LockBit ransomware advisory from CISA provides interesting insights
The US Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand (CERT NZ, NCSC-NZ) have all published a joint Cybersecurity Advisory about LockBit. To help organizations understand and defend against this global threat and its large number of […]
New Diicot Threat Group Targets SSH Servers with Brute-Force Malware
By Waqas Diicot, previously known as Mexals, is a relatively new threat group that possesses extensive technical knowledge and has a broad range of objectives. This is a post from HackRead.com Read the original post: New Diicot Threat Group Targets SSH Servers with Brute-Force Malware
Unreleased Music Stolen and Sold on Dark Web: Hacker Fined
By Habiba Rashid Failure to comply with the payment within the stipulated three months will result in an additional 18 months of imprisonment. This is a post from HackRead.com Read the original post: Unreleased Music Stolen and Sold on Dark Web: Hacker Fined
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. “Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire money with a totally clean on-chain original source,” blockchain […]
Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway
A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway (ESG) appliances since October 2022. “UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People’s Republic of China,” Google-owned Mandiant said in a new report published today, […]
Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities
The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. “Vidar threat actors continue to rotate their backend IP infrastructure, favoring providers in Moldova and Russia,” cybersecurity company Team Cymru said in a new analysis […]
New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT
The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and nature of these risks. The report titled “Revealing the True GenAI Data Exposure Risk” provides crucial insights […]
Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files
An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. “Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive commands to delete files,” ESET researcher Lukáš Štefanko said in a new report published today. […]
Microsoft sued for alleged misuse of stolen Dark Web credentials
By Waqas Hold Security LLC, a cybersecurity company, has sued Microsoft for misusing over 360 million compromised credentials collected from the Dark Web. This is a post from HackRead.com Read the original post: Microsoft sued for alleged misuse of stolen Dark Web credentials
New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in a new report shared with The Hacker News. “In some cases, the