Security News
Financial and insurance sectors in Europe have been targeted by the Raspberry Robin worm, as the malware continues to evolve its post-exploitation capabilities while remaining under the radar. "What is unique about the malware is that it is heavily obfuscated and highly complex to statically disassemble," Security Joes said in a new report published Monday.
Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users' digital currencies. "With maliciously implanted code, the altered APK led to the leak of user's private keys and enabled the hacker to move funds," BitKeep CEO Kevin Como said, describing it as a "Large-scale hacking incident."
A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. LNK files are used to initiate code execution which eventually downloads and runs a malicious C# payload, which functions as a remote access trojan," Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov said in a new report.
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.
The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. Next, FIN7's internal 'marketing' team scrutinizes new entries and adds comments on the Checkmarks platform to list victims' current revenue, number of employees, domain, headquarters details, and other information that helps pentesters determine if the firm is worth the time and effort of a ransomware attack.
UK broadsheet media outlet The Guardian has become the victim of a ransomware attack which seems to have take out a large chunk of office-based systems. Journalists at the center-left newspaper have continued to work from home and publish on its website, but according to the publication's own output, it has been hit by "a serious IT incident, which is believed to be a ransomware attack."
The Computer Emergency Response Team of Ukraine this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and StealDeal.
"With this influx of devices comes an influx of cybersecurity risk. Now more than ever, consumers need to prioritize keeping their connected devices, and the people who use them, safe from cyber threats." The Xfinity Cyber Health Report analyzes cyber threat trends, the growing list of devices in connected homes, and a view into consumers' attitudes and behaviors around cyber protection.
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels that has resulted in communication outages for the company. The hotel chain employs 2,500 people and is one of the largest in the DACH region, operating under 'H-Hotels' and the sub-brands Hyperion, H4 Hotels, H2 Hotels, H + Hotels, H.ostels, and H.omes.
Ransomware vs. Multi-Cloud: How to Protect Multi-Cloud Environments From the Next AttackThough the scale and economics of the cloud are a boon for today's enterprise, moving applications and data out of the data center into multi-cloud environments has greatly expanded threat surfaces, putting enterprises at greater risk of devastating ransomware attacks. This report will explore how to move beyond segmentation inside the data center and traditional next-gen firewalls at the perimeter and build a defense that meets the special demands of a multi-cloud environment.