Security News

"Cybercriminals continue to adjust their tactics, and the FBI has observed emerging ransomware trends, such as the deployment of multiple ransomware variants against the same victim and the use of data-destruction tactics to increase pressure on victims to negotiate," according to the IC3 report. Crooks had no qualms about infecting critical infrastructure organizations with ransomware.

A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom Security said in a report published last week.

Ransomware attacks from the 8Base group claimed the second largest number of victims over the past 30 days, says VMware. Analyzing ransomware attacks in June 2023, VMware found 8Base hit almost 80 victims over the past 30 days, second only to the LockBit 3 gang, which compromised almost 100 organizations.

A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a "Massive spike in activity" in May and June 2023. VMware said 8Base is "Strikingly" similar to that of another data extortion group tracked as RansomHouse, citing overlaps in the ransom notes dropped on compromised machines and the language used in the respective data leak portals.

Microsoft revealed in an update to the Azure status page that the preliminary root cause behind an outage that impacted the Azure Portal worldwide on Friday was what it described as a traffic "Spike." Customers who wanted to access the Azure Portal on Friday afternoon at portal.

Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S. EvilExtractor is sold by a company named Kodex for $59/month, featuring seven attack modules, including ransomware, credential extraction, and Windows Defender bypassing. While marketed as a legitimate tool, BleepingComputer was told that EvilExtractor is primarily promoted to threat actors on hacking forums.

Americans are increasingly targeted in 'pig butchering' cryptocurrency investment schemes, according to a public service announcement issued today by the Federal Bureau of Investigation. In cryptocurrency scams, the fraudsters will approach victims via dating platforms, messaging apps, or social media platforms to build trust and introduce them to an investment scheme that will eventually allow them to empty the targets' crypto wallets.

Phishing attempts targeting victims in the Middle East increased 100 percent last month in the lead up to the World Cup in Qatar, according to security shop Trellix. Trellix's phishing net also caught emails spoofing Snoonu, the official food delivery partner of the World Cup, that offered fake free match tickets and contained a malicious xlsm attachment.

As insurance companies struggle to stay afloat amid rising cyber claims, Swiss Re has recommended a public-private partnership insurance scheme with one option being a government-backed fund to help fill the coverage gap. Global cyber insurance premiums hit $10 billion in 2021, according to Swiss Re's estimates.

Telegram messaging has taken a pivotal role in the ongoing conflict between Russia and Ukraine, as it is being massively used by hacktivists and cybercriminals alike. According to a report from cybersecurity company Check Point, the number of Telegram groups has increased sixfold since February 24 and some of them, dedicated to certain topics, have ballooned in size, in some cases counting more than 250,000 members.