12 matches found
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations. RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain...
New Nitrogen Ransomware Targets Financial Firms in the US, UK and Canada
Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…...
Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast
You know that hazy window that’s been obscuring the cyber threat landscape, leaving the feds squinting to try to see what’s really going on? The government has recently pulled out some squeegees. Case in point: the government spending deal that President Biden signed into law on Friday. The bill...
Congress Mulls Banning Big Ransomware Payouts
A U.S. lawmaker has introduced a bill – the Ransomware and Financial Stability Act H.R.5936 PDF – that would make it illegal for financial firms to pay ransoms over $100,000 without first getting the government’s permission. The legislation was introduced on Wednesday by the top Republican on the...
Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack
A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American...
Hacked Security Software Used in Novel South Korean Supply-Chain Attack
The Lazarus cybercriminal group is using a novel supply-chain attack against visitors to websites operated by the South Korean government and financial firms, in order to deliver dropper malware that eventually plants a remote access trojan on victim’s PCs. The attacks use stolen digital...
Evilnum hackers targeting financial firms with a new Python-based RAT
An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan RAT that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereas...
Small Tax-Preparation Firms at Higher Risk this Tax Season, Report
This tax season crooks are targeting users with a new crop of scams that include leveraging remote desktop software and compromising small tax-prep company websites. “If you have the word ‘tax’ in your domain name; you’re a target this year,” warns Sherrod DeGrippo, senior director of threat...
Metamorfo Returns with Keylogger Trick to Target Financial Firms
Researchers have discovered a recent spate of phishing emails spreading a new variant of Metamorfo, a financial malware known for targeting Brazilian companies. Now, however, it’s expanding its geographic range and adding a new technique. Metamorfo was first discovered in April 2018, in various...
Hackers abusing Google App Engine to spread PDF malware
By Waqas The Cobalt Strike advanced persistent threat APT group is using Google App Engine to spread PDF malware against financial firms. The IT security researchers at Netskope have discovered a sophisticated malware campaign in which cybercriminals are abusing Google App Engine GCP, a web...
Chinese Hackers Compromised Forbes.com Using IE, Flash Zero Days
A Chinese APT group was able to chain together two zero day vulnerabilities, one against Adobe’s Flash Player and one against Microsoft’s Internet Explorer 9, to compromise a popular news site late last year. The group’s aim was to gain access to computers at several U.S. defense and financial...
Using Live Data In Development Is Risky
Those charged with the care and feeding of database information stores, beware: A new statistic tucked into a comprehensive study of financial services firms’ data protection policies shows that even at the most security-aware organizations, application developers still use live data in their...