Stopping C2 communications in human-operated ransomware through network protection

Command-and-control C2 servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks ...

World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack

By Deeba Ahmed According to a statement from the Germany-based Aurubis, the attack was detected on the night of October 28th. This is a post from HackRead.com Read the original post: Worlds Leading Copper Producer Aurubis Suffers Crippling Cyberattack...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Securing IoT devices against attacks that target critical infrastructure

South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...

Binance-Linked Network Hacked, Over $570 Million in Losses Recorded

By Deeba Ahmed A Binance-linked blockchain is the latest victim of a cyberattack. Reportedly the world’s largest crypto exchange, Binance, has… This is a post from HackRead.com Read the original post: Binance-Linked Network Hacked, Over $570 Million in Losses Recorded...

Local government cybersecurity: 5 best practices

It seems like not a day goes by where we dont hear about a local government cyberattack. Indeed, from 911 call centers to public schools, cyberattacks on local governments are as common as they are devastating. Just how often do threat actors attack local governments? A survey of 14 mainly larger...

Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence

Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence By John Fokker · September 29, 2022 We’ve recently seen reports that the REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group and...

Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

The Australian Federal Police AFP on Monday disclosed it's working to gather "crucial evidence" and that it's collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. "Operation Hurricane has been launched to identify the criminals behind the alleged...

External attack surface and ongoing cybercriminal activity in APAC region

To prevent a cyberattack, it is vital to know what the attack surface for your organization is. To be prepared to repel the attacks of cybercriminals, businesses around the world collect threat intelligence themselves or subscribe for threat intelligence services. Continuous threat research enabl...

A week in security (September 12 – 18)

Last week on Malwarebytes Labs: The North Face hit by credential stuffing attack Facebook engineers aren't sure where all user data is kept 6 patch management best practices for businesses The MSP playbook on deciphering tech promises and shaping security culture Apple puts the password on life...

LastPass Says No User Data Compromised in Cyberattack

By Waqas According to LastPass, threat actor did access its Developer environment but could not compromise sensitive data because of its effective system design and controls. This is a post from HackRead.com Read the original post: LastPass Says No User Data Compromised in Cyberattack...

Cyber threat hunting for SMBs: How MDR can help

When you hear the words "cyber threat hunting", you just may picture an elite team of security professionals scouring your systems for malware. Sounds like something only huge businesses or nation states would need to do, right? Not quite. Threat hunting is just as essential for...

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers PLCs used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was...

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security MOIS and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor...

Sensitive NATO Data Stolen in Cyberattack on Portugal’s Armed Forces

By Deeba Ahmed According to local media, this is an "extremely serious" leak because EMGFA, Portugal's armed forces' central unit, stores secret NATO information. This is a post from HackRead.com Read the original post: Sensitive NATO Data Stolen in Cyberattack on Portugals Armed Forces...

Microsoft investigates Iranian attacks against the Albanian government

Shortly after the destructive cyberattacks against the Albanian government in mid-July, the Microsoft Detection and Response Team DART was engaged by the Albanian government to lead an investigation into the attacks. At the time of the attacks and our engagement by the Albanian government,...

InterContinental Hotels' booking systems disrupted by cyberattack

In a statement filed at the London Stock Exchange, InterContinental Hotels Group PLC reports that parts of the company's technology systems have been subject to unauthorized activity. The activity significantly disrupted IHG's booking channels and other applications. The InterContinental Hotels...

Sextortionists used mobile malware to steal nude videos, contact lists from victims

In an international police operation supported by Interpol, law enforcement agencies have uncovered and dismantled an international sextortion ring that managed to extract at least US$ 47,000 from victims. Sextortion is a form of cybercrime in which the victim is blackmailed by threatening to mak...

Montenegro Is the Victim of a Cyberattack

Details are few, but Montenegro has suffered a cyberattack: A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country’s electrical utility to switch to manual control. … But the attack against Montenegro’s...

Exploits and TrickBot disrupt manufacturing operations

September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021...