TeamTNT, a recently uncovered hacking group, is weaponizing Weave Scope, a legitimate cloud monitoring tool, to help install cryptominers in cloud environments, according to reports from Intezer and Microsoft.
When startups succeed, they typically hire more employees to handle increasingly specialized tasks. The same goes for ransomware gangs, which, as they grow, have been hiring experts with advanced hacking, encryption, negotiation and other skills to help take down larger targets, says Coveware's Bill Siegel.
A recently uncovered phishing campaign designed to harvest credentials used companies' official webpages as an overlay to hide malicious domains, according to security firm Cofense.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
A recently uncovered malicious email campaign is delivering to businesses multiple types of malware, including a Trojan designed to steal banking credentials and other financial information, according to a research report from Cisco Talos.
Fraud prevention practices are not keeping up with changes in risks, says Al Pascual, COO at Breach Clarity, who offers insights on leveraging the latest tools.
Proofpoint reports that a Chinese hacking group targeted European organizations, as well as Tibetan dissidents, with a new remote access Trojan called "Sepulcher" as part of a cyberespionage campaign.
Some fraudsters are now using the encrypted instant messaging app Telegram as a fast and easy way to steal payment card data from ecommerce sites, according to an analysis from Malwarebytes.
The FBI and CISA say that a Russian newspaper report that claims American voting data was stolen and then offered for sale in darknet forums is inaccurate. The agencies say the data offered for sale is already publicly available, and they portray the newspaper report as part of a disinformation campaign.
Message to anyone who placed or fulfilled an order via the world's largest darknet market, Empire, in recent weeks: Say bye-bye to your cryptocurrency. It's increasingly clear that Empire's administrators "exit scammed," closing up shop and leaving with a horde of digital currency.
A cybercriminal gang dubbed "UltraRank" that has planted malicious JavaScript code in hundreds of e-commerce websites around the world over the last five years to steal payment card data also takes the unusual step of selling the data on its own, the security firm Group-IB reports.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
"Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky. The threat actors initially posed as journalists looking to contact sources.
The operators behind the "Lemon Duck" cryptominer have developed new techniques to better target enterprise-grade Linux systems, according to Sophos. In the latest cases, potential victims are spammed with COVID-19-themed emails.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.