February 22, 2024 at 08:52AM LockBit ransomware developers were working on a new version, LockBit-NG-Dev, likely to become LockBit 4.0, before law enforcement dismantled their infrastructure. Trend Micro’s analysis revealed this new version’s capabilities, including support for multiple operating systems and encryption modes, though lacking some features from previous iterations. The discovery poses a challenge … Read more
February 16, 2024 at 11:12AM Alpha ransomware, emerging in 2023 with a low profile, has recently ramped up attacks and launched a data leak site. Symantec links it to the now-defunct Netwalker ransomware based on tools and tactics, indicating a strong link between the two. Alpha, an emerging threat, demands between 0.272 BTC and up … Read more
February 15, 2024 at 08:29AM New QBot malware variants have been detected in email campaigns since mid-December, indicating ongoing development and distribution. The malware, also known as Qakbot, deploys through fake Adobe product installers and has caused significant financial damages in the past. Security researchers are closely monitoring the evolving threat and updating detection rules. … Read more
February 13, 2024 at 09:39AM Glupteba, a sophisticated information stealer and backdoor, has incorporated an undocumented UEFI bootkit feature, enhancing its stealth and persistence. The malware is capable of illicit cryptocurrency mining, proxy deployment, and various malicious activities. Distributed through complex infection chains, Glupteba demonstrates modern cybercriminals’ innovation, collaboration, and adaptation to evade detection. Based … Read more
February 2, 2024 at 03:09PM Security researchers have identified a new cyberattack using cracked copies of popular macOS software to distribute a backdoor. The campaign is notable for its sheer scale and novel payload delivery. It targets business users with titles of likely interest, potentially leading to a significant number of infections. The attack aims … Read more
January 25, 2024 at 10:50AM During the Pwn2Own Automotive 2024 hacking contest in Tokyo, Synacktiv Team demonstrated 24 unique bugs, earning $382,500. They hacked the Tesla infotainment system and Automotive Grade Linux, collecting a total of $435,000. The competition focuses on automotive technologies and vendors have 90 days to release security fixes after the event. … Read more
January 24, 2024 at 08:38AM During the first day of Pwn2Own Automotive 2024, security researchers hacked Tesla Modem and other devices, earning a total of $722,500 in awards, with Synacktiv Team securing $100,000 by exploiting three zero-day bugs. They also hacked EV charging stations, earning an additional $120,000, and the NCC Group EDG team won … Read more
January 19, 2024 at 10:03PM TA866, a threat actor, has returned after a hiatus, launching a large phishing campaign to distribute malware such as WasabiSeed and Screenshotter. The campaign targeted North America with PDFs containing OneDrive URLs that initiate a multi-step infection chain. Other actors, such as TA571, are involved in spam email campaigns to … Read more
January 19, 2024 at 08:51AM Pirated macOS applications from Chinese websites harbor a backdoor allowing attackers remote control over infected machines. The malware, hosted on “macyy[.]cn,” uses a dropper to fetch backdoor and downloader components, which enable persistence and facilitate additional payloads. This echoes previous incidents involving the ZuRu malware, possibly indicating a successor. (Words: … Read more
January 19, 2024 at 01:52AM A German security researcher was fined €3,000 for uncovering an e-commerce database vulnerability affecting almost 700,000 customer records. The contractor, Hendrik H., discovered a plain-text password stored in a program file, providing potential access to customer data. Despite initial court support, the Jülich District Court later fined him under Germany’s … Read more