15 matches found
Imperva uncovers new Indicators of Compromise for FBI and CISA-flagged AndroxGh0st botnet
On January 16, a joint alert from FBI and CISA warned about a concerning development: the emergence of a botnet driven by AndroxGh0st malware targeting vulnerable applications and web servers. AndroxGh0st is a Python-based malware, first seen in late 2022, designed to target Laravel .env files an...
BlackCat Ransomware Raises Ante After FBI Disruption
The U.S. Federal Bureau of Investigation FBI disclosed today that it infiltrated the worlds second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gangs darknet website, and released a decryption tool that hundreds of victim...
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financiall...
Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users
Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds. "These malicious apps were able to steal victims' secret seed phrases by...
Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
Microsoft on Tuesday confirmed that the LAPSUS$ extortion-focused hacking crew had gained "limited access" to its systems, as authentication services provider Okta revealed that nearly 2.5% of its customers have been potentially impacted in the wake of the breach. "No customer code or data was...
TA505 Crooks are Now Targeting US Retailers with Personalized Campaigns
Cybercriminals behind the notorious Dridex and Locky ransomware have a new target in their sights – large retail, restaurant and grocery chains located in the US. Researchers are warning the well-known financial criminal group TA505 is behind a new wave of email campaigns distributing personalize...
When three isn’t a crowd: Man-in-the-Middle (MitM) attacks explained
Gone are the days when eavesdropping is just the stuff of spies and the town gossip. In fact, it has evolved to become everyone’s favorite pastime. Thanks to the internet, it is exponentially easier now more than ever to idle by and catch juicy information than to press your ear against your...
Alleged Mastermind Behind Carbanak Crime Gang Arrested
The suspected mastermind behind the Carbanak criminal gang, which is notorious for stealing as much as $1 billion from more than 100 financial institutions in a string of attacks, has been apprehended, according to the Spanish National Police. According to the European Union Agency for Law...
Hackers Targeting Servers Running Database Services for Mining Cryptocurrency
Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore...
Yahoo Challenged on Claims Breach Was State-Sponsored Attack
As challenges mount against Yahoo’s attribution of a massive 2014 data breach to state-sponsored hackers, CISO Bob Lord yesterday confirmed that a cache of 200 million Yahoo accounts marketed this summer in an underground forum is unrelated to the breach. Speaking at the Structure Security...
Criminal Group Using Dynamic Gate System to Infect with Fiesta EK
A sophisticated criminal group operating for more than a year is utilizing a changing series of Internet protocol addresses, domains and gates in order to infect its victims with the Fiesta exploit kit. Fiesta is among the handful of exploit kits to have emerged in the wake of the once prominent...
Kelihos Returns: Same Botnet or New Version?
The twice-shut-down Kelihos botnet remains active and continues spamming with a new variant, despite yesterday’s efforts by Kaspersky Lab and CrowdStrike that knocked offline and sinkholed the most recent version of the botnet. According to a Seculert report, the indomitable botnet is using a...
В США задержаны 11 хакеров из России
Они входили в преступную группу, похитившую из американских банков 3 млн долларов Дмитрий ГОНЧАРУК, Никита КРАСНИКОВ — 05.10.2010 Еще шесть граждан России были задержаны в США по обвинению в причастности к команде мошенников, которая воровала деньги с банковских счетов. Гражданство других девяти...
Visa Says Criminal Group Planning Fraud
Visa is warning financial institutions that it has received reliable intelligence that an organized criminal group plans to attempt to move large amounts of fraudulent payments through a merchant account. Read the full article. KrebsonSecurity...
Online eBay Criminals Sentenced to Jail, Fined
Two Bulgarians have been sentenced for their roles in an online money-laundering scheme that collected about $1.2 million from U.S. residents and sent it to a criminal group in Eastern Europe, the U.S. Department of Justice said. Read the full article. Computerworld...