14 matches found
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
In yet another sign of a lucrative crimeware-as-a-service CaaS ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions. "The Meduza Stealer has a...
New Venus Ransomware Targets Healthcare industry
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Venus ransomware, also called Goodgame, has been a source of concern since August 2022. Venus ransomware is an example of the legacy ransomware model: a standalone package sold on underground markets...
Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services
Cybersecurity researchers have exposed new connections between a widely used pay-per-install PPI malware service known as PrivateLoader and another PPI platform offered by a cybercriminal actor dubbed ruzki. "The threat actor ruzki aka les0k, zhigalsz advertises their PPI service on underground...
BlackCat: A New Rust-based Ransomware Malware Spotted in the Wild
Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. "Victims can pay with Bitcoin or...
MacOS Being Picked Apart by $49 XLoader Data Stealer
There’s a new version of the old FormBook form-stealer and keylogger that’s added Mac users to its hit list, and it’s selling like hotcakes on underground markets for as low as $49. It’s not only cheap; it’s easy. The data stealer is distributed in the form of malware-as-a-service MaaS and stands...
Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data
Cybercriminals are vying for Remote Desktop Protocol RDP access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing. During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the...
‘Highly Competitive' Buer Loader Emerges in Underground Markets
A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...
Monero: Cybercrime's Top Choice for Mining Malware
An academic analysis of cryptomining malware has determined that the Monero virtual currency XMR is “by far” the most popular cryptocurrency to mine among cybercriminals. And, it would appear that cryptomining as a criminal enterprise is unlikely to wane anytime soon. After examining approximatel...
What the Marriott Breach Says About Security
We don't yet know the root causes that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause ...
Information security: How Hackers Leverage Stolen Data for Profit
Data theft is inarguably big business for hackers. This has been proven time and time again when big-name companies and their customers are involved in a data breach. As these instances appear to take place more often, and the number of stolen or compromised files continues to rise, it's worth...
Kronos Banking Trojan Surfaces After Years of Silence
The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying code and are actively targeting victims in Germany, Japan and Poland. The latest variant has incorporated a new command-and-control feature designed to work with the Tor...
Our Analysis of 1,019 Phishing Kits
In recent years phishing activity has grown rapidly, with thousands of phishing sites popping for a virtual moment that last weeks, days or even hours, before becoming ineffective—either getting blacklisted by security providers, or brought down by internet providers and authorities, or in most...
Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series
Despite the disruption of Axpergle Angler, which dominated the landscape in early 2016, exploit kits as a whole continued to be a threat to PCs running unpatched software. Some of the most prominent threats, from malvertising to ransomware, used exploit kits to infect millions of computers...
Pro PoS Malware Simple, But Less Sophisticated Than Initially Thought
A strain of point-of-sale malware that began making the rounds on underground markets late last month is easy to use, but less sophisticated than initial reports suggested. According to researchers at Talos, Cisco’s research division, Pro PoS is mostly built on Alina, another type of POS malware...