Netcraft landed a DigiCert and Progressive Leasing executive as its CEO to expand the company's footprint in the U.S. and better identify cyberattacks in real time. The firm tapped Ryan Woodley to capitalize on the $100 million raised from Spectrum Equity by bringing more scalability via automation.
Cybercriminals may be using a generative AI tool called WormGPT to create convincing phishing emails to support business email compromise attacks. A new survey shows that 1 in 5 people fall for the fake, AI-generated emails, according to cybersecurity researchers.
Enterprise software firm JumpCloud says a sophisticated nation-state threat actor is behind a security incident that targeted a small and specific set of customers last week. JumpCloud reset all of its API keys, potentially affecting thousands of customers including Cars.com and GoFundMe.
Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Researchers are warning of an uptick in attacks using a series of malicious Microsoft Office documents designed to drop LokiBot, an information stealer capable of sweeping up credentials. LokiBot has been active since 2015 and specializes in information stealing through malicious email attachments.
Diplomats in Ukraine shopping for used cars have been targeted with a listing for a "very good condition, low-fuel consumption" 2011 BMW 5 Series. In reality, the listing was designed to push Russian-built malware onto diplomats' systems, security researchers warned.
A new malware campaign powered with multistage attack methodology is targeting businesses in the LATAM region using specially crafted modules. The newly identified Trojan, dubbed Toitoin, follows a six-stage attack plan in which each stage is custom-designed to carry out malicious activities.
Spanish law enforcement authorities said they have brought down a cybercriminal ring that deployed a range of hacking techniques to target banking customers. The group operators extorted 100,000 euros and offered crime as a service to other criminals, the police said.
The threat actor behind the remote access Trojan called RomCom and other pro-Russian groups are targeting Ukrainian agencies and allies ahead of the NATO Summit this week in Vilnius, Lithuania, using weaponized Microsoft documents and typosquatting techniques to deliver the malware.
This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.
International law enforcement agencies say they arrested the mastermind of a French-speaking cybercriminal syndicate dubbed Opera1er for carrying out more than 30 successful attacks against financial institutions, banks, mobile banking services and telecommunications companies.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.