Updated Joker Malware Floods into Android Apps
The Joker premium billing-fraud malware is back on Google Play in a fresh onslaught, with an updated bag of tricks to evade scanners. [...]
Showing only posts tagged malware. Show all posts.
Ransomware Giant REvil’s Sites Disappear
Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark. [...]
Guess Fashion Brand Deals With Data Loss After Ransomware Attack
An attack on Guess compromised the personal and banking data of 1,300 victims. [...]
New CISA Director Confirmed, White House Gains Cyber-Director
Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on. [...]
BIOPASS RAT Uses Live Streaming Steal Victims’ Data
The malware has targeted Chinese gambling sites with fake app installers. [...]
Lazarus Targets Job-Seeking Engineers with Malicious Documents
Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. [...]
Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign
A global effort to steal information from energy companies is using sophisticated social engineering to deliver Agent Tesla and other RATs. [...]
Details of the REvil Ransomware Attack
ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. According to Cybereason, the REvil affiliates first gained access to targeted environments and then used the zero-day in the Kaseya Agent Monitor …
MacOS Targeted in WildPressure APT Malware Campaign
Threat actors enlist compromised WordPress websites in campaign targeting macOS users. [...]
Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing
The unnamed suspect allegedly helped to develop carding and phishing kits with the aim of stealing customers' bank-card data. [...]
Fake Kaseya VSA Security Update Drops Cobalt Strike
Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft update along with a SecurityUpdates.exe. [...]
Up to 1,500 businesses infected in one of the worst ransomware attacks ever
Enlarge (credit: Suebsiri Srithanyarat / EyeEm / Getty Images ) As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya’s customers …
Android Apps in Google Play Harvest Facebook Credentials
The apps all used an unusual tactic of loading a legitimate Facebook page as part of the data theft. [...]
Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted
REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116. [...]
Kaseya Attack Fallout: CISA, FBI Offer Guidance
Following a brazen ransomware attack by the REvil cybergang, CISA and FBI offer guidance to victims. [...]
Ransomware Defense: Top 5 Things to Do Right Now
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware. [...]
Apps with 5.8 million Google Play downloads stole users’ Facebook passwords
Enlarge (credit: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images) Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company's Play marketplace after researchers said these apps used a sneaky way to steal users' Facebook login credentials. In a bid …
TrickBot Spruces Up Its Banking Trojan Module
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game. [...]
Widespread Brute-Force Attacks Tied to Russia’s APT28
The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military. [...]
Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks
Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry. [...]
More Russian Hacking
Two reports this week. The first is from Microsoft, which wrote : As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers …
Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices
Criminals behind the potent REvil ransomware have ported the malware to Linux for targeted attacks. [...]
Defeating Ransomware-as-a-Service? Think Intel-Sharing
Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, explains the rise of RaaS and the critical role of threat intel in effectively defending against it. [...]
Babuk Ransomware Builder Mysteriously Appears in VirusTotal
The gang's source code is now available to rivals and security researchers alike - and a decryptor likely is not far behind. [...]
Dropbox Used to Mask Malware Movement in Cyberespionage Campaign
The IndigoZebra APT is targeting the Afghan government using Dropbox as an API that leaves no traces of communications with weirdo websites. [...]
« newer articles | page 25 | older articles »