Malware & Threats Archives - Page 18 of 107

Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike’s Heels

Issued by: Dark Reading

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, first seen in December, was “likely” developed by ex-affiliates of the notorious LockBit ransomware gang, according to researchers. According to a Cyfirma report on Feb. 28, Ex-22 possesses advanced…

Malware & Threats

New cyberattack tactics rise up as ransomware payouts increase

Issued by: CSO Online

While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint. “While conventional phishing remains successful, many threat actors have shifted to newer techniques, such as telephone-oriented attack delivery (TOAD) and…

Malware & Threats

NLBrute Malware Developer Pleads Not Guilty in US Court

Issued by: DataBreach Today

A Russian national accused by U.S. federal prosecutors of developing an application for decrypting login credentials pleaded not guilty during a first appearance in Tampa federal court. The man, Dariy Pankov – also known as “dpxaker” – faces seven criminal counts including conspiracy, access device fraud and computer fraud. On Wednesday in the courthouse for…

Malware & Threats

Ireland Set to Notify 20,000 More Health Data Breach Victims

Issued by: DataBreach Today

Ireland’s child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive. The HSE is Ireland’s publicly funded national healthcare system and social services agency. It formerly provided IT services to Tusla. An…

Malware & Threats

City of Oakland issued a local state of emergency after recent ransomware attack

Issued by: Security Affairs

The City of Oakland disclosed last week a ransomware attack, the security breach began on February 8, 2023. In an abundance of caution, the City of Oakland has taken impacted systems offline, while they work to secure the impacted infrastructure. The Information Technology Department notified local authorities and launched an investigation into the incident to…

Malware & Threats

The Lessons From Cyberwar, Cyber-in-War and Ukraine

Issued by: Security Week

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation. Here we will look at the use of cyber in the years leading to the kinetic war, and…

Malware & Threats

DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure

Issued by: Security Affairs

Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S. and South Korean agencies warn. US CISA published a Cybersecurity Advisory (CSA) to provide information about the threat actors to network defenders. The joint CSA about ongoing ransomware activity against…

Malware & Threats

US, UK Slap Sanctions on Trickbot Cybercrime Gang

Issued by: Security Week

The seven individuals are being blamed for a series of major ransomware attacks targeting organizations in the US and the United Kingdom and the Treasury Department said it has information linking the hacking group to Russian intelligence services. “Current members of the Trickbot Group are associated with Russian Intelligence Services. The Trickbot Group’s preparations in…

Malware & Threats

Threat group targets over 1,000 companies with screenshotting and infostealing malware

Issued by: CSO Online

Researchers warn that a new threat actor has been targeting over a thousand organizations since October with the goal of deploying credential-stealing malware. The attack chain also involves reconnaissance components including a Trojan that takes screenshots of the desktops of infected computers. Tracked as TA866 by researchers from security firm Proofpoint, the group’s tooling seems…

Malware & Threats

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

Issued by: Security Affairs

SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. The researchers observed the first ELF variant of the Clop ransomware targeting Linux systems on December 26,…