Lucene search
K

24 matches found

The Hacker News
The Hacker News
added 2025/09/24 4:36 p.m.13 views

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking...

10CVSS9.3AI score0.99999EPSS
Exploits94
The Hacker News
The Hacker News
added 2025/09/10 7:53 a.m.7 views

China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

The House Select Committee on China has formally issued an advisory warning of an "ongoing" series of highly targeted cyber espionage campaigns linked to the People's Republic of China PRC amid contentious U.S.–China trade talks. "These campaigns seek to compromise organizations and individuals...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/27 7:11 a.m.15 views

Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth's Stealth Phishing Campaign

The U.S. Federal Bureau of Investigation FBI has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two years. The campaign leverages "information technology IT themed social engineering calls, and callback phishing...

7.5AI score
Exploits0
HackRead
HackRead
added 2025/05/25 8:18 p.m.10 views

FBI Warns of Silent Ransom Group Targeting Law Firms via Scam Calls

FBI warns law firms: Silent Ransom Group uses phishing emails and fake IT calls to steal data, demanding ransom to prevent public leaks. The agency is also urges victims to share ransom evidence...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/01 2:2 p.m.4 views

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates aka SocGholish malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of seconda...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/01 2:2 p.m.41 views

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates aka SocGholish malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of seconda...

0.5AI score
Exploits0
Securelist
Securelist
added 2022/12/08 10:0 a.m.33 views

DeathStalker targets legal entities with new Janicab variant

Just to clarify, the above subheading isnt a normal quote, but a message that Janicab malware attempted to decode in its newest use of YouTube dead-drop resolvers DDRs. While hunting for less common Deathstalker intrusions that use the Janicab malware family, we identified a new Janicab variant...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/27 2:0 p.m.67 views

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

7.2CVSS8.8AI score0.52005EPSS
Exploits0
ThreatPost
ThreatPost
added 2022/01/13 3:4 p.m.35 views

New GootLoader Campaign Targets Accounting, Law Firms

Once prolific spreaders of REvil ransomware, the GootLoader malware gang has pivoted to actively targeting employees of law and accounting firms with malicious downloads. The Threat Response Unit from eSentire issued an alert about having over the past three weeks observed GootLoader attacks on...

6.9AI score
Exploits0References6
The Hacker News
The Hacker News
added 2022/01/13 2:23 p.m.19 views

GootLoader Hackers Targeting Employees of Law and Accounting Firms

Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/12 9:5 p.m.65 views

REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group is on a cyberattack tear, claiming over the past two weeks to have infected nine organizations across Africa, Europe, Mexico and the U.S. The organizations include two law firms, an insurance company, an architectural firm, a construction company and an...

0.1AI score
Exploits0References12
Carbon Black Blog
Carbon Black Blog
added 2018/01/09 1:28 p.m.47 views

January 9, 2017 – Morning Cyber Coffee Headlines – “NCAA Football National Championship” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! January 9, 2018 - Headlines Carbon Black in the News: Ransomware is now estimat...

6.6AI score
Exploits0
FireEye
FireEye
added 2017/06/06 6:30 p.m.237 views

Privileges and Credentials: Phished at the Request of Counsel

Summary In May and June 2017, FireEye observed a phishing campaign targeting at least seven global law and investment firms. We have associated this campaign with APT19, a group that we assess is composed of freelancers, with some degree of sponsorship by the Chinese government. APT19 used three...

9.3CVSS6.8AI score0.99933EPSS
Exploits29
FireEye
FireEye
added 2017/06/06 6:30 p.m.1248 views

Privileges and Credentials: Phished at the Request of Counsel

Summary In May and June 2017, FireEye observed a phishing campaign targeting at least seven global law and investment firms. We have associated this campaign with APT19, a group that we assess is composed of freelancers, with some degree of sponsorship by the Chinese government. APT19 used three...

9.3CVSS6.8AI score0.99933EPSS
Exploits29
The Hacker News
The Hacker News
added 2017/05/11 7:29 a.m.13 views

Three Chinese Hackers Fined $9 Million for Stealing Trade Secrets

Hackers won't be spared. Three Chinese hackers have been ordered to pay $8.8 million £6.8 million after hacking email servers of two major New York-based law firms to steal corporate merger plans in December 2016 and used them to trade stocks. The U.S. District Judge Valerie Caproni in Manhattan...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/03/30 5:48 p.m.14 views

Big-Name Law Firms Fall Victim To Hackers

Wall Street-savvy hackers are behind a data breach that involves a who’s-who of New York City legal firms. Federal investigators are looking into the breach that included Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP, both high-profile New York-based law firms. Cravath Swaine & Moore...

0.8AI score
Exploits0References1
The Coalfire Blog
The Coalfire Blog
added 2014/12/11 12:14 p.m.14 views

Law Firm - Forensics Services

As cyber threats and attacks have increased year over year, Coalfire has seen a drastic increased need for support to law firms in cybersecurity cases. Attacks and threats vary so often, many law firms lack the skills required to properly evaluate cyber-attacks involving their clients. As such la...

2.8AI score
Exploits0
myhack58
myhack58
added 2012/08/12 12:0 a.m.55 views

WespaJuris <= 3.0 a plurality of defect and repair-vulnerability warning-the black bar safety net

? php / Title spaJuris = 3.0 auto exploit Author: WhiteCollarGroup Website: http://www.wespadigital.com.br/ Download address http://www.wespadigital.com.br/download/wespajurisv302012.rar Affected version: 3.0 Tested platforms: Apache Server WespaJuris is a software for law firms. Use this exploit...

Exploits0
0day.today
0day.today
added 2012/08/08 12:0 a.m.28 views

WespaJuris <= 3.0 upload shell Vulnerability

Exploit for php platform in category web applications Then, go to http://localhost/juris/clientdir/30/d...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/08/08 12:0 a.m.26 views

WespaJuris 3.0 - Multiple Vulnerabilities

Then, go to http://localhost/juris/clientdir/30/dl/webshell.php and see your webshell. :: How this exploit works? Manually work. Login bypass On login form, enter "SQLi strings":...

7AI score
Exploits0
Rows per page
Query Builder