October 7, 2024 at 05:17PM Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime. He distributed the malware under a MaaS model, allowing users to rent it for weekly or monthly fees. Sokolovsky was arrested in the Netherlands in March 2022, and the FBI dismantled the malware’s infrastructure in a … Read more
September 21, 2024 at 12:51PM A cybercriminal group named “Marko Polo” has executed a large-scale infostealer malware campaign, impacting thousands and potentially causing millions in financial losses. Using various distribution channels and targeting high-value individuals, the group distributes malicious software under legitimate guises, compromising both Windows and macOS systems. Mitigating these threats involves cautious online … Read more
September 19, 2024 at 04:50PM Iranian cyber attackers attempted to send stolen files from the Trump campaign to the Biden camp, without a response. The American agencies did not find any indication of the recipients replying. Similarly, Russian and Chinese actors seek to exploit US societal divisions and influence the election process. Meanwhile, Microsoft warns … Read more
September 18, 2024 at 10:54AM Chinese national Song Wu, employed by AVIC, was indicted in the U.S. for spear-phishing to access NASA, universities, and private companies’ software. The stolen data could be utilized in aerospace and military applications. Another Chinese national, Jia Wei, was separately charged for infiltrating a U.S. communications firm. In the UK, … Read more
September 17, 2024 at 12:16PM Ransomware gangs like BianLian and Rhysida are increasingly utilizing Microsoft’s Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Despite extra work required to get Azure Storage Explorer operational, the focus on data theft is indicative of the increasing leverage for … Read more
September 17, 2024 at 06:03AM Chinese national Song Wu faces charges for spear-phishing US government employees to obtain restricted aerospace software. Using fake email accounts, he targeted NASA, Air Force, and other organizations, seeking access to proprietary software and source code. Wu was an employee of a Chinese aerospace company during the spear-phishing campaign and … Read more
September 11, 2024 at 02:47PM The Meow ransomware group has gained momentum, claiming the second most active gang spot in global ransomware attacks. The group has shifted its focus from encrypting files to selling stolen data, adopting a new tactic in the cybercrime landscape. Meanwhile, RansomHub continues to dominate the rankings with 15 percent of … Read more
September 10, 2024 at 04:52PM A new method called “Pixhell” can breach air gaps by using sound waves to transmit data via LCD screens. This covert channel attack works by manipulating screen pixels to create sound waves that encode stolen data. High-level security organizations are at risk, though some have built elaborate air gaps to … Read more
August 28, 2024 at 05:13AM The threat group Bling Libra, known for the Ticketmaster breach, has evolved its tactics from data theft to extortion-based attacks targeting cloud environments. Using stolen credentials, they infiltrate AWS, exfiltrate data, and demand ransom. Weak authentication practices leave organizations vulnerable, emphasizing the need for multifactor authentication and secure IAM solutions … Read more
August 23, 2024 at 05:51AM Deniss Zolotarjovs, a 33-year-old Russian national, has been charged in the US for his role in the cybercrime gang Karakurt, known for data theft and extortion. Zolotarjovs was arrested in Georgia in December 2023, extradited to the US, and appeared in a US District Court in Cincinnati to face charges … Read more