04 Aug 2021

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

A new campaign using catfishing techniques with fake aerobics-instructor profiles has been discovered in a supply-chain attack attempt originating from an Iranian APT, TA456. The threat actors created convincing profiles of objectively attractive women to charm victims into downloading malware. According to a new report from Proofpoint, the campaign allegedly

Read More
04 Aug 2021

New Raccoon Stealer Campaign Underscores an Evolving Threat

Sophos researchers have detailed a new Racoon Stealer campaign that underscores the evolution of the information-stealer. According to Sophos, the Racoon Stealer has been distributed through a dropper campaign with the goal of stealing cryptocurrencies, cookies, and other valuable information located on target machines. Researchers confirmed that the campaign had

Read More
03 Aug 2021

Chinese APTs strike major telecommunications companies

Researchers at Cybereason Nocturnus recently published a report disclosing three cyber espionage campaigns seeming to come from China targeting networks belonging to major telecommunications companies. The attackers are referred to as DeadRinger in the report and are believed to be working for Chinese state interests. The cybersecurity firm reported that

Read More
02 Aug 2021

SolarWinds attackers breached email of US prosecutors, says Department of Justice

A new update to the SolarWinds attack has revealed that hackers breached the email accounts of US prosecutors, boasting access to the accounts for several months. Several top US intelligence agencies have confirmed that the attacks were likely the work of Russian state-sponsored hackers. US President Joe Biden has initiated

Read More
30 Jul 2021

US Government Unlikely to Ban Ransomware Payments

Despite controversy over whether businesses and organizations who fall victim to ransomware should meet criminals’ demands, the US government is likely to make it illegal for victims of ransomware attacks to pay the ransom. According to the US Department of Justice, banning this act will only wreak further havoc. Oftentimes,

Read More
29 Jul 2021

No More Ransom Saves Victims Nearly €1 billion Over 5 Years

No More Ransom, a company that looks to prevent ransomware victims from paying millions of dollars to malicious hacking groups, has allegedly saved victims more than €1 billion over the past five years. No More Ransom wants to prevent incentivizing ransomware groups with large payouts and to protect victims from

Read More
29 Jul 2021

Hackers used never-before-seen wiper in recent attack on Iranian train system

Researchers at cybersecurity company SentinelOne recently released a report detailing a recent cyberattack on Iran’s train system. The report identifies a new threat actor dubbed MeteorExpress and a previously unknown wiper. The attack was initially reported by local news outlets on July 9, stating that hackers were defacing display screens

Read More
26 Jul 2021

Kaseya Obtains Universal Decryptor for REvil Ransomware

Reports have emerged that Kaseya has obtained a master decryptor key to mitigate the effects of a REvil ransomware attack that disrupted and locked up the systems of at least 60 of its customers. It is unclear if the ransom demand was paid to access the decryption key. Kaseya stated

Read More
22 Jul 2021

NPM Package Steals Passwords via Chrome’s Account-Recovery Tool

A new widespread software supply-chain attack has been discovered by researchers, this time consisting of a password stealer harvesting credentials from Chrome on Windows systems via a tool called ChromePass. According to researchers, the campaign was discovered after professionals caught the malware stealing credentials, listening for incoming commands from the

Read More
22 Jul 2021

Saudi Aramco denies breach after hackers hawk stolen files

Saudi Aramco has denied allegations of a cyberattack despite claims made by ZeroX, a threat actor who reports having stolen 1T of sensitive data from the company. Saudi Aramco is one of the largest oil companies in the world. Cybercriminals allegedly contact news outlets claiming to have stolen data ranging

Read More