Lucene search
K

14 matches found

hivepro
hivepro
added 2023/07/20 7:31 a.m.20 views

FIN8 Strikes with Noberus Ransomware via Altered Sardonic Backdoor

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The financially motivated threat actor FIN8 has been detected employing a revised variant of the backdoor known as Sardonic to deliver the Noberus ransomware. To receive real-time threat advisories, plea...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/18 10:19 a.m.45 views

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.8 views

PT-2023-3575

Name of the Vulnerable Software and Affected Versions Citrix NetScaler ADC affected versions not specified Citrix NetScaler Gateway affected versions not specified Description An issue in Citrix NetScaler ADC and NetScaler Gateway involves incorrect code generation management, leading to...

9.8CVSS9.7AI score0.99445EPSS
Exploits16References366
hivepro
hivepro
added 2022/01/20 10:41 a.m.13 views

FIN8 Hacker group using new ‘White Rabbit’ Ransomware against U.S. Banks

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. White Rabbit is a ransomware family that has only recently been discovered. It could be a subsidiary project of the FIN8 hacking gang. A ransomware expert seeking for a sample of the malware made the first public disclosure...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/01/19 12:29 p.m.26 views

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

The financially motivated FIN8 actor, in all likelihood, has resurfaced with a never-before-seen ransomware strain called "White Rabbit" that was recently deployed against a local bank in the U.S. in December 2021. That's according to new findings published by Trend Micro, calling out the malware...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/18 5:23 p.m.25 views

New ‘White Rabbit’ Ransomware May Be New FIN8 Tool

A new ransomware family, White Rabbit, chewed through a local U.S. bank last month — and it may be connected to the financially motivated advanced persistent threat APT group known as FIN8, researchers said. In a Tuesday report, Trend Micro researchers said that this twicky wabbit knows how to...

7.8AI score
Exploits0References28
ThreatPost
ThreatPost
added 2021/08/27 5:32 p.m.63 views

FIN8 Targets US Bank With New ‘Sardonic’ Backdoor

The financially motivated FIN8 cybergang used a brand-new backdoor – dubbed Sardonic by the Bitdender researchers who first spotted it – in attempted but unsuccessful breaches of networks belonging to two unidentified U.S. financial organizations. It’s a nimble newcomer, researchers wrote: “The...

8.5AI score
Exploits0References18
HackRead
HackRead
added 2021/08/27 2:22 p.m.25 views

FIN8 Resurfaces with New Sardonic Backdoor

By Deeba Ahmed In its latest attack, FIN8 is infiltrating companies to carry out surveillance and obtain privilege escalation to deploy a payload of malware called Sardonic. This is a post from HackRead.com Read the original post: FIN8 Resurfaces with New Sardonic Backdoor...

2.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/25 1:0 p.m.19 views

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and st...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/15 6:3 p.m.138 views

The Malwarebytes 2021 State of Malware report: Lock and Code S02E04

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the global pandemic. If you just pay...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/11 4:5 p.m.63 views

FIN8 Resurfaces with Revamped Backdoor Malware

The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...

0.3AI score
Exploits0References8
The Hacker News
The Hacker News
added 2021/03/10 9:24 a.m.68 views

FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware

Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies. One such group is FIN8, a financially motivated threat...

8AI score
Exploits0
ThreatPost
ThreatPost
added 2019/12/13 2:51 p.m.67 views

FIN8 Targets Card Data at Fuel Pumps

The notorious FIN8 cybercrime group has a new target when it comes to skimming payment-card details from consumers: Point-of-sale PoS systems used at fuel pumps at gas stations. Visa warned this week in a public alert posted online that its Payment Fraud Disruption PFD department has seen at leas...

0.1AI score
Exploits0References9
FireEye
FireEye
added 2017/06/30 7:0 p.m.24 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

7.2AI score
Exploits0
Rows per page
Query Builder