Showing only posts by Ionut Ilascu. Show all posts.

May 09 2022 Hackers exploiting critical F5 BIG-IP bug, public exploits released

Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads. [...]

May 09 2022 Hackers are now hiding malware in Windows Event Logs

Source

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. [...]

May 07 2022 Fake crypto giveaways steal millions using Elon Musk Ark Invest video

Source

Fake cryptocurrency giveaways are stealing millions of dollars simply by replaying old Elon Musk and Jack Dorsey Ark Invest videos on YouTube. [...]

May 04 2022 Attackers hijack UK NHS email accounts to steal Microsoft logins

Source

For about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. [...]

May 03 2022 Conti, REvil, LockBit ransomware bugs exploited to block encryption

Source

Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today. [...]

Apr 28 2022 New Bumblebee malware replaces Conti's BazarLoader in cyberattacks

Source

A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. [...]

Apr 28 2022 New Bumblebee malware takes over BazarLoader's ransomware delivery

Source

A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. [...]

Apr 27 2022 New Nimbuspwn Linux vulnerability gives hackers root privileges

Source

A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware. [...]

Apr 26 2022 Emotet malware now installs via PowerShell in Windows shortcut files

Source

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. [...]

Apr 20 2022 REvil's TOR sites come alive to redirect to new ransomware operation

Source

REvil ransomware's servers in the TOR network are back up after months of inactivity and redirect to a new operation that appears to have started since at least mid-December last year. [...]

Apr 19 2022 Lenovo UEFI firmware driver bugs affect over 100 laptop models

Source

Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [...]

Apr 19 2022 Lenovo UEFI firmware driver bugs affect over 100 notebook models

Source

Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [...]

Apr 15 2022 Karakurt revealed as data extortion arm of Conti cybercrime syndicate

Source

After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortion group, showing that the two gangs are part of the same operation. [...]

Apr 14 2022 OldGremlin ransomware deploys new malware on Russian mining org

Source

OldGremlin, a little-known threat actor that uses its particularly advanced skills to run carefully prepared, sporadic campaigns, has made a comeback last month after a gap of more than one year. [...]

Apr 12 2022 RaidForums hacking forum seized by police, owner arrested

Source

The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries. [...]

Apr 11 2022 Android banking malware intercepts calls to customer support

Source

A banking trojan for Android that researchers call Fakecalls comes with a powerful capability that enables it to take over calls to a bank's customer support number and connect the victim directly with the cybercriminals operating the malware. [...]

Apr 05 2022 Chinese hackers abuse VLC Media Player to launch malware loader

Source

Security researchers have uncovered a long-running malicious campaign from hackers associated with the Chinese government who are using VLC Media Player to launch a custom malware loader. [...]

Mar 31 2022 Zyxel patches critical bug affecting firewall and VPN devices

Source

Network equipment company Zyxel has updated the firmware of several of its business-grade firewall and VPN products to address a critical-severity vulnerability that could give attackers administrator-level access to affected devices. [...]

Mar 31 2022 DPRK hackers go after crypto assets using trojanized DeFi Wallet app

Source

Hackers associated with the North Korean government have been distributing a trojanized version of the DeFi Wallet for storing cryptocurrency assets to gain access to the systems of cryptocurrency users and investors. [...]

Mar 30 2022 Globant confirms hack after Lapsus$ leaks 70GB of stolen data

Source

IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors. [...]

Mar 29 2022 Verblecon malware loader used in stealthy crypto mining attacks

Source

Security researchers are warning of a relatively new malware loader, that they track as Verblecon, which is sufficiently complex and powerful for rannsomware and erespionage attacks, although it is currently used for low-reward attacks. [...]

Mar 24 2022 Lapsus$ suspects arrested for Microsoft, Nvidia, Okta hacks

Source

As Lapsus$ data extortion gang announced that several of its members are taking a vacation, the City of London Police say they have arrested seven individuals connected to the gang. [...]

Mar 24 2022 North Korean hackers exploit Chrome zero-day weeks before patch

Source

North Korean state hackers have exploited a zero-day, remote code execution vulnerability in Google Chrome web browser for more than a month before a patch became available, in attacks targeting news media, IT companies, cryptocurrency and fintech organizations. [...]

Mar 22 2022 Okta confirms 2.5% customers impacted by hack in January

Source

Okta, a major provider of access management systems, says that 2.5%, or approximately 375 customers, were impacted by a cyberattack claimed by the Lapsus$ data extortion group. [...]

Mar 22 2022 Okta confirms support engineer's laptop was hacked in January

Source

Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group. [...]

« newer articles | page 8 | older articles »