Security News

Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. As ransomware attacks became increasingly more profitable, Evil Corp launched an operation called BitPaymer, delivered via the Dridex malware to compromised corporate networks.

Microsoft announced today a new security program for nonprofits to provide them with protection against nation-state attacks that have been increasingly targeting them in recent years. The company launched the program in response to the booming cybercrime industry impacting all industry sectors worldwide and nonprofits in particular because of their vulnerability stemming from the lack of adequate resources to build a suitable defense.

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. As ransomware has become a profitable field for cybercriminals, and having previous experience with fake front companies like "Combi Security", the group set up a new firm to lure legitimate IT specialists.

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.The Gemini researchers found that FIN7 was offering between $800 and $1,200 per month to recruit C++, PHP, and Python programmers, Windows system administrators, and reverse engineering specialists by following tips from an unnamed source.

A report analyzing data from the start of the year concludes that distributed denial-of-service attacks on Russian companies have increased 2.5 times compared to the same period last year. DDoS attacks are commonly used to extort victims with ransom demands or as a distraction for IT teams while hackers attempt to steal precious data from compromised systems.

University researchers in the US have developed a new fingerprint capturing and browser spoofing attack called Gummy Browsers. The 'Gummy Browsers' attack is the process of capturing a person's fingerprint by making them visit an attacker-controlled website and then using that fingerprint on a target platform to spoof that person's identity.

University researchers in the US have developed a new fingerprint capturing and browser spoofing attack called Gummy Browsers. The 'Gummy Browsers' attack is the process of capturing a person's fingerprint by making them visit an attacker-controlled website and then using that fingerprint on a target platform to spoof that person's identity.

The vulnerability was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense Technology in early May 2021, who used it to stage a confidential data disclosure attack called "SmashEx" that can corrupt private data housed in the enclave and break its integrity. Introduced with Intel's Skylake processors, SGX allows developers to run selected application modules in a completely isolated secure compartment of memory, called an enclave or a Trusted Execution Environment, which is designed to be protected from processes running at higher privilege levels like the operating system.

Many companies have struggled to recover from digital attacks because they have relied on traditional on-premise file sharing infrastructures with system failovers using duplicate infrastructures for disaster recovery. Many companies have forked out big money to attackers simply because they don't want to lose productive time, but cloud file storage systems' level of control enables the CIO to show the C-level team that the company can plan for and practice attack scenarios; the IT team can set more predictable and faster Recovery Time Objectives and adapt company recovery plans as new ransomware exploits emerge over time.

"It was like changing an engine on a plane while it was in flight." That's how one security decision maker described the shift to remote work the pandemic forced last year. With end users working from anywhere - in some cases using personal devices to access cloud apps and corporate resources - the attack surface is larger than it has ever been.