Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard formerly SEABORGIUM, also known as COLDRIVER and Callisto Group. Star Blizzard has improved their detection evasion capabilities since 2022 while...

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

The notorious cybercrime group known as FIN7 has been observed deploying Cl0p aka Clop ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria...

US Bans Trade With Pegasus Spyware Maker

NSO Group – the Israeli-based maker of the notorious, military-grade Pegasus spyware that’s been linked to cyberattacks against dissidents, activists and NGOs and murders of journalists at the hands of repressive regimes – has been blacklisted by the United States. NSO Group is one of four spywar...

SonicWall Zero-Day

Hackers are exploiting a zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: "Our team has observed signs of an attempted exploitation of a vulnerabilitythat affects the SonicWall SMA 100 series devices. We are working closely with SonicWall to investigate this in more depth." In...

Free Tools Boost 2020 Election Security, but Not Enough

More companies than ever are offering low-cost security services for election bureaus and campaigns. It’s still not clear how much they’ll actually help...

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover...

Bingo, Amigo! Jackpotting: ATM malware from Latin America to the World

Introduction Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind:...

ShadowBrokers Put Price on Monthly Zero Day Leaks

The threat posed by the first wave of ShadowBrokers leaks of Equation Group hacking tools was relatively benign. Some vendors had to scramble to patch zero days in older versions of products, but for the most part, the leaks and accompanying auction were more of a novelty. That obviously changed...

Shadow Brokers Launches 0-Day Exploit Subscriptions for $21,000 Per Month

As promised to release more zero-days exploits and hacking tools for various platforms starting from June 2017, the infamous hacking group Shadow Brokers is back with more information on how to subscribe and become a private member for receiving exclusive access to the future leaks. The Shadow...

Operation Blockbuster Ties Destructive Attacks to Lazarus Group

The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security companies called Operation...

Government Promises Comment Period on Next Wassenaar Draft

It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy...

Netgear Router Vulnerabilities Public Exploits

A vulnerability in Netgear routers, already disclosed by two sets of researchers at different security companies, has been publicly exploited. Netgear, meanwhile, has yet to release patched firmware, despite apparently having built one and confirmed with one of the companies that privately...

Coalition of Security Companies Forms to Oppose Wassenaar Rules

A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The...

Hacking Team Flash Zero Day Weaponized in Exploit Kits

Handlers for three major exploit kits have managed to utilize in short order a zero-day vulnerability in Adobe Flash Player uncovered among the 400 Gb of data stolen from Hacking Team. Experts, including French researcher Kafeine and a number of others from security companies, revealed last night...

Metasploit Registrar Duped by Social Engineering, Not Fax

The registrar for the Metasploit and Rapid7 websites, both of which were victims of a DNS hijacking attack on Friday, was not duped by a spoofed change request sent via fax as it originally reported. Instead, a Register.com employee likely fell victim to a social engineering scam that resulted in...

Phony Fax Leads to Metasploit, Rapid7 DNS Hijacking

A pro-Palestine hacker collective went old-school in its takedown of the Metasploit and Rapid7 websites today. Metasploit creator and HD Moore confirmed via Twitter that Metasploit.com was hacked via a spoofed DNS change request sent via fax to its registrar, Register.com. “Hacking like it’s 1964...

DDoS Attacks on Major US Banks Resurface

UPDATE — The group that claimed responsibility for large-scale distributed denial-of-service attacks against major U.S. banks in September and October has carried out another flurry of attacks that are still ongoing today. Izz ad-Din al-Qassam Cyber Fighters posted its latest threat on Pastebin,...

Malware in your Mouse can act as RAT for Cyber Criminals

Recently we reported about that Symantec provide overview and analysis of the year in global threat activity via its Internet Security Threat Report ISTR, with a exclusive details that 400 million new variants of malware were created in 2011, which is an average of 33 million new variants of...

DNSChanger FAQ: The Internet Is Not Broken

You know things have gone sideways when NPR and local TV news are talking about the “Internet doomsday” or “Black Monday”. We have DNSChanger to thank for this latest bout of Internet paranoia, and there’s a ton of misinformation and craziness circulating about the malware. We’re here to provide...

Coalition of Law Enforcement Hacked & Agents Information Leaked

Coalition of Law Enforcement Hacked & Agents Information Leaked The Official Website of Coalition of Law Enforcement and Retail Hacked by Exphin1ty, Claiming himself from Anonymous Team. The Database has been hacked using SQL Injection on the website. Passwords, Email ID's, Address & Phone Number...