November 17, 2023 at 12:08PM Access-as-a-service (AaaS) is a new cybercrime business model that involves selling methods for accessing networks. Criminals known as access brokers steal enterprise user credentials and sell them to other attackers. The buyers then use ransomware or malware services to steal confidential data. Countermeasures to mitigate these threats include monitoring the … Read more
November 6, 2023 at 07:10AM A new cybercrime operation called ‘SecuriDropper’ is using a technique to bypass Android’s ‘Restricted Settings’ feature and install malware on devices. This allows the malware to access Accessibility Services and obtain sensitive information. The bypass method involves using session-based installation API for malicious APK files. The security issue is still … Read more
October 17, 2023 at 01:11PM Attackers have been using proprietary blockchain technology to conceal malicious code in a campaign involving fake browser updates. The campaign, called ClearFake, tricks users into downloading fake browser updates from compromised WordPress sites. The attackers use a technique called “EtherHiding” to host malicious code on Binance Smart Chain contracts, making … Read more
October 10, 2023 at 04:33AM A study conducted by Secureworks revealed that cyber attackers are now deploying ransomware within 24 hours of gaining initial access to a victim’s environment. In nearly two-thirds of cases, ransomware was deployed within a day, and in over 10% of incidents, it was deployed within five hours. This marks a … Read more