Recent Security News
-
Administrator of Darkode Hacking Forum Sentenced to Prison
November 16, 2023 at 09:51AM Thomas Kennedy McCormick, aka ‘Fubar’, has been sentenced to 18 years in prison for his involvement in running the cybercrime forum Darkode. He was one of the last administrators before the forum was shut down in 2015, resulting in 70 arrests. McCormick was involved in malware distribution, website hacking, and…
-
BlackCat plays with malvertising traps to lure corporate victims
November 16, 2023 at 09:48AM ALPHV/BlackCat ransomware-as-a-service affiliates are resorting to malvertising campaigns to gain initial access to victims’ systems. They are using paid ads for popular business software like Slack and Cisco AnyConnect to trick corporate victims into downloading Nitrogen malware, which can then be used to deploy ransomware. eSentire’s Threat Response Unit has…
-
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
November 16, 2023 at 09:00AM A hacking group known as DarkCasino, initially discovered in 2021, has now been categorized as an advanced persistent threat (APT). They have exploited a recently disclosed security flaw in WinRAR software as a zero-day. DarkCasino’s attacks are frequent and they demonstrate a strong desire to steal online property. Multiple threat…
-
Threat Intel: To Share or Not to Share is Not the Question
November 16, 2023 at 08:39AM The discipline of cyber threat intelligence is centered around sharing information to strengthen security defenses. However, a recent poll revealed that only a small percentage of security professionals in the financial services industry are confident in their organization’s level of cyber threat intelligence sharing. Regulatory compliance requirements and the concept…
-
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
November 16, 2023 at 08:12AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and MS-ISAC have issued an advisory about the Rhysida ransomware. The threat actors behind Rhysida use a ransomware-as-a-service model and target organizations in various sectors. They exploit VPNs, the Zerologon vulnerability, and phishing campaigns to gain access to networks. Rhysida…