May 20, 2023Ravie LakshmananCyber Crime / Ransomware The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. "In these recent … [Read more...] about Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks
attacks
XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
May 12, 2023Ravie LakshmananCyber Threat / Malware Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare … [Read more...] about XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
May 08, 2023Ravie LakshmananCyber Attack / Data Safety An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is … [Read more...] about CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
Insecure Default Configuration Exposes Servers to RCE Attacks
Apr 26, 2023Ravie LakshmananServer Security / Vulnerability The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a … [Read more...] about Insecure Default Configuration Exposes Servers to RCE Attacks
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
Apr 14, 2023Ravie LakshmananUnited States The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity … [Read more...] about Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
Apr 08, 2023Ravie LakshmananCyber War / Cyber Threat The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That's according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud … [Read more...] about Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
Mar 09, 2023Ravie LakshmananCryptojacking / Threat Detection, The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell … [Read more...] about New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
Why You Need AI and Machine Learning to Combat Hands-on-Keyboard Attacks
Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can predict and proactively protect against emerging threats by using behavioral event data. CrowdStrike’s artificial intelligence (AI)-powered indicators of attack (IOAs) use ML to detect … [Read more...] about Why You Need AI and Machine Learning to Combat Hands-on-Keyboard Attacks
How cybercriminals tailor attacks for different age groups of gamers
These days, a 12 or 13-year-old kid can become a professional eSports player, while the youngest of them began his career at the ripe old age of… four! The gaming world has become much younger, but all gamers — both children and adults — face multiple cyberthreats. And scammers tailor each of their schemes with a particular age audience in mind. Although children spend less … [Read more...] about How cybercriminals tailor attacks for different age groups of gamers
Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks
Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can predict and proactively protect against emerging threats by using behavioral event data. CrowdStrike’s artificial intelligence (AI)-powered indicators of attack (IOAs) use ML to detect … [Read more...] about Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks