November 29, 2024 at 12:55PM Russian ransomware affiliate Mikhail Matveev, also known as Wazawaka, was arrested and indicted for his involvement in multiple hacking groups, including LockBit and Babuk. The U.S. has charged him for cyberattacks against American organizations and is offering a $10 million reward for information leading to his conviction. ### Meeting Takeaways … Read more
October 30, 2024 at 07:54AM Researchers identified a malicious Python package, “CryptoAITools,” disguised as a cryptocurrency trading tool. It steals sensitive data and drains crypto wallets. Distributed via PyPI and fake GitHub repos, it infected over 1,300 systems, exploiting both Windows and macOS while using a deceptive GUI to distract victims during data theft. ### … Read more
September 13, 2024 at 06:21AM A newly discovered Android malware, Vo1d, has infected 1.3 million TV boxes running older Android versions. The backdoor malware can fetch and install additional software, exploiting system vulnerabilities. It poses as legitimate OS components and targets countries worldwide. Doctor Web suspects attacks via unofficial firmware or intermediate malware. Google has … Read more
August 21, 2024 at 07:33AM Cybersecurity researchers recently discovered a new macOS malware, TodoSwift, with similarities to known malicious software linked to North Korean hacking groups. It exhibits behaviors seen in previous DPRK malware, such as RustBucket and KANDYKORN, and is associated with the Lazarus Group’s attempts to target cryptocurrency businesses. TodoSwift is distributed as … Read more
August 5, 2024 at 03:03PM Researchers have uncovered a China-linked APT group’s attack on an ISP, employing DNS poisoning to compromise software update mechanisms. This enabled the delivery of Macma backdoor variants and post-exploitation malware, exfiltrating sensitive data from affected networks. The APT group, known as Evasive Panda, used DNS manipulation to conduct the attacks, … Read more
February 9, 2024 at 04:09PM AnyDesk disclosed details about a recent hacker attack, revealing the breach was discovered in mid-January with initial intrusion occurring in late December 2023. The company confirmed no evidence of malicious software being distributed to customers and is revoking certificates and pushing out software updates. It also enforced a password reset … Read more