Security News
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in Armenia and three in Ukraine. The police have identified eight fugitives linked to the malware operations, who will be added to Europol's 'Most Wanted' list later today.
Cybercriminals are abusing Stack Overflow in an interesting approach to spreading malware-answering users' questions by promoting a malicious PyPi package that installs Windows information-stealing malware. Sonatype researcher Ax Sharma discovered this new PyPi package is part of a previously known 'Cool package' campaign, named after a string in the package's metadata, that targeted Windows users last year.
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a...
Ransomware didn't just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. Double leverage attacks - those using both data encryption and exfiltration - also grew by 51% in 2023, demonstrating that threat actors shifted their tactics to pressure more victims into paying ransoms.
The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Cybercriminals are targeting the ever-increasing number of new vulnerabilities resulting from the exponential growth in the number and variety of connected devices and an explosion in new applications and online services, according to Fortinet. Attacks started on average 4.76 days after new exploits were publicly disclosed: Like the 1H 2023 Global Threat Landscape Report, FortiGuard Labs sought to determine how long it takes for a vulnerability to move from initial release to exploitation, whether vulnerabilities with a high Exploit Prediction Scoring System score get exploited faster, and whether it could predict the average time-to-exploitation using EPSS data.
Mandiant says the small increase over last year's figures, which were the lowest ever recorded for the region, could be due to data normalizing after Mandiant's work in Ukraine. Its own red teamers are able to achieve their objectives within five to seven days, it said, and given that equally capable enemies are carrying out their attacks regularly, these times need to drop if the number of successful attacks are too.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. According to researchers at mobile security company Lookout, campaigns using this phishing kit also targeted cryptocurrency platforms Binance, Coinbase, Kraken, and Gemini, using pages that impersonated Okta, Gmail, iCloud, Outlook, Twitter, Yahoo, and AOL. During its investigations, LastPass discovered that its service was recently added to the CryptoChameleon kit, and a phishing site was hosted at at the "Help-lastpass[.]com" domain.