Security News

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years. "This represents the most funds seized and the highest number of arrests in any coordinated international action," U.S. Attorney General Merrick B. Garland said.

On average, five out of every 1,000 enterprise users attempted to download malware in Q1 2023, and new malware families and variants represented 72% of those malware downloads. As the top two malware types, Trojans accounted for 60% of malware downloads in Q1 and phishing downloads accounted for 13%. Evaluation of primary communication channels for attackers.

An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8 million in cash and cryptocurrency. "The vendors arrested as a result of the police action against Monopoly Market were also active on other illicit marketplaces, further impeding the trade of drugs and illicit goods on the dark web."

We will discuss how organizations can proactively improve their security posture by embracing technology and implementing best practices to defend against these advanced threats. One of the primary ways web applications can be targeted is through vulnerability exploitation searches, where attackers focus on known vulnerabilities in web servers, databases, content management systems, and third-party libraries.

A new "All-in-one" stealer malware named EvilExtractor is being marketed for sale for other threat actors to steal data and files from Windows systems. The network security company said it has observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.

Across all industries, these vulnerabilities, composed of unprotected or compromised assets, data and credentials, have proven to be an increasing challenge for organizations to detect and secure. Almost 1 in 10 of all detected internet-facing assets had an associated unpatched vulnerability.

Microsoft is investigating an ongoing outage blocking customers worldwide from accessing and using web apps and online services. The list of affected services includes Microsoft 365 fort the web, the Microsoft 365 suite, Microsoft Teams, and Microsoft Planner.

Legion targets various services for email exploitation, according to Cado, whose research indicates that Legion is likely linked to the AndroxGh0st malware family first reported in December 2022. The report said Legion appears to be part of an emerging generation of hacking tools that aim to automate the credential harvesting process to compromise SMTP services.

The Deep, Dark Web - The Underground - is a haven for cybercriminals, teeming with tools and resources to launch attacks for financial gain, political motives, and other causes. Did you know that the underground also offers a goldmine of threat intelligence and information that can be harnessed to bolster your cyber defense strategies? The challenge lies in continuously monitoring the right dark web sources and gathering actionable intelligence through manual methods, which can lead to analyst fatigue and delayed action.

A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control. "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week.