Symantec researchers observed REvil ransomware operators scanning one of their victim’s network for Point of Sale (PoS) servers. Researchers from Symantec’s Threat Intelligence team reported that the REvil ransomware operators have been observed while scanning one of their victim’s network for Point of Sale (PoS) servers. Sodinokibi ransomware operators are very active in this period, a few days after the […]
Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is a Linux Botnet that was […]
Group-IB published a detailed report on Fxmsp â a heavyweight of the Russian-speaking cyber underground who made a name for himself selling access to corporate networks. Group-IB, a Singapore-based cybersecurity company, has issued a comprehensive report on Fxmsp â a heavyweight of the Russian-speaking cyber underground who made a name for himself selling access to corporate networks. Group-IB […]
CLOP ransomware operators have allegedly hacked IndiaBulls Group, an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group, its primary businesses are housing finance, consumer finance, and wealth management. Indiabulls Group has around 19,000 employees, the company has been earning an average revenue of 25,000 crore Indian rupees. The […]
Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. In October 2019, security experts at Amnesty Internationalâs Security Lab have uncovered targeted attacks against Moroccan human rights defenders Maati Monjib and Abdessadak El Bouchattaoui that employed NSO Group surveillance tools. The researchers are […]
Experts spotted a new version of the IcedID banking trojan that uses steganography to infect victims as part of COVID-19 themed attacks. A new version of the IcedID banking trojan was employed in COVID-19 themed attacks, the new variant uses steganography to infect victims and implements anti-detection capabilities. Researchers at Juniper Threat Labs have spotted […]
The United States has deported the author of NeverQuest banking malware, the computer programmer Stanislav Vitaliyevich Lisov to Russia. The United States has deported the computer programmer Stanislav Vitaliyevich Lisov (35) to Russia, he is the author of NeverQuest banking malware, Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The […]
Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. Researchers at security firm Intego observed the new variant being spread masqueraded as a fake Adobe Flash Player installer (.DMG disk […]
Threat actors adapted their tactics to exploit the interest in the ongoing COVID-19 pandemic, Microsoft says. Since the beginning of the COVID-19 pandemic, threat actors started to actively deploy opportunistic campaigns using Coronavirus lures. Anyway, Microsoft says that malware attacks that abused the COVID-19 theme only had a temporary effect on the total volume of […]
Malicious Chrome browser extensions were employed in a surveillance campaign on a large scale, millions of users potentially impacted. Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. The malicious Chrome browser extensions were […]