Tag: malware
AI-powered ransomware fuels cybercrime
Cybercriminals are now weaponizing artificial intelligence (AI) to create potentially devastating off-the-shelf ransomware. Researchers at cybersecurity company ESET have discovered what they called "the first known AI-powered ransomware". The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt, and possibly even destroy data, though this last functionality appears not to have been implemented in the malware as yet.
Malware campaign attacks 300 organizations
Throughout June and August of this year, a sophisticated off-the-shelf malware campaign targeted over 300 organizations. According to cybersecurity company CrowdStrike, the campaign deployed SHAMOS, a malware variant of Atomic macOS Stealer (AMOS) developed by cybercriminal group COOKIE SPIDER.
EU Launches Free Railway Cybersecurity Courses – June 16th
The International Union of Railways is launching cybersecurity courses specifically for the transport industry. Developed by industry specialists, the CYRUS training program aims to address the growing need for cybersecurity awareness in the industry, particularly among non-technical staff.
Cyera secures $540 million in funding – June 11th
Cybersecurity firm Cyera has raised $540 million in a Series E funding round, bringing its total to over $1.3 billion. Cyera’s valuation has surged to $6 billion in six months, reporting a 353 percent year-over-year growth.
AI increasingly used to deliver malware
Many organizations’ ongoing enthusiasm for incorporating artificial intelligence (AI) is leaving them open to sophisticated and carefully planned cyber-attacks. Cybersecurity company Mandiant, a Google subsidiary, has issued an urgent warning for companies to be wary of downloading AI tools from unvetted websites.
Victoria’s Secret Shuts Down U.S. Website Amid Security Incident – May 29th
In today's daily roundup - Victoria's Secret website faces a security breach, SentinelOne experienced a global service disruption affecting customer-facing services, and Chinese state-sponsored group APT41 is using Google Calendar to embed malware on compromised devices
Advanced Persistent Threats Rise by 74% in 2024 Report – March 6th
The frequency of Advanced Persistent Threats (APTs) has surged, with Kaspersky's latest report revealing a 74% increase in such attacks compared to last year. APTs were detected in 25% of organizations, accounting for 43% of high-severity security incidents, highlighting a sharp rise in sophisticated cyber threats. Kaspersky's analysis suggests attackers are refining their tactics to bypass security measures, leveraging human-operated techniques rather than automated exploits. The report underscores the growing persistence of APT actors, emphasizing the need for proactive defense strategies across industries.
3.9 Billion Passwords Exposed in Infostealer Malware Surge – February 26th
Approximately 2,850 Ivanti Connect Secure VPN instances remain vulnerable to CVE-2025-22467, a critical stack buffer-overflow flaw, according to Shadowserver Foundation. Despite Ivanti patching the vulnerability on February 11, unpatched devices could allow remote authenticated attackers to execute code. The U.S. and Japan lead in exposure, with 852 and 384 vulnerable instances, respectively.
New ransomware threat emerges in 2025
A new and unusually dangerous and sophisticated gang of cybercriminals, named BlackLock, has emerged as a major ransomware threat in 2025. Cybersecurity company Reliaquest observed a staggering 1,425 percent increase in the gang’s activities in the last quarter of 2024. Its ransomware is built to target Windows, VMWare ESXi, and Linux environments and is designed as a double-extortion attack, which involves not only locking the target organization’s critical data by encrypting it, but also by identifying sensitive information and threatening to expose it. “BlackLock’s rise has been both swift and strategic, targeting organizations across a wide range of sectors and geographies,” reports Reliaquest.
MacOS users targeted by ‘infostealer’ malware
Apple computer users are suffering a growing number of ‘infostealer’ attacks across multiple regions and industries. These are a form of malicious software created to breach computer systems in order to steal sensitive information. The Palo Alto Networks Unit42 research group has detected a 101 percent increase in macOS infostealers in the last two quarters of 2024. The researchers identified three particularly prevalent macOS infostealers: Poseidon, Atomic, and Cthulhu. The developers of Atomic Stealer sell it as malware as a service (MaaS) in hacker forums and on Telegram. The Atomic Stealer operators usually distribute their malware via malvertising - the use of online advertising to spread malware. This typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. It is capable of stealing notes and documents, browser data such as passwords, and cookies, cryptocurrency wallets, and instant messaging data. Atomic Stealer, also known as AMOS was first discovered in April 2023.
Bucket shop bargains for cybercriminals
Researchers have revealed current vulnerabilities in Amazon’s data storage services, the knock-on effect of which could potentially result in the biggest supply-chain attack in the internet’s history. In November 2024, watchTowr Labs decided to show how a significant Internet-wide supply-chain attack could be caused by abandoned infrastructure left unattended and forgotten on the internet. The researchers chose to focus on an Amazon business data storage service, known as ‘S3 buckets’.
Cybercrime forums span national boundaries
The bust of the illegal Cracked and Nulled crime forums evidences the global nature of cybercrime and the impossibility of seeing it as a threat that has no regard for national boundaries. Although at least 17 million US citizens were victims of the crime forums. law enforcement agencies in the United States, Romania, Australia, France, Germany, Spain, Italy, and Greece were all involved in the bust, according to the US Department of Justice.