Collaborate Disseminate
The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President Mohan Koo said.
The post The North Korea worker problem is bigger than you think appeared first on CyberScoop.
Continue reading The North Korea worker problem is bigger than you think
The latest smishing scam follows a familiar process as ones the industry has seen over the past decade.
The post Who is sending those scammy text messages about unpaid tolls? appeared first on CyberScoop.
Continue reading Who is sending those scammy text messages about unpaid tolls?
Ransomware groups last year achieved lateral movement within an average of 48 minutes after gaining initial access to targeted environments, threat intelligence experts said.
The post Cybercriminals picked up the pace on attacks last year appeared first on CyberScoop.
Continue reading Cybercriminals picked up the pace on attacks last year
Palo Alto Networks’ threat intelligence firm said nearly 9 in 10 cyberattacks it responded to last year involved disrupted business operations.
The post Threat actors are increasingly trying to grind business to a halt appeared first on CyberScoop.
Continue reading Threat actors are increasingly trying to grind business to a halt
Read more about DNS hijacking and how organizations can prevent it. Continue reading Increasing Awareness of DNS Hijacking: A Growing Cyber Threat
Palo Alto Networks’ Unit 42 says that in the cases it worked, the average demand was up 144% and average payment was up 78%.
The post Bigger demands, bigger payouts are the trend in ransomware, report says appeared first on CyberScoop.
Continue reading Bigger demands, bigger payouts are the trend in ransomware, report says
A series of cyberattacks on Ukrainian institutions over the past few weeks — including website defacement, computer-wiping malware and phishing campaigns — have the hallmarks of hacking activity associated with the Russian government, but conclusive attribution remains elusive. Research published Thursday, however, shows how a known Russia-linked hacking group, Gamaredon, could be involved in active targeting of Ukrainian targets, including an attempt to compromise a Western government entity in Ukraine on Jan. 19. The findings, published by Palo Alto Networks’ Unit 42 threat intelligence unit, focus on the group as the Russian military amasses more than 100,000 troops along its border with Ukraine. The U.S. and other NATO governments say it’s preparation for a dramatic military escalation. Unit 42 makes clear that its research does not directly tie Gamaredon to the recent high-profile attacks. The team says it mapped out three “large clusters” of Gamaredon infrastructure that are used to support […]
The post Russia-linked Gamaredon shows signs of possible recent activity in Ukraine, researchers say appeared first on CyberScoop.
International law enforcement authorities say they’ve arrested nearly a dozen members of a notorious Nigerian cybercrime gang potentially responsible for targeting as many as 50,000 victims in various scams in recent years. Some of the 11 suspects are thought to be associated with “SilverTerrier,” a syndicate accused of employing a range of malware variants in tens of thousands of financial scams dating back to at least 2014, Interpol said Wednesday. The announcement comes two months after three members of the same group were arrested after a year-long Interpol-led investigation called Operation Falcon into the prolific business email compromise (BEC) scams the group’s members are alleged to have pulled off over the years. Authorities called this latest roundup Operation Falcon II. The arrests occurred between Dec. 13 and 22, but it’s not clear exactly where. A statement from a senior Nigerian law enforcement official and included in the Interpol release referenced […]
The post Interpol arrests 11 alleged members of Nigerian scam syndicate ‘SilverTerrier’ appeared first on CyberScoop.
Continue reading Interpol arrests 11 alleged members of Nigerian scam syndicate ‘SilverTerrier’
Four years after being used in one of the most powerful distributed denial-of-service attacks on record, the so-called Mirai malware continues to haunt the internet. Researchers on Monday evening revealed that attackers used a new variant of the malicious software in a string of ongoing hacking attempts against devices like routers and switches. The attackers are using no less than eight flaws in popular networking gear to try to remotely commandeer the devices, according to Palo Alto Networks’ Unit 42, the research outfit that made the discovery. After breaking into a device, the attackers try to download malicious code to deploy Mirai variants, Unit 42 said. The concern is that they could use that access to steal data from the device, or conscript it into a botnet, a horde of infected computers used for spamming or distributed denial-of-service (DDoS) attacks, which stifle connectivity by flooding a network with phony traffic. […]
The post Another Mirai variant used in attempted hacks on routers, switches appeared first on CyberScoop.
Continue reading Another Mirai variant used in attempted hacks on routers, switches
The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Continue reading PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers