Botnets continue to be a major problem for cybersecurity teams. With the growth in sophisticated threats, botnets are becoming more malicious, sometimes able to create hundreds of thousands of drones that can attack a variety of machines, including Mac systems, Linux, Windows systems, edge devices, IoT devices, and so on. Examining threat trends around botnet…

Threat intelligence company Recorded Future reported on Tuesday that it had seen four different Chinese threat groups targeting a mail server belonging to Roshan, a major telecom provider that has more than 6.5 million subscribers across Afghanistan. The attacks were conducted by the groups known as Calypso and RedFoxtrot, as well as two different Winnti…

Zix provides cybersecurity, compliance and productivity solutions to 21,000 organizations, and cybercriminals have been leveraging the company’s reputation in a phishing campaign aimed at enterprises. Email security company Armorblox said on Tuesday that it has observed an attack on customer environments across Microsoft Exchange, Office 365 and Google Workspace. “Although the potential account exposure of…

Ransomware has never been more prevalent — or profitable — than it is right now. What started as the exclusive domain of highly skilled and opportunistic bad actors has evolved into an underground industry in which virtually anyone can get their hands on pre-built tool kits and plans to launch ransomware attacks at an alarming pace. Many…

Foreign Ministry spokeswoman Andrea Sasse said that a hacker outfit called Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations,” and that activities targeting Germany have been observed “for some time.” She said that, ahead of Germany’s parliamentary election on Sept. 26, there have been attempts – using phishing emails, among other things…

Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes. From an intelligence collector’s perspective, it makes sense to target it….

An example of hacked malware was discovered when researchers detected a user downloading a cracked copy of the credential stuffing tool Sentry MBA from a Turkish-language cracking forum. Sentry MBA includes features to bypass website security controls, such as CAPTCHA challenges and web application firewalls. “Threat actors,” say researchers in the HP Wolf Security Threat…