Security News > 2024 > March

Smaller RaaS groups are trying to recruit new and "Displaced" LockBit and Alphv/BlackCat affiliates by foregoing deposits and paid subscriptions, offering better payout splits, 24/7 support, and other "Perks". RaaS operations usually consist of a core group that develops the ransomware and mantains the underlying infrastructure for its deployment, and affiliates that leverage it after breaking into target systems and networks and give the core group a percentage of the ransom as payment for their services.

The makers of Flipper Zero have responded to the Canadian government's plan to ban the device in the country, arguing that it is wrongfully accused of facilitating car thefts. Flipper Devices, the maker of the portable pen-testing tool, argues that these accusations are ill-informed and Flipper Zero is incapable of stealing cars using keyless entry systems.

In North America, 77 percent of all instances were in the United States, according to the annual State of Stalkerware report. Stalkerware is easily available and can be downloaded from the internet onto a victim's smartphone without their knowledge, enabling whomever put the surveillance app on their partner's or child's devices to spy on their victims while the software remains "Invisible to the user."

Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of...

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based...

The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can't identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said.

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms started utilizing AceCryptor, which was not the case beforehand.

An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. The analyzed malware samples were most often delivered via malicious email attachments featuring macro-enabled documents, Windows shortcut files, ISO/VHD containers, and MSI installers.

The Feds and friends yesterday issued yet another warning about China's Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing. The Tuesday alert - issued by the US Cybersecurity and Infrastructure Security Agency, the National Security Agency, FBI and eight other US and international partners - comes a little more than a month after the same groups from the same Five Eyes nations sounded the alarm on Volt Typhoon compromising "Multiple" critical infrastructure orgs' IT networks in America.

Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection....