Microsoft takes down large‑scale BEC operation
The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information
The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information
Honeywell is a massive organization in the American industrial market, and an industrial cybersecurity world leader. The organization has introduced an advanced cybersecurity monitoring and occurrence response service. This service is specially designed to help industrial institutions enhance operational safety online. Target organizations are set to enjoy round-the-clock operational technology cybersecurity exposure and swift response […]
Recently, cybersecurity experts have claimed that the operators of Ryuk Ransomware are targeting severe infrastructures to extort high ransom from their victims. In 2018, the Ryuk ransomware was spotted for the first time, and the security researchers claim that the Ryuk procured and developed by its operators from the Hermes ransomware’s source code. As last […]
Cybersecurity specialists reported a massive attack targeting JBS, the world’s largest meat processing company, which forced the shutdown of all of its U.S. meat processor plants. Due to its characteristics, researchers think this could be a global supply chain attack. While the company did not immediately respond to requests for information, its executives did confirm […]
A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with its southern counterpart to install an Android and Windows backdoor for collecting sensitive information. Cybersecurity firm Malwarebytes attributed the activity to a threat actor tracked as Kimsuky, with the targeted entities comprising of the […]
The U.S. Department of Justice (DOJ) announced that Kais Mohammad, also known as “Superman29” has been sentenced to two years in prison for his involvement as an operator of an illegal cryptocurrency platform on which transactions of up to $25 million USD would have been made. The 37-year-old Orange County resident provided his services in […]
The US Department of Justice (DOJ) announced that Aleksandr Zhukov, a 41-year-old Russian citizen, faces a sentence of up to 20 years in prison when accused of operating the advertising fraud scheme identified as Methbot, which reportedly reported to the defendant and his accomplices incomes of up to $ 7 million USD. The self-appointed “King […]
Opera’s security teams revealed detection of six critical vulnerabilities residing in Privoxy, the company’s open source proxy software. The developers of the popular Chromium-based browser began a series of blog posts to track the situation. As mentioned, Opera’s first research focuses on Privoxy, released in 2001 and described as non cached web proxy with advanced […]
Around two years back, North Carolina State University researchers discovered [PDF] that over 100,000 GitHub repositories had leaked cryptographic (TLS and SSH) keys and API tokens. The researchers discovered this by scanning only 13% of its public repositories over six months and found that thousands of new repositories were leaking secrets almost daily. GitHub Announces […]
The largest gasoline company in the US, Colonial Pipeline was recently attacked by ransomware, and this attack has caused the company to shut down all its operations. Colonial Pipeline produces half of the gasoline and diesel on the East Coast of the US. On the 7th of May, the Colonial Pipeline learned that they have […]
U.S. authorities agreed the emergency pass of a new law after the country’s main pipeline was compromised by a ransomware attack that severely disrupted operations. Colonial Pipeline carries more than 2.5 million barrels per day, equivalent to 45% of the fuel supply for West Coast aircraft. The approved legislation relaxes the guidelines for road fuel […]
Iran has been linked to yet another state-sponsored ransomware operation through a contracting company based in the country, according to new analysis. “Iran’s Islamic Revolutionary Guard Corps (IRGC) was operating a state-sponsored ransomware campaign through an Iranian contracting company called ‘Emen Net Pasargard’ (ENP),” cybersecurity firm Flashpoint said in its findings summarizing three documents leaked […]
Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. The social media giant attributed the attacks to a network connected to the Preventive Security Service (PSS), the security apparatus of the State of Palestine, and another […]
Cybersecurity experts at Trend Micro have recently found a new malicious campaign, through which threat actors can trap or infect its victims with its several sophisticated payloads. This new malicious campaign is entitled as “Operation Overtrap,” and analysts have asserted that the attackers are using the three-pronged attack in this campaign. In this campaign, they […]
Cybersecurity specialists reported the finding and patching of two security flaws in vRealize Operations, a popular VMware technology company solution. According to the report, successful exploitation of these flaws would have posed severe risks for vulnerable system administrators. These flaws, tracked as CVE-2021-21975 and CVE-2021-21983, reside in the vRealize Operations Manager API, and were described […]
VMware security teams announced the release of some security patches to fix a severe flaw in vRealize Operations whose exploit would allow threat actors to steal administrator credentials on vulnerable servers. It should be remembered that vRealize Operations is an IT operations management platform, powered by artificial intelligence for private, hybrid, and cloud environments. The […]
The operators of the Ziggy ransomware variant have announced the shutdown of their infrastructure and the publication of decryption keys for all versions of the malware, meaning that victims of this cybercriminal group will be able to regain access to their information without having to make any payment to the hackers. According to cybersecurity expert […]
ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia
The law enforcement action is one of the most significant operations against cybercriminal enterprises ever
ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.