm to take down a dark web marketplace called PIILOPUOTI.
The Hacker News
This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers
Malware-infected Windows & macOS machines are now being used as proxy exit nodes, allowing threat actors to reroute requests!
Cyber Security News
10 Best Enterprise Remote Access Software - 2023
Best Enterprise Remote Access Software: 1. Perimeter81 2. TeamViewer 3. Chrome Remote Desktop 4. AnyDesk 5. GoToMyPC 6. RemotePC
SecurityWeek
In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities
Weekly cybersecurity news roundup: VPN vulnerabilities, macOS threats, keyboard spying, layoffs, and security patches
Infosecurity News
Potent Trojans Targeting MacOS Users
A new Bitdefender report finds that attackers are building more sophisticated malware creations tailored to macOS
The Hacker News
Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
Threat actors are deploying fake websites with trojanized software to infect unsuspecting users with Fruity downloader malware.
Cyber Security News
20 Best Malware Protection Solutions in 2023
Best Malware protection software and solutions : 1. Perimeter81 2. Norton 3. McAfee 4. Kaspersky 5. Bitdefender 6. Avast 7. ESET 8. AVG.
The Hacker News
Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets
A new malware family called Realst is targeting Apple macOS systems, including macOS 14 Sonoma! Written in Rust programming language.
SecurityWeek
Nubeva’s Ransomware Key Interception and Decryption Technology Validated in Third-Party Lab
By intercepting ransomware keys, any successful encryption can be rapidly decrypted without paying a ransom.
DarkReading
Pernicious Rootkits Pose Growing Blight On Threat Landscape
Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures.
Security Affairs
FIN8 Group spotted delivering the BlackCat Ransomware
The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware). Sardonic is a sophisticated backdoor that supports a wide range of features that was designed […]
DarkReading
FIN8 Modifies 'Sardonic' Backdoor to Deliver BlackCat Ransomware
The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat.
Bleeping Computer
FIN8 deploys ALPHV ransomware using Sardonic malware variant
A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version.
The Hacker News
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
FIN8, known for targeting PoS systems, is now using Sardonic backdoor to deploy BlackCat ransomware
The Record
FIN8 cybercrime group using updated backdoor amid shift to ransomware
Symantec’s Threat Hunter Team said it observed the group deploying a variant of the Sardonic backdoor before delivering ransomware known as Black Cat or AlphV.
Trend Micro
Hunting for A New Stealthy Universal Rootkit Loader
In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module.
SecurityWeek
Cybersecurity M&A Roundup: 23 Deals Announced in June 2023
Twenty-three cybersecurity-related merger and acquisition (M&A) deals were announced in June 2023.
Cyber Security News
JokerSpy - Multi-Stage macOS Malware Attacking Organisation Worldwide
MacOS is reported to be one of the most security Operating Systems. As of the beginning of 2023, there are over 100 million macOS devices worldwide. Due to its popularity, threat actors have begun to target macOS devices recently.
Ars Technica
Prominent cryptocurrency exchange infected with previously unseen Mac malware
It's not yet clear how the full-featured JokerSpy backdoor gets installed.
Security Affairs
JOKERSPY used to target a cryptocurrency exchange in Japan
An unnamed Japanese cryptocurrency exchange was the victim of a cyber attack aimed at deploying an Apple macOS backdoor named JokerSpy. Elastic Security Labs researchers provided details about a recently discovered intrusion at an unnamed cryptocurrency exchange, aimed at deploying an Apple macOS backdoor named JokerSpy. The researchers tracked the intrusion as REF9134, the threat […]
The Hacker News
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
A Japanese cryptocurrency exchange fell victim to a recent cyberattack, deploying the stealthy JokerSpy backdoor on Apple macOS.
Cyber Security News
New Custom Malware Attacking Remote Desktop Protocol Clients to Steal Data
New Custom Malware Attacking Remote Desktop Protocol Clients to Steal Data. 'RedClouds' steals data from shared drives via RD connections.
DarkReading
Ransomware Misconceptions Abound, To the Benefit of Attackers
INFOSEC23 — London — It's time to update what we think we understand about ransomware, including new defensive measures and how fast the attack response should be.
Bleeping Computer
New RDStealer malware steals from drives shared over Remote Desktop
A cyberespionage and hacking campaign tracked as 'RedClouds' uses the custom 'RDStealer' malware to automatically steal data from drives shared through Remote Desktop connections.
The Hacker News
Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer
Experts expose a year-long cyber operation targeting an East Asian IT firm, deploying custom malware called RDStealer to compromise data.
Security Affairs
Experts found components of a complex toolkit employed in macOS attacks
Researchers uncovered a set of malicious files with backdoor capabilities that they believe is part of a toolkit targeting Apple macOS systems. Bitdefender researchers discovered a set of malicious files with backdoor capabilities that are suspected to be part of a sophisticated toolkit designed to target Apple macOS systems. The investigation is still ongoing, the […]
The Hacker News
Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems
Cybersecurity researchers discover sophisticated toolkit targeting Apple macOS systems, with undetected malicious artifacts posing a serious threat.
Security Affairs
Diicot cybercrime gang expands its attack capabilities
Researchers found evidence that Diicot threat actors are expanding their capabilities with new payloads and the Cayosin Botnet. Cado researchers recently detected an interesting attack pattern linked to an emerging cybercrime group tracked as Diicot (formerly, “Mexals”) and described in analyses published by Akamai and Bitdefender. The experts discovered several payloads, some of which were not publicly known, […]
The Hacker News
From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
Diicot, a Romanian threat actor, expands its capabilities with the deployment of an off-the-shelf botnet, signaling its readiness to launch DDoS.
Security Affairs
Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack […]
Latest Hacking News
Fake Android Apps Ran Adware Campaign For Months
Researchers caught a sneaky adware campaign targeting Android users for months. This campaign used several fake Android apps mimicking different utilities like pdf readers, weather apps, VPNs, game cracks, streaming services such as Netflix and
Infosecurity News
Minecraft Users Warned of Malware Targeting Modpacks
Bitdefender researchers warn that mods and plugins have been rigged by the infostealer malware, dubbed Fractureiser
DarkReading
60K+ Android Apps Have Delivered Adware Undetected for Months
A campaign targeting mainly US users disguised malware in fake security software, game cracks, cheats, free Netflix, and other "modded" apps.
Security Affairs
+60,000 Android apps spotted hiding adware for past six months
Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile […]
Bleeping Computer
Over 60,000 Android apps secretly installed adware for past six months
Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for the past six months.
The Hacker News
Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices
🚨 Beware Android users! Over 60,000 adware apps have been lurking in the shadows, disguising as cracked versions of your favorite apps.
Cyber Security News
Ransomware Attack Prevention Checklist - 2023
Implementing a ransomware attack prevention plan can provide businesses with the necessary tools to protect your organisation.
The Hacker News
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
Cybercrime group Blacktail is transitioning from using its Buhti ransomware to leaked LockBit and Babuk ransomware versions, expanding its targets.
The Hacker News
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
Ukraine's state bodies under cyber attack! CERT-UA warns of an espionage campaign targeting ministries.
ZDNet
China bars Micron chips from critical infrastructure purchases
Citing serious security risks, the Chinese government has directed operators of critical information infrastructure to stop buying products from the U.S. chipmaker.
ZDNet
Ferrari teams up with Bitdefender, as car racing security shifts into high gear
For Formula 1 teams, the cybersecurity race has no finish line.
The Hacker News
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
Water Orthrus group returns, leveraging pay-per-install networks to deploy the new CopperStealth & CopperPhish malware.
Cyber Security News
What is Malware Attack? Types, Methods, Distribution, Protection - Guide
A malware attack is a cyber-attack using malicious software to gain unauthorized access to a computer system or network.
Security Affairs
DownEx cyberespionage operation targets Central Asia
A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx. Later the researchers detected another attack in Afghanistan that allowed them to […]
The Hacker News
Sophisticated DownEx Malware Campaign Targeting Central Asian Governments
DownEx: The new fileless malware targeting Central Asian government organizations.
ZDNet
Remote workers are still more vulnerable to hackers than they should be. Here's what to do
Remote and hybrid working is here to stay -- but many organizations are struggling to manage the security issues it can bring.
DarkReading
'BellaCiao' Showcases How Iran's Threat Groups Are Modernizing Their Malware
The dropper is being used in a Charming Kitten APT campaign that has hit organizations in multiple countries.
Security Affairs
Iranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacks
Iran-linked APT group Charming Kitten employed a new malware dubbed BellaCiao in attacks against victims in the U.S., Europe, the Middle East and India. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media. Microsoft has been tracking the threat actors at […]
CSO
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
Attacks using the BellaCiao malware dropper seem to be customized for specific targets.
The Hacker News
Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks
Charming Kitten, the notorious Iranian state-sponsored APT group, has targeted multiple victims in the US, Europe, the Middle East and India.
ZDNet
The best free PC antivirus software of 2023
The best free PC antivirus software combines usability, modern protective technologies, and a reasonable price tag. Here are my top picks for PC antivirus software offerings in 2023.
Infosecurity News
Two-Fifths of IT Pros Told to Keep Breaches Quiet
The figure rises to 70% of those in the US
CyberSecurity Dive
IT security leaders still told to keep data breaches quiet, study finds
Bitdefender research found 7 in 10 IT and security professionals in the U.S. have been asked to keep a breach confidential.
The Hacker News
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
A fake ChatGPT Chrome browser extension has been found to hijack Facebook accounts and create rogue admin accounts.
DarkReading
Lawmakers Risk Cyberattacks, Physical Harm After DC Health Link Breach
The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers.
Security Affairs
SYS01 stealer targets critical government infrastructure
Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. Cybersecurity researchers from Morphisec discovered a new, advanced information stealer, dubbed SYS01 stealer, that since November 2022 was employed in attacks aimed at critical government infrastructure employees, manufacturing companies, and other sectors. The experts found similarities between the SYS01 stealer and another […]
The Hacker News
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting government, manufacturing, and other sectors.
Bleeping Computer
The Week in Ransomware - March 3rd 2023 - Wide impact attacks
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile.
Infosecurity News
Researchers Release MortalKombat Ransomware Decryptor
Bitdefender moves in record time to help victims
Security Affairs
Bitdefender released a free decryptor for the MortalKombat Ransomware family
Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware, the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom. Since December 2022, Cisco Talos researchers have been observing an unidentified financially […]
Bleeping Computer
New MortalKombat ransomware decryptor recovers your files for free
Cybersecurity company Bitdefender has released a free MortalKombat ransomware decryptor that victims can use to restore their files without paying a ransom.
The Hacker News
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Bitdefender has released a free decryptor for MortalKombat, a new ransomware strain based on the Xorist malware that emerged in January 2023.
Security Affairs
Threat actors leak Activision employee data on hacking forum
Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. The threat actors claim to have obtained 19,444 unique records from an Activision Azure database […]
Bleeping Computer
RIG Exploit Kit still infects enterprise users via Internet Explorer
The RIG Exploit Kit is undergoing its most successful period, attempting roughly 2,000 intrusions daily and succeeding in about 30% of cases, the highest ratio in the service's long operational history.
Security Affairs
Hackers are actively exploiting CVE-2022-47966 flaw in Zoho ManageEngine
Experts warn of threat actors actively exploiting the critical CVE-2022-47966 (CVSS score: 9.8) flaw in Zoho ManageEngine. Multiple threat actors are actively exploiting the Zoho ManageEngine CVE-2022-47966 (CVSS score: 9.8) in attacks in the wild, Bitdefender Labs reported. “Starting on January 20 2023, Bitdefender Labs started to notice a global increase in attacks using the ManageEngine exploit CVE-2022-47966.” reads the […]
Ars Technica
A world of hurt for Fortinet and Zoho after users fail to install patches
Attackers are capitalizing on organizations' failure to patch critical vulnerabilities.
Infosecurity News
Hackers Use S1deload Stealer to Target Facebook, YouTube Users
The malicious software employs DLL sideloading techniques to run its malicious components
The Hacker News
New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency
A new information stealer is hijacking Facebook and YouTube accounts to mine cryptocurrency. Bitdefender calls it S1deload Stealer.
Bleeping Computer
New S1deload Stealer malware hijacks Youtube, Facebook accounts
An ongoing malware campaign targets YouTube and Facebook users, infecting their computers with a new information stealer that will hijack their social media accounts and use their devices to mine for cryptocurrency.
The Hacker News
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
Cybersecurity experts are cautioning of a new, previously unreported threat actor located in the Middle East that is targeting telecommunications s
DarkReading
Embattled VMware ESXi Hypervisor Flaw Exploitable in Myriad Ways
It's not just Internet-accessible hosts that are vulnerable, researchers say.
Bleeping Computer
PayPal and Twitter abused in Turkey relief donation scams
Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter.
The Hacker News
Microsoft Urges Customers to Secure On-Premises Exchange Servers
Microsoft urges customers keep their servers up to date and implement additional security measures, such as enabling Windows Extended Protection.
CyberSecurity Dive
Exchange Server under pressure as opportunistic actors step up attacks
Bitdefender Labs warns threat actors are using the ProxyNotShell/OWASSRF exploit chains to launch attacks.
DarkReading
Cybercriminals Target Telecom Provider Networks
The growing use of mobile devices for MFA and the proliferation of 5G and VoIP in general could result in more attacks in future, experts say.
Cyber Security News
Why DDoS Attacks Use IoT Devices as Weapons?
Indusface saw a 74% increase in the number of websites that experienced DDoS attacks from Q3 to Q4 of 2022. The frequency and scale of DDoS attacks have increased. Attackers are using more sophisticated methods to evade detection and mitigation. One of the factors contributing to the increase in DDoS attacks is the rise of […]
Bleeping Computer
Hackers turn to Google search ads to push info-stealing malware
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.
Bleeping Computer
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.
SecurityWeek
Free Decryptors Released for BianLian, MegaCortex Ransomware
Avast and Bitdefender have released decryptors to help victims of BianLian and MegaCortex ransomware recover their data for free.
Cyber Security News
Hackers Use VPN Installers To Install Surveillanceware On Your Device
Users can keep their internet traffic private and anonymous with these ubiquitous utilities while avoiding restrictions or censorship on their usage of the internet.
The Hacker News
Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware
Beware of tainted VPN installers! They're being used to deliver a surveillanceware called EyeSpy as part of a malware campaign.
Bleeping Computer
The Week in Ransomware - January 6th 2023 - Targeting Healthcare
This week saw a lot of ransomware news, ranging from new extortion tactics, to a ransomware gang giving away a free decryptor after attacking a children's hospital.
Security Affairs
Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack
The Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack in December that is still impacting medical activity. The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was hit by a ransomware attack in December that is still impacting medical operations. The hospital is not able to report the services performed in December […]
ZDNet
Ransomware decryption tool: Victims of MegaCortex can now unlock their files for free
Joint venture by cybersecurity researchers and law enforcement agencies provides a free decryption tool for ransomware that has hit victims around the world.
Security Affairs
Bitdefender released a free decryptor for the MegaCortex ransomware
Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware, which can allow victims of the group to restore their data for free. The MegaCortex ransomware first appeared on the threat landscape in May 2019 when […]
Infosecurity News
Security Industry Hits Back with MegaCortex Decryptor
Another ransomware variant bites the dust
Bleeping Computer
Bitdefender releases free MegaCortex ransomware decryptor
Antivirus company Bitdefender has released a decryptor for the MegaCortex ransomware family, making it possible for victims of the once notorious gang to restore their data for free.
SecurityWeek
North Korean Hackers Created 70 Fake Bank, Venture Capital Firm Domains
North Korea’s BlueNoroff hacking group is targeting banks and venture capital firms with new malware and updated delivery techniques.
Trend Micro
Raspberry Robin Malware Targets Telecom, Governments
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.
CyberSecurity Dive
Incident responders brace for end-of-year cyber scaries
Fears of the next SolarWinds or Log4j-style incident hitting over the holidays have some cybersecurity experts on edge.
Bleeping Computer
Antivirus and EDR solutions tricked into acting as data wipers
A security researcher has found a way to exploit the data deletion capabilities of widely used endpoint detection and response (EDR) and antivirus (AV) software from Microsoft, SentinelOne, TrendMicro, Avast, and AVG to turn them into data wipers.
The Hacker News
Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender
Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation season, improve your cybersecurity!
The Hacker News
Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks
China-linked APT group BackdoorDiplomacy has been spotted launching sophisticated cyber attacks against telecom companies in the Middle East.
Cyber Security News
Google Play Store File Manager App Drops Android Malware To Attack Android Users
A malware called SharkBot, which is responsible for Android banking fraud, has once again appeared on the official Google Play Store in the form of legit-looking malicious apps. It seems that malignant apps are often distributed directly from the Google Play Store in recent months, which has become a common theme on the web. While […]
Infosecurity News
Experts Warn Remote Workers of Black Friday Security Threats
Shared devices can present corporate security risk
Infosecurity News
SharkBot Malware Found in Android File Manager Apps With Thousands of Downloads
The apps are no longer available on the Play Store, but can be found in third-party stores
The Record
Scammers, bots dominate threat landscape ahead of Black Friday and Cyber Monday
As Black Friday and Cyber Monday approach, cybersecurity experts and the U.S. government are warning consumers to beware of scams.
The Hacker News
This Android File Manager App Infected Thousands of Devices with Sharkbot Malware
SharkBot Android banking fraud malware has resurfaced on the official Google Play Store and pretends to be a file manager app.
Bleeping Computer
Get 50% off Emsisoft Anti-Malware Home through Cyber Monday
Emsisoft's Black Friday through Cyber Monday deal is now live with 50% off Emsisoft Anti-Malware Home 1-year licenses for 1, 3, or 5 devices.
Bleeping Computer
Android file manager apps infect thousands with Sharkbot malware
A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan.
Security Affairs
Black Friday and Cyber Monday, crooks are already at work
Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema. Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday. The experts noticed that between October 26 and November 6, the rate of unsolicited […]
Infosecurity News
Shoppers Warned Stay Alert this Black Friday as Hackers Renew Efforts
Cyber-criminals are exploiting the busy period during both purchase and delivery stages
Infosecurity News
More Than Half of Black Friday Spam Emails Are Scams
New research analyzes email scam techniques in the build-up to this year's Black Friday
The Hacker News
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
Hackers stole cryptocurrency worth around $100 million from a Binance-linked blockchain.
The Record
Ferrari denies data breach and ransomware attack following gang’s online claims
Luxury car maker Ferrari is denying that it was hit with a ransomware attack after a gang added the company to its list of victims this week.
Infosecurity News
Europol and Bitdefender Jointly Release LockerGoga Decryptor
LockerGoga targeted several companies in Norway and across the US in 2019
SecurityWeek
Free Decryptor Available for LockerGoga Ransomware Victims
Victims of the LockerGoga ransomware can recover their files with a free decryption tool available via the NoMoreRansom project’s website.
The Hacker News
Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware
Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware
Bleeping Computer
The Week in Ransomware - September 16th 2022 - Iranian Sanctions
It has been a fairly quiet week on the ransomware front, with the biggest news being US sanctions on Iranians linked to ransomware attacks.
Security Affairs
Bitdefender releases Universal LockerGoga ransomware decryptor
Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying a ransom. The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom. “We’re pleased to announce the availability of a new decryptor […]
The Record
Bitdefender, Europol, Swiss police publish decryptor for LockerGoga ransomware
Bitdefender, Europol and Swiss prosecutors published a new decryptor for the LockerGoga ransomware on Friday.
Bleeping Computer
Bitdefender releases free decryptor for LockerGoga ransomware
Romanian cybersecurity firm Bitdefender has released a free decryptor to help LockerGoga ransomware victims recover their files without paying a ransom.
Security Affairs
Cyber espionage campaign targets Asian countries since 2021
A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the […]
The Hacker News
Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks
Government and state organizations in several Asian countries were targeted by a distinct group of cyberespionage hackers as part of an intelligence.
Bleeping Computer
Cyberspies drop new infostealer malware on govt networks in Asia
Security researchers have identified new cyber-espionage activity focusing on government entities in Asia, as well as state-owned aerospace and defense firms, telecom companies, and IT organizations.
Bleeping Computer
Android malware apps with 2 million installs found on Google Play
A new batch of thirty-five Android malware apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices.
Infosecurity News
Researchers Find 35 Adware Apps on Google Play
Apps have millions of downloads, says Bitdefender
SecurityWeek
Critical Vulnerabilities Found in Device42 Asset Management Platform
Security researchers with Bitdefender have identified multiple critical vulnerabilities in the Device42 asset management platform.
The Hacker News
Critical Flaws Disclosed in Device42 IT Asset Management Software
Cybersecurity researchers have disclosed multiple severe security vulnerabilities IT asset management platform Device42.
Bleeping Computer
deBridge Finance crypto platform targeted by Lazarus hackers
Hackers suspected to be from the North Korean Lazarus group tried their luck at stealing cryptocurrency from deBridge Finance, a cross-chain protocol that enables the decentralized transfer of assets between various blockchains.
DarkReading
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs
Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT.
DarkReading
'Raccoon Stealer' Scurries Back on the Scene After Hiatus
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
ThreatPost
International Authorities Take Down Flubot Malware Network
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
DarkReading
FluBot Android Malware Operation Disrupted, Infrastructure Seized
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.
SecurityWeek
Trend Micro Patches Vulnerability Exploited by Chinese Cyberspies
Trend Micro has patched a DLL hijacking vulnerability exploited in attacks by a China-linked cyberespionage group tracked as Moshen Dragon.
Security Affairs
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy malware. Trend Micro addressed a DLL hijacking flaw in Trend Micro Security that a China-linked threat actor actively exploited to deploy malware. In early May, SentinelOne researchers observed a China-linked APT group, tracked as Moshen […]
Bleeping Computer
Trend Micro fixes bug Chinese hackers exploited for espionage
Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware.
SecurityWeek
Chinese Hackers Abuse Cybersecurity Products for Malware Execution
Researchers at cybersecurity firm SentinelOne have observed a Chinese hacking group taking a trial-and-error approach to abusing antivirus applications for the sideloading of malicious DLLs.
Security Affairs
China-linked Moshen Dragon abuses security software to sideload malware
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Both PlugX and ShadowPad malware are very common among China-linked cyberespionage […]
The Hacker News
Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector
China-aligned "Moshen Dragon" cyberespionage group has been caught using abusing popular antivirus products to sideload malware.
Bleeping Computer
Chinese cyber-espionage group Moshen Dragon targets Asian telcos
Researchers have identified a new cluster of malicious cyber activity tracked as Moshen Dragon, targeting telecommunication service providers in Central Asia.
ZDNet
This phishing campaign delivers malware that steals your passwords and chat logs | ZDNet
Cybersecurity researchers warn over a big spike in attacks deploying RedLine Stealer - which is cheap and easy to use.
The Hacker News
New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer
A new malware campaign leveraging an exploit kit has been observed infecting victims' computers with the RedLine Stealer trojan.
Bleeping Computer
RIG Exploit Kit drops RedLine malware via Internet Explorer bug
Threat analysts have uncovered yet another large-scale campaign delivering the RedLine stealer malware onto worldwide targets.
CSO
Bitdefender enters native XDR market with new offering
GravityZone XDR promises to reduce attacker dwell time with robust detection, quick triage, and automated threat containment.
Latest Hacking News
Wyze Cam Vulnerabilities Expose Saved Videos To Hackers
Researchers have discovered multiple security vulnerabilities in Wyze Cam smart cameras exposing saved videos to a remote attacker. Wyze patched the vulnerability following the bug disclosure, but users must ensure that they receive the updates
Security Affairs
Flaws in Wyze cam devices allow their complete takeover
Wyze Cam devices are affected by three security vulnerabilities that can allow attackers to takeover them and access camera feeds. Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. The three flaws reported by the cybersecurity firm […]
The Hacker News
Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds
Three new vulnerabilities in Wyze cameras could allow attackers to take over devices and access video feeds
Bleeping Computer
Wyze Cam flaw lets hackers remotely access your saved videos
A Wyze Cam internet camera vulnerability allows unauthenticated, remote access to videos and images stored on local memory cards and has remained unfixed for almost three years.
The Record
Three vulnerabilities found in Wyze Cam devices allow for outside access
Several vulnerabilities have been found in popular Wyze Cam devices that give threat actors widespread access to camera feeds and SD cards, according to a new report from cybersecurity firm Bitdefender.
ZDNet
What is ransomware? Everything you need to know about one of the biggest menaces on the web | ZDNet
Updated: Everything you need to know about ransomware - how it started, why it's booming, how to protect against it.
Bleeping Computer
Fake antivirus updates used to deploy Cobalt Strike in Ukraine
Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware.
CyberScoop
Cybercriminals are posing as Ukraine fundraisers to steal cryptocurrency
The scams have picked up on Telegram.
Bleeping Computer
Cisco joins long list of security companies supporting Ukraine
Cisco has joined the growing list of security and technology companies that no longer offer services in Russia after their invasion of Ukraine.
Bleeping Computer
Russia-Ukraine war exploited as lure for malware distribution
Threat actors are distributing malware using phishing themes related to the invasion of Ukraine, aiming to infect their targets with remote access trojans (RATs) such as Agent Tesla and Remcos.
Infosecurity News
Cyber-Criminals Exploit Invasion of Ukraine
Rise in malspam campaigns exploiting attack on Ukraine by Russia
The Hacker News
TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps
TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps
Bleeping Computer
TeaBot malware slips back into Google Play Store to target US users
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices.
Infosecurity News
Moscow Exchange Downed by Cyber-attack
Websites for Moscow Stock Exchange and Sberbank knocked offline
Bleeping Computer
Citibank phishing baits customers with fake suspension alerts
An ongoing large-scale phishing campaign is targeting customers of Citibank, requesting recipients to disclose sensitive personal details to lift alleged account holds.
ThreatPost
Creaky Old WannaCry, GandCrab Top the Ransomware Scene
Nothing like zombie campaigns: WannaCry's old as dirt, and GandCrab threw in the towel years ago. They're on auto-pilot at this point, researchers say.
The Record
Academics publish method for recovering data encrypted by the Hive ransomware
A team of South Korean researchers has published an academic paper on Thursday detailing a method to recover files encrypted by the Hive ransomware without paying the attackers for the decryption key.
CSO
ShadowPad has become the RAT of choice for several state-sponsored Chinese APTs
New research links the ShadowPad remote-access Trojan to China's Ministry of State Security and the People's Liberation Army.
Latest Hacking News
Zero-Day Bugs Spotted In Nooie Baby Monitor Await Patches
The researchers found the baby monitor zero-day bugs in 2020, however, Nooie hasn't patched them yet despite bug disclosure.
Bleeping Computer
New FluBot and TeaBot campaigns target Android devices worldwide
New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania.
ThreatPost
Threat Actors Blanket Androids with Flubot, Teabot Campaigns
Attackers are getting creative, using smishing & a malicious Google Play QR reader to plant banking trojans on the phones of victims across the globe.
Bleeping Computer
New BHUNT malware targets your crypto wallets and passwords
A novel modular crypto-wallet stealing malware dubbed 'BHUNT' has been spotted targeting cryptocurrency wallet contents, passwords, and security phrases.
ThreatPost
New ‘White Rabbit’ Ransomware May Be New FIN8 Tool
It's a double-extortion play that uses the command-line password ‘KissMe’ to hide its nasty acts and adorns its ransom note with cutesy ASCII bunny art.
ZDNet
Best antivirus software 2022: Protect your devices | ZDNet
Malware is rife, and protection isn't just a good idea; it's a must. Here is a roundup of the best software and apps for Windows and Mac computers, as well as iOS and Android devices, to keep you and your data safe from malware and viruses.
ThreatPost
Microsoft Sees Rampant Log4j Exploit Attempts, Testing
Microsoft says it's only going to get worse: It's seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.
Bleeping Computer
AvosLocker ransomware reboots in Safe Mode to bypass security tools
Recent AvosLocker ransomware attacks are characterized by a focus on disabling endpoint security solutions that stand in the way of threat actors.
ThreatPost
Conti Ransomware Gang Has Full Log4Shell Attack Chain
Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain.
Bleeping Computer
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library.
ZDNet
CISA: Federal agencies must immediately mitigate Log4J vulnerabilities | ZDNet
CISA had previously given civilian federal agencies until December 24 to apply any patches.
ThreatPost
‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems
It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks.
ThreatPost
Relentless Log4j Attacks Include State Actors, Possible Worm
More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell.
Computerworld
Ransomware is a threat, even for the smallest of businesses
The holiday season is upon us—and so are the ransomware thieves.