Threat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.
The administrators of the BlackCat ransomware-as-a-service group claim law enforcement has shut down their operation. But experts and affiliates accuse the group's leadership of running an exit scam on the heels of a $22 million ransom payment by a recent victim - Optum's Change Healthcare unit.
Federal authorities have seized internet domains and arrested two men in Malta and Nigeria who they say served as sales and customer service reps for a dark web business that sold RAT malware to cybercriminals over a 12-year period, leading to the "takeover and infection of computers worldwide."
In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Ransomware, emerging AI technology and nation-state campaigns are among the top threats.
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
Android banking Trojan Xenomorph has resurfaced in a new campaign targeting cryptocurrency wallets and various financial institutions. The malware has been actively targeting users in Europe and is now focused on institutions in the United States, Canada, Spain, Italy, Portugal and Belgium.
Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
A backdoor Trojan known as SmokeLoader is deploying a customized Wi-Fi scanning executable to triangulate the location of infected Windows devices. The malware, dubbed "Whiffy Recon," uses nearby Wi-Fi access points as a data point for Google's geolocation API.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
North American cybersecurity agencies are warning about a new variant of the Truebot Trojan that collects and exfiltrates information from victims. The new variant attacks a known critical-severity vulnerability - a remote code execution vulnerability in the Netwrix Auditor.
Ransomware believed to originate from the Russian LockBit 3.0 group locked up computer systems for the Port of Nagoya, Japan's largest cargo hub. The attack held up shipments of Toyota auto parts containers for two days, but the port reopened Thursday morning.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
Microsoft discovered hackers targeting internet-facing Linux systems and IoT devices to steal IT resources for cryptocurrency mining operations. The campaign begins by brute-forcing target systems and devices and then uses a backdoor to deploy open-source tools such as rootkits and an IRC bot.
The National Security Agency has released mitigation advice for locking down Windows and Linux environments against powerful BlackLotus malware, warning organizations against having "a false sense of security" since patching alone will not stop the bootkit.
The onset of COVID-19 has fast-tracked the trend of mobile-first banking. Mobile banking opens a whole new can of worms that security teams must prepare for. This means that it's more important than ever for banks to have robust cybersecurity measures in place to protect their customers.
Download this whitepaper to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.