Lapsus$ ‘Back from Vacation’
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers' DevOps platforms – to its hit list. [...]
Showing only posts tagged malware. Show all posts.
MSHTML Flaw Exploited to Attack Russian Dissidents
A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin. [...]
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing. [...]
Exchange Servers Speared in IcedID Phishing Campaign
The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques. [...]
Feds allege destructive Russian hackers targeted US oil refineries
Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive ) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders …
DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector
The supply-chain attack on the U.S. energy sector targeted thousands of computers at hundreds of organizations, including at least one nuclear power plant. [...]
UK Cops Collar 7 Suspected Lapsus$ Gang Members
London Police can't say if they nabbed the 17-year-old suspected mastermind & multimillionaire – but researchers say they’ve been tracking an Oxford teen since mid-2021. [...]
Microsoft Azure Developers Awash in PII-Stealing npm Packages
A large-scale, automated typosquatting attack saw 200+ malicious packages flood the npm code repository, targeting popular Azure scopes. [...]
Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection
Mustang Panda's already sophisticated cyberespionage campaign has matured even further with the introduction of a brand-new PlugX RAT variant. [...]
Microsoft Help Files Disguise Vidar Malware
Attackers are hiding interesting malware in a boring place, hoping victims won’t bother to look. [...]
Tax-Season Scammers Spoof Fintechs, Including Stash, Public
Threat actors are impersonating such wildly popular personal-finance apps (which are used more than social media or streaming services) to try to fool people into giving up their credentials. [...]
Tax-Season Scammers Spoof Fintechs Stash, Public
Threat actors are impersonating such wildly popular personal-finance apps (which are used more than social media or streaming services) to try to fool people into giving up their credentials. [...]
DeadBolt Ransomware Resurfaces to Hit QNAP Again
A new steady stream of attacks against network-attached storage devices from the Taiwan-based vendor is similar to a wave that occurred in January. [...]
Microsoft: Lapsus$ Used Employee Account to Steal Source Code
The data-extortion gang got at Microsoft's Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. [...]
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana. [...]
Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House
"Evolving intelligence" shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said -- but researchers warn that many orgs are not prepared. [...]
Serpent Backdoor Slithers into Orgs Using Chocolatey Installer
An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies. [...]
Browser-in-the-Browser Attack Makes Phishing Nearly Invisible
Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al. [...]
Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts. [...]
Conti Ransomware V. 3, Including Decryptor, Leaked
The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code. [...]
Developer Sabotages Open-Source Software Package
This is a big deal : A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source …
Bridgestone Hit as Ransomware Torches Toyota Supply Chain
A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit. [...]
Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said. [...]
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizations’ networks for further malicious activity. [...]
Dev Sabotages Popular NPM Package to Protest Russian Invasion
In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar module. [...]
« newer articles | page 8 | older articles »