A stealthy malware known as SpyNote has made headlines because of its ability to steal data, record calls and access the cameras of devices it has infected.
The malware disguises itself as a phone operating system update, fooling targeted victims into allowing it access privileges
Discord continues to be used by threat actors to launch malware attacks. Researchers have warned the online platform continues to be used to distribute malware and exfiltrate data.
Three ways threat actors have been using Discord include stealing passwords, abusing webhooks, and stealing passwords.
The Q3-2023 Ransomware Report of cyber threat intelligence company Cyble has shown that ransomware attacks have doubled over the past year.
The reports also show the healthcare sector to be the most targeted in these attacks, and the US as being the most targeted area.
According to cybersecurity company SecureWorks’ annual State of the Threat Report, over the last 12 months, attackers have shortened the time between the initial penetration of the corporate network to the ransomware demand itself from 4.5 days to less than one day. This period, known in the cybersecurity industry as ‘dwell time’, offers well-equipped cybercriminals a leisurely opportunity to drain the company of funds and its most sensitive secrets. In 10 percent of cases, ransomware was even deployed within five hours of initial access.
State security in Pennsylvania, US has warned against a new hacker scam targeting senior citizens, called Phantom Hacker.
The scam artists attempt to convince senior citizens that their accounts holding financial details have been hacked. They then suggest transferring money into an ‘alias’ account under the guise of being federal agency officials.
The LockBit ransomware gang has threatened to release data stolen from CDW Corp, a major IT reseller and services provider in the US, UK, and Canada after discussions over the ransom fee for the data commenced.
The notorious ransomware gang demanded $80 million, with CDW offering just $1.1 million as their ransom counteroffer.
At least seven million customers of San Francisco-based DNA company, 23andMe, are now seeing their confidential and highly personal genetic data up for sale on the internet. The hackers are also offering the millions of victims’ personal email addresses for good measure and to best assist potential blackmailers and fraudsters.
Crypto exchange server Upbit has announced it was targeted by hackers 159,000 times during the first quarter of this year.
This is more than double the number of hacker attacks it experienced in the same period last year. The figures were released by Dunamu, the company that operates Upbit.
Cybersecurity firm, CloudSEK is looking deeper into the leaked data from NATO, an attack claimed by the SiegedSec threat actors. SiegedSec threat actors, who announced this attack on a Telegram group, claim to not be a state-sponsored group. Instead, their attacks are based on ‘hacktivism’ or ‘just for fun’.
This attack on NATO has reportedly compromised 845MB of sensitive information from the organization, impacting 31 nations. NATO is now investigating the SiegedSec claims and is working together with firms to strengthen their cybersecurity efforts so this kind of attack will not be replicated.
The hacker group behind the recent breaches of major casino companies, called Scattered Spider, is suspected to be behind a recent attack against Clorox Co in Malaysia.
This breach has led to a nationwide shortage of cleaning products and displays the same social-engineering tactics of Scattered Spider.
In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year.
Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.
Chinese hacker group Budworm has been using cyber-espionage malware to target a telecommunications company in the Middle East and an Asian government organization.
Reports say attacks have been orchestrated through a new variant of the group’s SysUpdate backdoor malware, and that telecommunication companies have become a common target for hacking groups.
Travel itineraries and diplomatic deliberations were among the data within seized emails in a recent hacker breach of the US State Department systems. As many as 60,000 emails were compromised in the attack.
Allegedly, this attack had been done by threat actors linked with the Chinese government and reports say the incident is likely to raise concerns on Capitol Hill concerning the ramped-up efforts by Chinese hackers.
Cryptocurrency is being increasingly targeted by hackers, with $7.9 million recently stolen in a hack targeting cryptocurrency exchange HTX. The hack attack was identified as soon as it occurred, with HTX authorities stepping up promptly in an innovative way to recover losses.
Following the attack, HTX offered a ‘white hat’ ethical hacker a 5% bonus to return the stolen cryptocurrency, amounting to a total bonus of $400,000.
Dubbed the ‘biggest hack of the year’, the recent attack on Hong Kong-based digital wallet company, Mixin Network has cost the company $200 million worth of crypto assets.
Network authorities have announced that deposits and withdrawals on the site will only recommence once all vulnerabilities have been confirmed and fixed.
There has been a surge of advertisements on the dark web this year, with over 700 adverts advertising Distributed Denial of Service (DDoS) attacks through the Internet of Things (IoT) devices having been identified.
The cost of employing the sinister DDoS attack services ranges from $20 per day to $1 000 per month, depending on the amount of protection the target has.
US corporations lose an average of 4.3 percent of their online revenues to malicious ‘bots,’ malware designed to resemble human communications. Malware attacks of this nature accounts for an average annual loss of $86.5 million a year for corporations with average annual online revenues of $1.9 billion, according to a new report from cybersecurity firm Netacea, “Death by a Billion Bots: The Accumulating Business Cost of Malicious Automation”.
It seems that no one and no business is immune to hacker activity. Recent reports say that Pizza Hut Australia has again been the victim of threat actors a year after its newsmaking Optus cyber attack.
Reports allege customers’ data has been compromised by the incident, which occurred in early September, with the fast food outlet having contacted clients to notify them of the data breach.
ORBCOMM, the US trucking and fleet management software provider, has linked recent service outages across freight transportation firms throughout the US to a ransomware attack.
These outages prevented the Blue Tree Electronic Logging Device usage and inventory tracking capabilities of the fleet management software. Investigations continue into the identity of the threat actors.
The BlackCat ransomware gang is now using the Sphynx encryptor to target Azure cloud storage. The Spynx variant was discovered in March this year in an investigation of a data breach that shared similarities with another attack described in an IBM-Xforce report.
BlackCat continues to be one of the most high-profile, sophisticated threat actor groups, owing to the gang’s ability to continuously refine and adapt its tactics.
A new phishing attack campaign using DarkGate Loader malware has been identified, with Microsoft Teams users being urged to exercise caution.
This malware is specifically a ‘loader malware’ meaning that it is able to download and execute other malware programs on the infected device. The additional malware then downloads in the infected device’s memory structure, making it hard to detect since it isn’t in the device’s file system.
Hackers have seized $53 million worth of cryptocurrency from CoinEx.
Hackers violated the site’s hot wallets, taking the cryptocurrency, with CoinEx reassuring that user assets had not been impacted by the incident.
A massive ransomware attack cost the Sri Lankan government four months of data and spread to UK government offices, including the Cabinet Office.
In today’s roundup; Cyberattacks encrypt UK school data, Russian threat actors may face lengthy imprisonment, and ‘Charming Kitten’ hacks 34 company systems.
In today’s roundup; Addresses forged via email forwarding, the Sri Lankan attack causes government data loss, and Pune reports a spike in cybercrime cases.
New RAT variant gives control over Android devices The Indian government has warned of a malware attacking Android users through social media. Called DogeRAT, the new malware is able to access sensitive data, such as contacts, messages, and bank credentials, and grant hackers control over infected Android devices. New Chaes malware variant displays ‘significant transformations’ […]
In today’s roundup; Russian threat actors target the Ukranian Military, browser-hacking malware found on the phones of Xiaomi users, and a LockBit data leak.
The healthcare sector is coming under increasingly severe pressure from cyber-attacks. On the heels of news earlier last week that the infamous Lazarus Group is launching a new campaign targeting internet backbone infrastructure and healthcare facilities in the US and Europe comes news of a major attack by the Rhysida ransomware group on Los Angeles-based Prospect Medical Holdings.
Hackers hold Prospect Medical’s data ‘hostage’ Hacker group Rhysida has been identified as the mastermind behind the recent ransomware attack on Prospect Medical Holdings, where 500,000 social security numbers, patient records, and corporate documents were stolen. The group identified themselves in ransom notes on employee screens after the August 3 attack. GhostSec exposes Iran’s surveillance […]
In today’s roundup; XLoader, OfficeNote copycat hides malicious code, hosting firm refuses to pay ransom, and Cybersmart announces $15 million series B funding.
Cybersecurity firm Coalfire reports that the ALPHV/BlackCat ransomware gang has been causing mayhem over the past year using a failsafe delivery system. The group suspects that the leaders of BlackCat are affiliated with the top ransomware gang, the infamous LockBit.
Crunchbase News reported that “The first seven months of the year saw only 34 cyber startups get acquired,” compared to a high of 123 in 2021 and a significantly reduced 82 last year. Rising interest rates and geopolitical tensions that have already hit the tech sector hard are now clearly putting a damper on M&A activity in cyber.
The attack allowed bad actors to lock LinkedIn users out of their accounts and resulted in ransom demands to allow users to access their accounts again. The ongoing attacks caused LinkedIn account inquiries to spike by 5000%. The full report is available on Cyberint’s website.
Microsoft’s OneDrive includes built in ransomware detection and recovery and is marketed as a safe place to store sensitive documents. However, SafeBrach Researcher, Or Yair, was able to demonstrate its worrying capability to be used by the very criminals it was built to protect against.
Barracuda Email Security Gateway devices have again been violated, this time through a novel backdoor malware named ‘Whirlpool.’ The US Cybersecurity and Infrastructure Security Agency (CISA) has identified the breach to be the work of a pro-China group of hackers. The threat actors have targeted a zero-day remote command injection vulnerability through the malware. Reports say this vulnerability was used to plant malware payloads of Seapsy and Whirlpool backdoors on compromised devices.
admin
