Collaborate Disseminate
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of public exploits One notable aspect of the attackers leveraging the Buhti ransom… Continue reading New Buhti ransomware uses leaked payloads and public exploits
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now also know that: The source of the 3CX breach was a compromised installer for X… Continue reading 3CX breach linked to previous supply chain compromise
The group known as PLAY is using custom tools researchers say allow it to be faster and more efficient when carrying out ransomware attacks.
The post Ransomware group behind Oakland attack strengthens capabilities with new tools, researchers say appeared first on CyberScoop.
After news broke late last week about Silicon Valley Bank’s bank run and collapse, security researchers started warning SVB account holders about incoming SVB-related scams and phishing attempts. Another reminder: just because caller ID says FDIC… Continue reading SVB account holders targeted with phishing, scams
Recently, Entrust named Bhagwat Swaroop as President, Digital Security Solutions. In this role, Bhagwat will lead the evolution, growth, and expansion of the Entrust Digital Security portfolio, which includes solutions for data encryption, public and p… Continue reading Navigating the ever-changing landscape of digital security solutions
Researchers reveal new details about a highly successful cybercrime group thought to have stolen millions over the last few years.
The post French-speaking cybercriminals continue attacks on African banks appeared first on CyberScoop.
Continue reading French-speaking cybercriminals continue attacks on African banks
Researchers with Symantec said the group that it has tracked for years has recently targeted government networks in the U.S. and Middle East.
The post Chinese-linked hackers targeted U.S. state legislature, researchers say appeared first on CyberScoop.
Continue reading Chinese-linked hackers targeted U.S. state legislature, researchers say
Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and Stairwell have recently analyzed a new version of the Exmatter data exfiltra… Continue reading To encrypt or to destroy? Ransomware affiliates plan to try the latter
A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema Framework (OCSF) project, revealed at Black Hat USA 2022, will help organizations det… Continue reading Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks
A backdoor in use as recently as November 2021 is the “most advanced piece of malware” ever seen from China-linked spies, according to researchers at Symantec. The cybersecurity company said Monday that the backdoor, dubbed Daxin, is part of “a long-running espionage campaign against select governments and other critical infrastructure targets,” most of them being of strategic interest to China. The malware “appears to be optimized for use against hardened targets, allowing the attackers to burrow deep into a target’s network and exfiltrate data without raising suspicions,” the researchers said. “This isn’t really comparable to any other strains of China-linked malware in our opinion. It’s on another level,” Dick O’Brien, principal editor for the Symantec Threat Intelligence Team, told CyberScoop. “It would be near the same level as malware we’ve seen attributed to Western powers, but maybe not as well put together.” Symantec, part of Broadcomm Software, said it worked […]
The post ‘Most advanced’ China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators appeared first on CyberScoop.