Clik here to view.
DarkCasino joins the list of APT groups exploiting WinRAR zero-day
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting...
View ArticleClik here to view.
Rhysida ransomware gang is auctioning data stolen from the British Library
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the...
View ArticleClik here to view.
Experts warn of a surge in NetSupport RAT attacks against education and...
Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The Carbon Black Managed Detection & Response team is warning of a surge in the...
View ArticleClik here to view.
New InfectedSlurs Mirai-based botnet exploits two zero-days
Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named...
View ArticleNorth Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink...
North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack. Microsoft Threat Intelligence researchers uncovered a supply chain...
View ArticleClik here to view.
ClearFake campaign spreads macOS AMOS information stealer
Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being...
View ArticleClik here to view.
North Korea-linked Konni APT uses Russian-language weaponized documents
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized...
View ArticleHamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker backdoor against Israeli entities. Check Point researchers observed a Hamas-linked APT group is using the SysJoker...
View ArticleClik here to view.
Daixin Team group claimed the hack of North Texas Municipal Water District
The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional water...
View ArticleClik here to view.
International police operation dismantled a prominent Ukraine-based...
An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the...
View ArticleClik here to view.
Rhysida ransomware group hacked King Edward VII’s Hospital in London
The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. King Edward VII’s Hospital is a private hospital located on Beaumont Street in the Marylebone district of...
View ArticleClik here to view.
Black Basta Ransomware gang accumulated at least $107 million in Bitcoin...
The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like...
View ArticleClik here to view.
Expert warns of Turtle macOS ransomware
The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed...
View ArticleClik here to view.
New Agent Raccoon malware targets the Middle East, Africa and the US
Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is...
View ArticleLockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global...
The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasury...
View ArticleMalvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware
Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to...
View ArticleClik here to view.
New P2PInfect bot targets routers and IoT devices
Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that...
View ArticleNew Krasue Linux RAT targets telecom companies in Thailand
A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called...
View ArticleClik here to view.
China-linked APT Volt Typhoon linked to KV-Botnet
Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small...
View ArticleClik here to view.
French authorities arrested a Russian national for his role in the Hive...
French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian...
View Article