19 Jul 2021

Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

According to researchers on the MalwareHunterTeam, HelloKitty has joined a growing list of ransomware gangs targeting VMware ESXi. Researchers found a Linux encryptor used by the HelloKitty ransomware gang in an attack against videogame developer CD Projekt Red. The researchers reported that the attack, which occurred in February, targeted the

Read More
19 Jul 2021

Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware

According to new reports, a unique set of spyware strains created by an Israeli firm used by governments across the world to conduct surveillance on dissidents has been defanged by Microsoft. The company is called Candiru or Sourgum and specializes in the sale of the DevilsTongue surveillance malware. The malware

Read More
19 Jul 2021

UK blames China for Microsoft Exchange Server hack

On Monday, the UK government came forth to publicly accuse the Chinese government of perpetrating a damaging Microsoft Exchange Server hack that targeted organizations across Europe and North America. The UK joined several other entities, including the US and Microsoft itself, in claiming that China, specifically a state-sponsored hacking group

Read More
16 Jul 2021

Fake Zoom App Dropped by New APT ‘LuminousMoth’

A suspected Chinese advanced persistent threat (APT) group is spreading malicious Zoom software, seeking to spy on targets in Southeast Asia. The group is referred to as LuminousMoth, and focuses on cyber espionage and information theft from high-profile targets such as governments in Asia. Cybersecurity researchers have detected roughly 100

Read More
16 Jul 2021

Safari Zero-Day Used in Malicious LinkedIn Campaign

According to researchers from Google’s Threat Analysis Group and Project Zero, attackers exploited a Safari vulnerability to target government officials in Western Europe. The vulnerability was leveraged to send malicious links to government officials via LinkedIn. Google’s research team detected and reported the vulnerability, publishing a blog post on Wednesday

Read More
16 Jul 2021

Toddler mobile banking malware surges across Europe

A new Android banking Trojan dubbed Toddler has been discovered by researchers and is reportedly surging across Europe. The malware is also identified as TeaBot/Anatsa. The PRODAFT Threat Intelligence team stated that the malware is part of an increase in banking malware attacks in countries such as the Netherlands, Spain,

Read More
16 Jul 2021

Artwork Archive cloud storage misconfiguration exposed user data, revenue records

Misconfigurations in Artwork Archive, a platform used to connect artists to potential buyers, allegedly led to a data leak in which the personally identifiable information (PII) of users was exposed. The WizCase team reported that they discovered a misconfigured Amazon S3 bucket belonging to the platform. The researchers stated that

Read More
15 Jul 2021

Phishing continues to be one of the easiest paths for ransomware

According to a new survey from Cloudian, ransomware gangs are still using phishing attacks as one of the main methods to gain the initial access into organizations’ systems. Cloudian’s report contains the insight of 200 IT decision-makers who have experienced a ransomware attack in the past two years. According to

Read More
15 Jul 2021

SonicWall Warns of Imminent Ransomware Attacks Targeting Firmware Flaw

SonicWall, a network appliance vendor, has issued an urgent security notice informing its customers of a serious threat. The threat consists of data-encrypting ransomware attacks targeting known firmware vulnerabilities. SonicWall previously released patches for the targeted flaws, however, it is now urging its customers to implement the fixes immediately to

Read More
15 Jul 2021

Chinese Hackers Target Government Entities in Widespread Campaign

According to a new report from Kaspersky, a recently discovered advanced persistent threat (APT) dubbed LuminousMoth is targeting a large number of organizations in South Asia. The campaign involves cyberespionage attacks on organizations and government entities and has been ongoing since at least October 2020. Contrary to similar attacks that

Read More