Diplomats in Ukraine shopping for used cars have been targeted with a listing for a "very good condition, low-fuel consumption" 2011 BMW 5 Series. In reality, the listing was designed to push Russian-built malware onto diplomats' systems, security researchers warned.
A new malware campaign powered with multistage attack methodology is targeting businesses in the LATAM region using specially crafted modules. The newly identified Trojan, dubbed Toitoin, follows a six-stage attack plan in which each stage is custom-designed to carry out malicious activities.
Spanish law enforcement authorities said they have brought down a cybercriminal ring that deployed a range of hacking techniques to target banking customers. The group operators extorted 100,000 euros and offered crime as a service to other criminals, the police said.
The threat actor behind the remote access Trojan called RomCom and other pro-Russian groups are targeting Ukrainian agencies and allies ahead of the NATO Summit this week in Vilnius, Lithuania, using weaponized Microsoft documents and typosquatting techniques to deliver the malware.
This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.
International law enforcement agencies say they arrested the mastermind of a French-speaking cybercriminal syndicate dubbed Opera1er for carrying out more than 30 successful attacks against financial institutions, banks, mobile banking services and telecommunications companies.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
At peak, MFA-bypass accounted for more than a million messages per month and Telephone-oriented attack delivery (TOAD) messages peaked at more than 13 million per month!
The most critical variable in today’s cyber threats is – people. This year, the 2023 Human Factor report takes an in depth look at new...
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.
Cloudflare and Check Point joined Proofpoint and Microsoft atop Forrester's email security rankings, while Trend Micro, Barracuda Networks and Mimecast tumbled from the leaders category. A number of security vendors have gotten into email protection in recent years by acquiring CAPES startups.
This week's crypto roundup includes DeFi hacks and scams in the second quarter of 2023, FTX and SBF, Justby in the CFTC's crosshairs, and JokerSpy in a Japanese exchange. Also, the IMF says a crypto ban won't curb risk, Binance won't delist privacy coins, and EU banks have new capital requirements.
Researchers discovered an undisclosed malware family named EarlyRat being used by a branch of the North Korea-backed Lazarus Group. Kaspersky researchers said they stumbled upon the never-before-seen malware family, which is deployed in Log4j and phishing attacks.