Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign
The Black Basta ransomware group is using Qakbot malware — also known as QBot or Pinkslipbot — to perpetrate an aggressive and widespread campaign using an .IMG file as the initial compromise vector. More than 10 different customers have been targeted by the campaign in the last two weeks, mostly focused on companies based in…
Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
The “Bleed You” campaign is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions, and more than 1,000 systems are unpatched and vulnerable to compromise. The critical flaw, tracked as CVE-2022-34721, has been under active attack since September, a new report from Cyfirma warns,…
Time to Get Kids Hacking: Our 2022 Holiday Gift Guide
Whether cybersecurity professionals, software developers, hardware tinkerers, or all of the above, hacker parents are some of the best “recruiters” for the future of tomorrow’s cyber workforce. If you’re one such pro seeking out a gift that’s not just fun but also gets your kid thinking like a hacker, we’ve got the gift guide for…
DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions
It generally starts with malvertising and ends with the deployment of Royal ransomware, but a new threat group has distinguished itself by its ability to innovate the malicious steps in between to lure in new targets. The cyberattack group, tracked by Microsoft Security Threat Intelligence as DEV-0569, is notable for its ability to continuously improve…
Cybercriminals See Allure in BEC Attacks Over Ransomware
While published trends in ransomware attacks have been contradictory — with some firms tracking more incidents and other fewer — business email compromise (BEC) attacks continue to have proven success against organizations. BEC cases, as a share of all incident-response cases, more than doubled in the second quarter of the year, to 34% from 17%…
The Advantages of Threat Intelligence for Combating Fraud
Leveraging threat intelligence to combat nation state espionage threats is a common practice for cybersecurity teams. However, outside of common types of fraud seen in darkweb or closed forums, the same threat intelligence often is not leveraged to combat enterprise fraud. If you are a target of APT threats by espionage actors, buying access to…
VMware, Airline Targeted as Ransomware Chaos Reigns
Ransomware incidents are on the rise and this week proved no exception, with the discovery of a Linux-based ransomware family called Cheerscrypt targeting VMware ESXi servers and an attack on SpiceJet, India’s second largest airline. Meanwhile, an oddball “GoodWill” variant purports to help the needy. The Cheerscrypt ransomware variant was uncovered by Trend Micro and…
Microsoft Flags Attack Targeting SQL Servers With Novel Approach
Microsoft Security Intelligence this week tweeted a warning about an attack campaign targeting SQL servers and using a new approach to evade PowerShell monitoring. Instead of PowerShell, these threat actors are using sqlps.exe, a utility that comes standard with every version of SQL and functions as a “wrapper for running SQL-built CMDlets, to run commands…
SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th
The Threat Intelligence Summit is a virtual conference that allows attendees from around the world to immerse in a virtual world to explore and discuss the latest trends and insights on cyber threat intelligence (CTI). Sessions throughout the summit and expo will examine tools and technologies to help maximize the value of threat intelligence and…
Outmaneuvering the Adversary: How to Detect Cyberthreats You Didn’t Know Were There
If you’re concerned about the increased threat of cyberattacks by state-sponsored hackers and hacktivist groups in the current geopolitical atmosphere, you’re certainly justified. Criminal groups are emerging from the shadows and pledging their allegiance to Russia. They’re conducting reconnaissance attacks and coalescing into the roles they’ll play in the global cyberwar many see on the…
