Browsing tag
A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. “This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors,” Proofpoint said. “Additionally, the actor appeared to use a […]
Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a “key tool for onboarding and managing these money mules,” CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam […]
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta […]
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It’s […]
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and three others – were “used to sell computer malware used by cybercriminals to secretly access and steal data from victims’ computers,” the DoJ said. […]
A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks. “The […]
Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” the Microsoft Threat Intelligence team […]
Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world. Matveev, who resides in Saint Petersburg and is known by the aliases […]
The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations […]
A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. “This malware is a Python-based information stealer compressed with cx-Freeze to evade detection,” Fortinet FortiGuard Labs researcher Cara Lin said. “MrAnon Stealer steals its victims’ credentials, system information, browser sessions, and cryptocurrency […]
Discover stories about threat actors’ latest tactics, techniques, and procedures from Cybersixgill’s threat experts each month. Each story brings you details on emerging underground threats, the threat actors involved, and how you can take action to mitigate risks. Learn about the top vulnerabilities and review the latest ransomware and malware trends from the deep and […]
A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims’ bank accounts using malware called Zeus. Vyacheslav Igorevich Penchukov, who went by online pseudonyms “tank” and “father,” is alleged to […]
Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, dealing a severe blow to one of the most prolific cybercrime gangs in history. The suspects are believed to have orchestrated more than 5,000 ransomware attacks and extorted close to $600,000 from victims, according […]
21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber and fraud offences, the UK National Crime Agency (NCA) said. […]
We all know of the exponential growth of cybercrimes. The question now is, how do we stay ahead of a possible data breach? Some experts in the commercial real estate have their say on what’s in store for cybersecurity. We’ve heard of the recent Capital One hacking. A person was able to access its 100 […]
The Hong Kong Special Administrative Region in China, through its Privacy Commissioner, Stephen Kai-yi Wong has publicly disclosed a report containing more findings about the October 2018 data breach involving Cathay Pacific Airways. The report contains the complete and comprehensive retelling of the story behind the data breach; hackercombat.com broke the headlines last Oct 25, […]
Data breaches have become very common, a data breach is no longer news- you may say! Yes, this is true, to a very great extent. But, let’s look at the other side of it. As data breaches turn increasingly common, governments, organizations and individual users are also stepping up defenses to combat the breaches. Stricter […]
How can cybercriminals penetrate a network or computer if there are security software in place to prevent it? Some cyber criminals have the answer, attack the very software used for securing the computer/network. That is the exact scenario that happened with ZoneAlarm antivirus, becoming the victim of a very clever vulnerability attack, as reported by […]
Magecart, known for their e-commerce payment card-skimming that has recently attacked British Airways, Ticketmaster, Newegg, and other prominent companies, comprises of six major active cybercriminal groups, according to a new joint research report. All of these groups use the same skimmer toolset, but they rely on different strategies and in some cases have evolved the […]
Security experts for a long time have warned users to turn-off UPnP (Universal Plug and Play) on their home modem/routers, to close the security vulnerability inherent in the UPnP protocol. However, UPnP is turned-on by default on all consumer routers is the longtime trend, and it is not expected for a reversal of policies anytime […]
Yes, really. Your government or a foreign spy agency might be tuning in right now through your router or your server equipment. Two Cases of Hardware Tampering In 2015, Amazon ordered third-party security researchers to investigate the technology of the company they wanted to acquire which is Elemental Technologies. Since Amazon was working on its […]