September 17, 2024 at 12:16PM Ransomware gangs like BianLian and Rhysida are increasingly utilizing Microsoft’s Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Despite extra work required to get Azure Storage Explorer operational, the focus on data theft is indicative of the increasing leverage for … Read more
September 17, 2024 at 06:03AM Chinese national Song Wu faces charges for spear-phishing US government employees to obtain restricted aerospace software. Using fake email accounts, he targeted NASA, Air Force, and other organizations, seeking access to proprietary software and source code. Wu was an employee of a Chinese aerospace company during the spear-phishing campaign and … Read more
September 11, 2024 at 02:47PM The Meow ransomware group has gained momentum, claiming the second most active gang spot in global ransomware attacks. The group has shifted its focus from encrypting files to selling stolen data, adopting a new tactic in the cybercrime landscape. Meanwhile, RansomHub continues to dominate the rankings with 15 percent of … Read more
September 10, 2024 at 04:52PM A new method called “Pixhell” can breach air gaps by using sound waves to transmit data via LCD screens. This covert channel attack works by manipulating screen pixels to create sound waves that encode stolen data. High-level security organizations are at risk, though some have built elaborate air gaps to … Read more
August 28, 2024 at 05:13AM The threat group Bling Libra, known for the Ticketmaster breach, has evolved its tactics from data theft to extortion-based attacks targeting cloud environments. Using stolen credentials, they infiltrate AWS, exfiltrate data, and demand ransom. Weak authentication practices leave organizations vulnerable, emphasizing the need for multifactor authentication and secure IAM solutions … Read more
August 23, 2024 at 05:51AM Deniss Zolotarjovs, a 33-year-old Russian national, has been charged in the US for his role in the cybercrime gang Karakurt, known for data theft and extortion. Zolotarjovs was arrested in Georgia in December 2023, extradited to the US, and appeared in a US District Court in Cincinnati to face charges … Read more
August 23, 2024 at 01:36AM Deniss Zolotarjovs, a Latvian residing in Moscow, has been charged in the U.S. for allegedly engaging in cybercrimes, including data theft, extortion, and money laundering. Zolotarjovs is linked to a cybercriminal organization involved in ransomware attacks and is the first member of the group to be extradited to the U.S. … Read more
August 16, 2024 at 07:45AM Cybercriminals are promoting Banshee Stealer, a new macOS malware capable of stealing various data from compromised systems. Advertised for $3,000/month, it targets macOS passwords, hardware/software info, keychain passwords, browser data, and cryptocurrency wallets. While it evades detection by checking for analysis signs, its evasion methods are basic, leaving it susceptible … Read more
August 15, 2024 at 03:21AM A new threat actor, known as Actor240524, has launched cyber attacks targeting Azerbaijan and Israel to steal sensitive data, using spear-phishing emails and malware like ABCloader and ABCsync. The attacks aim to avoid detection through anti-sandbox and anti-analysis techniques. NSFOCUS attributes the attacks to disrupt the cooperative relationship between the … Read more
August 12, 2024 at 12:27AM Russian government and IT organizations are targets of a spear-phishing campaign, codenamed EastWind. The attack deploys backdoors and trojans through booby-trapped LNK files, leveraging DLL side-loading techniques. Malware variants GrewApacha, CloudSorcerer, and PlugY are used for espionage, exfiltration, and data theft via various platforms including Dropbox and GitHub. Additionally, a … Read more