Nov 21, 2023NewsroomRansomware-as-a-service The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following … [Read more...] about Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals
software vulnerability
Why Defenders Should Embrace a Hacker Mindset
Today's security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. … [Read more...] about Why Defenders Should Embrace a Hacker Mindset
8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. "Most of the group's Phobos variants are distributed by SmokeLoader, a backdoor trojan," security researcher Guilherme Venere … [Read more...] about 8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, … [Read more...] about Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Malicious Google Ads Trick WinSCP Users into Installing Malware
Nov 17, 2023NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. "The malicious advertisement directs the user to a … [Read more...] about Malicious Google Ads Trick WinSCP Users into Installing Malware
New Emerging APT Threat Exploiting WinRAR Flaw
Nov 16, 2023NewsroomAdvanced Persistent Threat / Zero-Day A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino … [Read more...] about New Emerging APT Threat Exploiting WinRAR Flaw
Three Ways Varonis Helps You Fight Insider Threats
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the same: insiders have access to too much data with too few controls. Insider threats continue to prove … [Read more...] about Three Ways Varonis Helps You Fight Insider Threats
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
Nov 14, 2023The Hacker NewsPen Testing / Vulnerability Management In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, … [Read more...] about The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
New Ransomware Group Emerges with Hive’s Source Code and Infrastructure
Nov 13, 2023NewsroomCyber Threat / Malware The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. "It appears that the leadership of the Hive group made the strategic decision to cease their operations and … [Read more...] about New Ransomware Group Emerges with Hive’s Source Code and Infrastructure
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
Nov 11, 2023NewsroomThreat Intelligence / Cybercrime A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent actor's tactics." Sapphire … [Read more...] about Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers