DarkReading
Hackers Posing as Law Firms Phish Global Orgs
Companies trust lawyers with the most sensitive information they've got. Attackers are aiming to exploit that bond to deliver malware.
DarkReading
Companies trust lawyers with the most sensitive information they've got. Attackers are aiming to exploit that bond to deliver malware.
Security Affairs
A new malware campaign is targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader.
Cyber Security News
Steganography is employed by threat actors to hide malicious payloads in benign files such as pictures or documents.
Cyber Security News
Hackers poison the SEO results to manipulate search engine rankings by misdirecting users to malicious sites.
Bleeping Computer
A hacking group tracked as 'UAC-0184' was observed utilizing steganographic image files to deliver the Remcos remote access trojan (RAT) onto the systems of a Ukrainian entity operating in Finland.
The Hacker News
Ukrainian entities in Finland targeted in a malicious campaign distributing Remcos RAT using IDAT Loader.
The DFIR Report
Key Takeaways More information about Gootloader can be found in the following reports: The DFIR Report, GootloaderSites, Mandiant, Red Canary, & Kroll. An audio version of this report can be … Read More
The Hacker News
HijackLoader, a loader malware, has undergone updates to its defense evasion techniques, making it stealthier and more complex.
SC Magazine
Security pros say it almost looks like the malware developers have an EDR product manager on staff.
The Hacker News
Cybersecurity experts reveal the inner workings of SystemBC's command-and-control (C2) server, a dangerous malware available on the dark web.
Cyber Security News
Top 10 Notorious Ransomware Gangs of 2023. LockBit. Alphv/Black. Cat. Clop. Royal. Black Byte. Black Basta. Ragnar Locker. Vice Society.
The Hacker News
A new malware loader called JinxLoader is being used by threat actors to deliver payloads such as Formbook and XLoader.
The Hacker News
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
The Hacker News
Play ransomware, impacting 300 entities worldwide, employs a double-extortion model by exfiltrating data before encryption.
Cyber Security News
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
The Hacker News
HijackLoader, a new stealthy malware loader, is making waves in the cybercriminal world. Learn how it delivers dangerous payloads and evades security
Cyber Security News
A new variant of SystemBC malware was found to be deployed to a critical infrastructure target. There have been several Ransomware attacks during the second quarter of 2023.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Police dismantled bulletproof hosting service provider Lolek Hosted Python URL parsing function flaw can enable command execution […]
Security Affairs
Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers from Kaspersky’s Global Research and Analysis Team (GReAT) reported that an unknown threat actor used a new variant of the SystemBC proxy malware, named DroxiDat, in an attack against a power generation company in southern Africa. SystemBC was […]
Infosecurity News
Kaspersky said the attackers deployed the payload to collect valuable system information
The Hacker News
Russian threat actors suspected in cyber attack on South African power company using a new variant of the SystemBC malware called DroxiDat
The Record
Researchers have uncovered a suspected cyberattack targeting a power generator in southern Africa with a new variant of the SystemBC malware.
The Hacker News
New report uncovers connections between Rhysida and Vice Society ransomware groups. Provides details on targeting, tools, and victim profiles.
Bleeping Computer
A 8Base ransomware gang is targeting organizations worldwide in double-extortion attacks, with a steady stream of new victims since the beginning of June.
Bleeping Computer
Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices.
The Hacker News
A new report has revealed the advanced techniques used by threat actors to deliver the Aurora information stealer malware through the in2al5d p3in4er
CSO
The new malware loader can give attackers remote access and the ability to deliver other payloads.
The Hacker News
Gootkit malware is now targeting healthcare and financial organizations in the US, UK and Australia by using a new method of deployment.
Security Affairs
Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble researchers uncovered a SmokeLoader campaign that is distributing community malware, such as SystemBC and Raccoon Stealer 2.0, along with a new clipper malware tracked as Laplas. The experts detected more than 180 different samples of the clipper […]
The Hacker News
A new clipper malware strain known as Laplas is targeting cryptocurrency users via another malware called SmokeLoader.
The Hacker News
A new analysis of the hacking tools employed by the Black Basta ransomware operation has revealed its links to FIN7 (aka Carbanak) hacker group.
Trend Micro
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
SecurityWeek
The FBI, CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are raising alarm on a ransomware gang’s increased targeting of the education sector.
Trend Micro
Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, may be a Hive affiliate.
Infosecurity News
The association between the three apparently unrelated campaigns was made by Cisco Talos
Security Affairs
Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners Cisco Talos researchers observed three separate, but related, campaigns between March and June 2022 that were delivering multiple malware, including the ModernLoader bot (aka Avatar bot), RedLine info-stealer and cryptocurrency miners to victims. ModernLoader is a .NET remote access trojan that […]
The Hacker News
Researchers uncover three related but distinct campaigns that spread malware such as ModernLoader, RedLine stealer, and cryptocurrency miners.
The Hacker News
Researchers reveal the inner workings of a cybercriminal group known as the Wizard Spider.
ZDNet
Researchers believe the group has millions of dollars in assets.
DarkReading
Mandiant data also shows a dramatic drop in attacker dwell time on victim networks in the Asia-Pacific region — to 21 days in 2021 from 76 days in 2020.
Bleeping Computer
The Emotet malware botnet is taking advantage of the 2022 U.S. tax season by sending out malicious emails pretending to be the Internal Revenue Service sending tax forms or federal returns.
Bleeping Computer
A ransomware targeting an Israeli company has led researchers to track a portion of a ransom payment to a website promoting sensual massages.
Bleeping Computer
While ransomware attacks continued throughout the week, for the most part, it has been quieter than usual, with only a few new variants released.
Bleeping Computer
The Cuba Ransomware gang has teamed up with the spam operators of the Hancitor malware to gain easier access to compromised corporate networks.