Cybercrime

March 5, 2024

A post on a hacker forum popular with cybercriminals has claimed UnitedHealth Group opens new tab paid $22 million in a bid to recover access to data and systems encrypted by the “Blackcat” ransomware gang, according to two researchers. Neither UnitedHealth nor the hackers involved have commented on the alleged ransom payment, but a cryptocurrency tracing ...

March 5, 2024

While investigating an incident at a large company a few months ago, kaspersky researchers detected uncommon malicious activity inside one of the systems. They ran an analysis on the artifacts, only to find that the adversary had deployed and launched the following: The Angry IP Scanner network scanning utility The mimikatz password, hash, and Kerberos ticket extractor, and ...

March 5, 2024

Head of Iran’s Civil Defense Organization Brigadier General Gholamreza Jalali says Iran has foiled nearly 200 cyber-attacks in the month leading up to the recent parliamentary elections. In an interview with Iranian television on Monday, Jalali said some 4 or 5 major cyber-attacks were carried out during the same period but were foiled by the experts ...

March 4, 2024

Payment card provider American Express Company is warning customers that their credit card details may have been exposed following a breach involving a third-party provider. The details were first revealed in a filing with the State of Massachusetts, with a form letter sent to affected customers stating that a third-party service provider “engaged by numerous merchants ...

March 4, 2024

This week, the SonicWall Capture Labs threat research team analyzed a sample of Marsilia malware, also known as Mallox. This is a multi-stage sample that, when functional, will have a first stage that enumerates system information and creates persistence. The second stage is then downloaded and will perform data extraction and encryption for ransomware purposes. The ...

March 4, 2024

FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware. Notably, CHAVECLOAK is specifically designed to target users in Brazil, aiming to steal sensitive information linked to ...

March 4, 2024

Security researchers have observed a highly sophisticated phishing campaign targeting employees of the US Federal Communications Commission (FCC), as well as popular crypto exchanges Binance, Coinbase, Kraken, and Gemini. First, they would create landing pages for logging into places like the FCC portal, or Binance. These landing pages would be seemingly identical to the authentic ones, ...

March 4, 2024

Sensitive data of at least three-million entities and individuals who were registered with the Companies and Intellectual Property Commission (CIPC) could have fallen into the wrong hands when the organisation’s database was hacked this week. Addresses, credit card details, ID numbers and names of companies and individuals might be compromised and the CIPC has called on ...

March 3, 2024

A wave of new cyberattacks from pro-Hamas hackers using the BiBi malware has been identified in Israel in recent days. This involves four new variants of malware that are able to evade antivirus engines, according to the VirusTotal platform. The BiBi malware is a wiper-type malware designed to erase and corrupt data. Unlike other types of ...

March 3, 2024

It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a multi-million pound fraud investigation by the US Secret Service into millions of public money that was ...