Lucene search
K

29 matches found

The Hacker News
The Hacker News
added 2025/06/10 4:46 p.m.21 views

FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware

The financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services AWS infrastructure to deliver a malware family called Moreeggs. "By posing as job seekers and initiating conversations through platforms like LinkedIn and Indeed, the group...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/02 8:57 a.m.40 views

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future's Insikt Group said in a report shared...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/26 8:53 a.m.39 views

Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms

Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO "has emerged as a powerful weapon in the cybercriminal arsenal, enabling attackers to test millions of stolen...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/14 3:7 p.m.12 views

Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/03 7:15 a.m.16 views

LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit aka Bitwise Spider ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspecte...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/02 3:8 p.m.20 views

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called Moreeggs, indicating persistent efforts to single out the sector under the guise of fake job applications. "A sophisticated spear-phishing lure tricked a recruitment officer into downloading a...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 10:21 a.m.41 views

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...

7.2CVSS7.6AI score0.2677EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/15 10:45 a.m.28 views

RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks

A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response EDR software on compromised hosts, joining the likes of other similar programs like AuKill aka AvNeutralizer and Terminator. The EDR-killing utility h...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/20 4:1 p.m.49 views

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of providing a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/04 5:24 a.m.70 views

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware as a...

9.8CVSS8.1AI score0.99949EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/02/22 5:26 a.m.31 views

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders

The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed...

9.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/09 4:32 p.m.77 views

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the...

8.4CVSS7.9AI score0.78376EPSS
Exploits32
The Hacker News
The Hacker News
added 2023/07/18 10:19 a.m.45 views

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/23 10:40 a.m.24 views

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS, which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector for...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/01 2:55 p.m.75 views

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names J...

9.8CVSS7.2AI score0.99737EPSS
Exploits16
The Hacker News
The Hacker News
added 2023/05/15 10:9 a.m.51 views

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service RaaS operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in ...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2021/03/10 11:0 a.m.52 views

2021 Cybersecurity Outlook: Attackers vs. Defenders

COVID-19, One Year Later 2020 was undoubtedly a defining year for cybersecurity – a year that ended with the SolarWinds breach, which infiltrated US government agencies and organizations at a scale not seen in recent history. For cybersecurity professionals, the nature of this attack – a...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/09/16 4:0 p.m.28 views

Industry-wide partnership on threat-informed defense improves security for all

MITRE Engenuity’s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 which Microsoft tracks as TAAL, a collection of threat intelligence, MITRE ATT&CK data, supporting scripts, and utilities designed to enable red teams to emulate the...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/07/24 12:0 p.m.91 views

Join us at Black Hat 2017

Hide your phones, hide your laptops ‘cause they’re hackin’ everyone out here! For the 20th year, on July 26 and 27, thousands of cybersecurity executives, researchers and enthusiasts will descend upon Las Vegas for Black Hat 2017, including some of Trend Micro’s finest. Throughout the week, Trend...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2012/05/12 2:7 p.m.9 views

17 year old Teenager arrested over TeamPoison hacking attacks

17 year old Teenager arrested over TeamPoison hacking attacks A teenage boy has been arrested on suspicion of being a member of "TeamPoison", a computer hacking group that has claimed responsibility for 1,400 offences including an attack on the phone system of Scotland Yard's counter-terrorism un...

6.7AI score
Exploits0
Rows per page
Query Builder