-
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions.
- October 30, 2024
- 11:55 AM
0
-
Iranian hackers act as brokers selling critical infrastructure access
Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors.
- October 16, 2024
- 07:16 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Sponsored Content
Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking the password hygiene of your Active Directory.
- August 06, 2024
- 10:01 AM
- 0
-
Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network.
- July 30, 2024
- 02:55 PM
- 0
-
Russian indicted for selling access to US corporate networks
A 31-year-old Russian national named Evgeniy Doroshenko has been indicted for wire and computer fraud in the United States for allegedly acting as an "initial access broker" from February 2019 to May 2024.
- May 28, 2024
- 02:32 PM
- 0
-
Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
- May 18, 2024
- 02:23 PM
- 0
-
Admin of major stolen account marketplace gets 42 months in prison
Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide.
- March 15, 2024
- 12:07 PM
- 0
-
New Qbot malware variant uses fake Adobe installer popup for evasion
The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
- February 15, 2024
- 08:27 AM
- 0
-
TeamViewer abused to breach networks in new ransomware attacks
Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder.
- January 18, 2024
- 04:07 PM
- 4
-
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network.
- November 08, 2023
- 11:44 AM
- 3
-
Sponsored Content
Ransomware isn’t going away – the problem is only getting worse
Ransomware incidents continue to grow at an alarming pace, targeting the enterprise and governments worldwide. Learn more from Specops Software on how ransomware gangs gain initial access to networks and how to protect against attacks.
- October 25, 2023
- 10:02 AM
- 0
-
E-Root admin faces 20 years for selling stolen RDP, SSH accounts
Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty of 20 years for selling access to compromised computers.
- October 19, 2023
- 06:42 PM
- 1
-
Akira ransomware targets Cisco VPNs to breach organizations
There's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
- August 22, 2023
- 09:00 AM
- 0
-
Hackers ask $120,000 for access to multi-billion auction house
Hackers have breached the network of a major auction house and offered access to whoever was willing to pay $120,000.
- August 17, 2023
- 04:17 PM
- 1
-
Sponsored Content
Safeguarding Against Silent Cyber Threats: Exploring the Stealer Log Lifecycle
Infostealer malware has risen to prominence as one of the most significant vectors of cybercrime over the past three years. Learn from Flare about information stealer logs and their role in the cybercrime ecosystem.
- August 10, 2023
- 10:02 AM
- 0
-
New Nitrogen malware pushed via Google Ads for ransomware attacks
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads.
- July 26, 2023
- 11:04 AM
- 0
-
New LOBSHOT malware gives hackers hidden VNC access to Windows devices
A new malware known as 'LOBSHOT' distributed using Google ads allows threat actors to stealthily take over infected Windows devices using hVNC.
- May 01, 2023
- 02:15 PM
- 3
-
The Week in Ransomware - April 28th 2023 - Clop at it again
It has been a very quiet week for ransomware news, with only a few reports released and not much info about cyberattacks. An item of interest was Microsoft linking the recent PaperCut server attacks on the Clop and LockBit ransomware operation.
- April 28, 2023
- 02:42 PM
- 0
-
Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets.
- March 18, 2023
- 03:03 PM
- 0
-
Automated dark web markets sell corporate email accounts for $2
Cybercrime marketplaces are increasingly selling stolen corporate email addresses for as low as $2 to fill a growing demand by hackers who use them for business email compromise and phishing attacks or initial access to networks.
- December 08, 2022
- 11:22 AM
- 0
- 1
- 2
