Tag: credential theft
Ransomware gangs target law and accountancy firms
In what is bad news for law and accounting firms, the professional and technical services sector has now overtaken the manufacturing sector as the prime target for ransomware attacks of Q3 2024. According to cybersecurity company Nuspire: “These firms handle highly sensitive client data, such as financial records, legal documents, and business strategies, making them prime targets for ransomware operators.” Nuspire predicts that, with ransom demands averaging around $2.5 million a hit for law firms, ransomware operators will continue to target this sector as long as the potential rewards outweigh the effort. The situation is particularly dire for smaller practices, which may lack the resources to protect against today’s increasingly ruthless and sophisticated cyber-attacks.
Finland Police Accuse Chinese APT31 Group of 2020 Parliament Attack – March 29th
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland's parliament in 2020. The country's law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
Beware of fake Google docs
An under-the-radar attack that creates fake Google docs is now playing havoc across multiple sectors in the US and UK, particularly in healthcare. Companies’ increasing reliance on widely-used off-the-shelf external software may save costs and create efficiencies in the short-term, but it also offers new inroads for the current generation of increasingly devious and skilled cybercriminals Cybersecurity firm Netskope has identified a new Google Docs threat in the wild, AZORult infostealer. It is designed to steal sensitive information such as user credentials, browser information, credit card details and crypto-wallet data. A comprehensive study conducted by Netskope’s research team has uncovered a campaign where an attacker created fake Google Docs pages on Google sites from which to download malicious payloads.
Russian Hackers Breach Microsoft’s Code Base – March 8th
Microsoft announced the cyber campaign by the Russian-state-sponsored 'Midnight Blizzard' hackers, resulting in the group stealing the tech giant's source code. The sophisticated 'Midnight Blizzard' campaign is said to be rooted in a grander scheme to gain unauthorized access to Microsoft's environment using the stolen source code.
Exfiltrated Info Automatically Spread on Discord Bot Channel – January 23rd
On an analysis published by Trellix security researcher Gurumoorthi Ramanathan, the "NS-STEALER" malware distributed via a hidden ZIP file could lead to captured data automatically displayed on the Discord bot channel "EventListener". The hidden malware "NS-STEALER" when deployed onto a user's system, can automatically collect screenshots, cookies, credentials, autofill data, and system information from web browsers.
New RAT variant gives control over Android devices – September 6th
New RAT variant gives control over Android devices The Indian government