Skip to content
ransomware malware Page 45

ransomware malware

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Aug 19, 2024Ravie LakshmananCloud Security / Threat Intelligence Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. “Attackers… 

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

Aug 19, 2024Ravie LakshmananVulnerability / Zero-Day A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as… 

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

Aug 19, 2024Ravie LakshmananCybercrime / Network Security Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7. The two clusters of potential FIN7 activity “indicate communications inbound to FIN7… 

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media… 

Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web

Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web

Aug 16, 2024Ravie LakshmananDark Web / Data Breach A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a… 

Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware

Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware

Aug 16, 2024Ravie LakshmananMalware / Data Theft Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking… 

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Aug 16, 2024Ravie LakshmananCyber Attack / Malware Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. “ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control… 

The Hidden Security Gaps in Your SaaS Apps: Are You Doing Due Diligence?

The Hidden Security Gaps in Your SaaS Apps: Are You Doing Due Diligence?

SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited.… 

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

Aug 16, 2024Ravie LakshmananMalware / Browser Security Cybersecurity researchers have uncovered new stealer malware that’s designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it’s offered for sale in the cybercrime underground for a…