A Custom Malware Is Used by Nobelium APT to Backdoor Windows Domains
The nobelium hacking group is using a new malware to deploy additional payloads and steal sensitive info from the Active Directory Federation Services (AD FS) servers. cozy bear is a
The State of BEC in 2021 (and beyond)
ransomware has made major cybersecurity story headlines in the past 12 months. Therefore, a lot of focus and corporate resources are spent on mitigating the risk of ransomware. And rightly
Insider Threat. Definition, Types, Examples and Prevention Strategies
You might think that you’re taking all security measures to protect your company, but have you ever considered that the danger might come from within? Insider threat is a very
BloodyStealer Malware Wreaks Havoc on the Gaming Platforms
Malware attacks go on with one more hit. This time, targets are gaming platforms. This new malware is for sale on dark web forums now. Cybercriminals make use of the
Bandwidth.com Became the Victim of DDoS Attacks
Bandwidth.com is a VoIP services company that is providing voice telephony over the Internet to businesses and resellers. VoIP (Voice over Internet Protocol) is a technology that turns a human’s voice
Developer at the Ethereum Admits Guilt in Helping North Korea with Advice on How to Avoid U.S. Sanctions
In 2019, Virgil Griffith, a cryptocurrency expert from the United States, attended a blockchain convention in North Korea, where he gave guidance on how to dodge U.S. penalties and launder
Credential Spear-Phishing Uses Spoofed Zix Encrypted Email
The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.Read More: https://threatpost.com/credential-spear-phishing-uses-spoofed-zix-encrypted-email/175044/
Storybooks for children app FarFaria exposed data of 3M users
By Waqas According to FarFaria, its apps are “created for children ages 2-9” meaning that the incident exposed children to cybercriminals. This is a post from HackRead.com Read the original
What Is a Data Breach and How to Prevent It
A data breach occurs when an unauthorized individual gains access to confidential, sensitive, or protected information. Without permission, files from a data breach are viewed and/or shared. Phases of a
Why Healthcare Cybersecurity is Needed to Address Rising Modern Threats
The healthcare industry has undergone a major transformation – spurred and fast-tracked by COVID. Despite many industries adopting cloud computing and infrastructure providers, the healthcare industry has been a laggard,
Beware of the Recently Discovered BluStealer Malware!
Cybersecurity researchers found a brand-new high-profile malware tracked as BluStealer that can steal cryptocurrency and banking information, log keystrokes, and upload files. According to specialists, the malware is distributed by
Conti Makes a New Victim: GSS Ransomware Attack Affecting Major European Call Center Provider
A GSS ransomware attack affected the European call center provider as it made its IT systems freeze and database cripple. What Services Were Impacted? According to theRecord. publication, the impacted services
Malicious Actors Hijacked Bitcoin.org
Bitcoin.org was hijacked by hackers and got altered in order to push a scam. Bitcoin.org is an information portal for the top cryptocurrency, founded in August 2008 by Bitcoin’s pseudonymous founder Satoshi
Russia Formally Accused by European Union for the ‘GhostWriter’ Operation that Targets EU Representatives and Reporters
The European Union officials have formally associated Russia with a new hacking campaign tracked as Ghostwriter. The operation’s focus has been on high-profile EU representatives, journalists, and the general public.
SonicWall Critical Vulnerability Should Be Patched ASAP
A security notice related to a SonicWall critical vulnerability in SMA 100 series devices has been issued by the enterprise. The flaw we are talking about was classified in the
A New Flaw Was Discovered in the Microsoft Windows Platform Binary Table (WPBT)
The flaw discovered by the researchers at Eclypsium in the Microsoft Windows Platform Binary Table (WPBT) can be exploited in attacks meant to install rootkits on all Windows computers that
5 Steps to Securing Your Network Perimeter
Ekaterina Kilyusheva, head of the Information Security Analytics Research Group at Positive Technologies, offers a blueprint for locking up the fortress.Read More: https://threatpost.com/securing-network-perimeter/175043/
Urgent Chrome security update released to patch widely exploited 0-day
By Deeba Ahmed The vulnerability impacts 2 Billion Chrome users worldwide therefore Google is asking users to update their browsers right now. This is a post from HackRead.com Read the
Women, Minorities Are Hacked More Than Others
Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests.Read More: https://threatpost.com/women-minorities-hacked/175038/
Far-right host Epik confirms its data was breached by Anonymous
By Waqas The domain registrar Epik has confirmed that its systems were hacked by a group affiliated with the Anonymous hacktivist collective. This is a post from HackRead.com Read the
EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany
It’s not the first time that the disinformation/spearphishing campaign, which originally smeared NATO, has been linked to Russia. Read More: https://threatpost.com/eu-russia-ghostwriter-germany/175025/
3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale
Combined cache of data likely to fuel rash of account takeover, smishing attacks, experts warn. Read More: https://threatpost.com/clubhouse-facebook-data-sale/175023/
Is Australia a sitting duck for ransomware attacks? Yes, and the danger has been growing for 30 years
Padlokr – Paul Haskell-Dowland, Edith Cowan University and Andrew Woodward, Edith Cowan University Australian organisations are a soft target for ransomware attacks, say experts who yesterday issued a fresh warning
Holding the world to ransom: the top 5 most dangerous criminal organisations online right now
Padlokr – Roberto Musotto, Edith Cowan University; Brianna O’Shea, Edith Cowan University, and Paul Haskell-Dowland, Edith Cowan University On the internet, nobody knows you’re a dog! These words from Peter
With cyberattacks growing more frequent and disruptive, a unified approach is essential
Padlokr – Yasser Morgan, University of Regina Cyberwarfare consists of co-ordinated attacks of mass disruption (AMD). In the June summit between U.S. and Russian presidents Joe Biden and Vladimir Putin,
Inside a ransomware attack: how dark webs of cybercriminals collaborate to pull them off
Padlokr – David S. Wall, University of Leeds In their Carbis Bay communique, the G7 announced their intention to work together to tackle ransomware groups. Days later, US president Joe
The ‘privacy by design’ approach for mobile apps: why it’s not enough
Padlokr – Dusty-Lee Donnelly, University of KwaZulu-Natal The mobile apps installed on our smartphones are one of the biggest threats to our digital privacy. They are capable of collecting vast
What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets in
Padlokr – Bhanukiran Gurijala, West Virginia University End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients’ phones, which means anyone who intercepts
Cybercriminals use pandemic to attack schools and colleges
Padlokr – Vulnerable devices and systems are targets. EThamPhoto/Getty Images Nir Kshetri, University of North Carolina – Greensboro Cyberattacks have hit schools and colleges harder than any other industry during
Top 3 Ways to Find a Hidden File on a Mac
By Waqas Mac computers often have hidden files that you can’t see. Find out the practical ways to find and view the articles with ease in this article. This is
A Backdoor Was Added by the REvil Ransomware Developers in an Attempt to Cheat Affiliates
The REvil ransomware operators may have been hijacking ransom negotiations, and cutting their affiliates of payments. As explained by my colleague Elena, REvil is a highly evasive and upgraded RaaS
US, Canadian Android Mobile Users Targeted by TangleBot Malware
A new SMS smishing malware that targets Android mobile users in the U.S. and Canada has been discovered by cybersecurity researchers. The malicious campaign uses text message lures related to
Email Phishing and Malware | Bitdefender Earns Top Marks in VBSpam Test
Bitdefender has once again earned the top ranking for email phishing, malware and spam removal from the premiere online publication for anti-virus information and resources, Virus Bulletin. Virus Bulletin regularly
Water Basilisk Campaign Distributes RATs Through a New Crypter
Another malicious operation wreaks havoc in the world of malware and trojans. The so-called Water Basilisk campaign makes use of a new crypter with the goal of RATs distribution. Among
Top 7 Cybersecurity Trends for 2022
2020 and 2021 have been some truly revolutionary years and now that 2022 is only a few months away, you might wonder what’s going to happen next. In terms of
Malware Developers Are Working on Tricking Windows Validation
The researchers from Google were the ones that spotted the malware developers creating malformed code signatures. The signatures created are likely to be seen as valid in Windows in order
FamousSparrow Hacking Group Is Targeting Hotels, Companies, and Governments Everywhere
A new cyberespionage group targeting hotels, governments, and private businesses all over the world has been recently spotted by cybersecurity specialists at ESET. According to them, the cyberespionage gang, dubbed
The Zero-Day Apple Bug Patched Now by the Company
A zero-day Apple bug exploited by cybercriminals to hack iPhone and Mac with iOS and macOS old versions was patched by the company as it released security updates against it.
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Threat Post – Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Guardicore security researcher Amit
EU takes aim at Russia over 'Ghostwriter' hacking campaign against politicians, government officials
The European Union formally blamed Russia on Friday, just ahead of this weekend’s German elections, for a hacking campaign targeting EU government officials and politicians. And the EU is threatening
Exposed ransomware negotiations shed light on cybercrime, but complicate things for victims
Less than 48 hours before the deadline for Iowa-based grain cooperative New Cooperative to pay the BlackMatter ransomware group’s demands, negotiations seemed to take an interesting turn. BlackMatter, which has
TangleBot Malware Reaches Deep into Android Device Functions
Threat Post – The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. An Android malware called TangleBot has weaved its way
Lithuania wants users to dump Chinese phones citing data collection
By Deeba Ahmed Lithuania Defense Ministry has released a warning, urging consumers to get rid of their Chinese phones and not to buy new ones amid data security. This is
Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN
Threat Post – Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for
Apple Patches 3 More Zero-Days Under Active Attack
Threat Post – One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges. Apple has
Small and Mid-Sized Businesses Need to be Prepared for Ransomware Attacks
Ransomware attacks are currently one of the fastest-growing cyber security threats affecting small to mid-sized businesses (SMBs). These incidents can hit organizations of all sizes within virtually every industry. Bitdefender’s
Examining the Cring Ransomware Techniques
Trend Micro – Here is a more detailed description of this chain: Initial Access The Cring ransomware gains initial access either through unsecure or compromised RDP or valid accounts. The
REvil Affiliates Confirm: Leadership Were Cheating Dirtbags
After news of REvil’s rip-off-the-affiliates backdoor & double chats, affiliates fumed, reiterating prior claims against the gang in “Hackers Court.” Read More: https://threatpost.com/revil-affiliates-leadership-cheated-ransom-payments/174972/