October 27, 2023 at 09:15AM Microsoft has released a report on Octo Tempest, a dangerous financial criminal group. The group, which primarily targets English-speaking organizations, is skilled in SMS phishing, SIM swapping, and advanced social engineering. Originally focused on data extortion, Octo Tempest has now expanded to full-scale ransomware attacks. The group uses various tactics, … Read more
October 27, 2023 at 12:01AM SonicWall released the findings of its 2023 SonicWall Threat Mindset Survey, revealing that 55% of its customers are more concerned about cyberattacks in 2023, with the main threats being ransomware and spear phishing. The survey also highlighted concerns about slow patching of vulnerabilities, increased fears around insider threats, and the … Read more
October 26, 2023 at 02:21PM Microsoft has identified the cyberattack group known as 0ktapus as one of the most dangerous financial criminal groups. The group, also referred to as Scatter Swine or Octo Tempest, uses advanced techniques such as adversary-in-the-middle tactics, social engineering, and SIM swapping. They have been involved in cryptocurrency theft, data-leak extortion, … Read more
October 24, 2023 at 04:26PM The emerging ransomware strain called Rhysida, operating since May, is targeting users of Brazil’s PIX payment system. Rhysida, which functions as a ransomware-as-a-service (RaaS), has a unique self-deletion mechanism and is compatible with pre-Windows 10 versions of Microsoft. It faced initial configuration challenges but quickly adapted. Alongside Rhysida, there is … Read more
October 24, 2023 at 11:11AM French professional basketball team LDLC ASVEL has confirmed a data breach after being targeted by the NoEscape ransomware gang. The attackers claimed to have stolen 32 GB of data, including personal information and confidential documents. The ransomware group has threatened to publish the stolen data if a ransom is not … Read more
October 23, 2023 at 03:23PM The US Capitol’s election agency, the DC Board of Elections (DCBOE), has disclosed that a criminal group known as RansomVC may have stolen its entire voter roll, containing personal information of all registered voters in the District of Columbia. While DCBOE’s own internal databases were not accessed, important information was … Read more
October 21, 2023 at 04:14PM Insurance giant American Family Insurance experienced a cyberattack, leading to the shutdown of certain IT systems. The company detected unusual activity and took precautionary measures to protect data. While no compromises to critical systems have been detected, customers faced outages and were unable to access online services. Investigations are ongoing, … Read more
October 21, 2023 at 12:41PM Trigona ransomware suffered a data breach after Ukrainian hacktivists exploited a vulnerability in their server. The hackers breached several sites, taking data and defacing the Tor negotiation and data leak sites. Similarly, law enforcement disrupted the RagnarLocker ransomware operation, seizing the group’s dark websites and arresting a malware developer. In … Read more
October 20, 2023 at 02:18PM DarkGate, a remote access trojan (RAT), has been linked to the Vietnamese financial cybercrime operation behind the Ducktail infostealer. Researchers have found similarities in the lure documents and targeting used by both malware. DarkGate is a multifunctional malware that can steal information, distribute malware, and mine cryptocurrency. Understanding connections between … Read more
October 20, 2023 at 11:24AM Law enforcement agencies from multiple countries have seized the dark web site used by the RagnarLocker ransomware group to shame victims. Operating since 2020, the group targeted 52 entities across critical infrastructure sectors. Unlike other ransomware operations, RagnarLocker was not advertised as a service but operated by a private group. … Read more