Cybercrime

September 14, 2022

Trend Micro researchers have recently observed malicious actors exploiting both recently disclosed and older Oracle WebLogic Server vulnerabilities to deliver cryptocurrency-mining malware. Oracle WebLogic Server is typically used for developing and deploying high-traffic enterprise applications on cloud environments and engineered and conventional systems. One of the older vulnerabilities that is still being actively exploited by malicious ...

September 14, 2022

Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. Daixin Team has taken credit for a September 1 assault on Texas-based OakBend Medical Center, causing a shutdown of the organization’s communication and IT systems as well as exfiltrating internal data. The criminals claim to have stolen ...

September 14, 2022

The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare portals, payment information, and websites. In one case, the attacker ...

September 13, 2022

Security researchers have developed an implementation of the Sysinternals PsExec utility that allows moving laterally in a network using a single, less monitored port, Windows TCP port 135. PsExec is designed to help administrators execute processes remotely on machines in the network without the need to install a client. Threat actors have also adopted the tool and ...

September 12, 2022

Cisco has confirmed that the data leaked yesterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May. However, the company says in an update that the leak does not change the initial assessment that the incident has no impact on the business: Read more… Source: Bleeping Computer  

September 10, 2022

AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones. The malware was dubbed “Shikitega” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid ...

September 10, 2022

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a ...

September 10, 2022

A sovereign Russian internet could lead to cyber criminal safe havens, greater confidence that large-scale attacks can be carried out without consequences, and intelligence blindspots, according to a new report published today by cyber risk analytics expert CyberCube. The research “Ukraine Cyber War Update: Spotlight on activity six months later” examines the dramatic rise in the ...

September 8, 2022

For the first time in five years of observations, the lowest percentage in the ‎first half of the year was observed in March.‎ During the period from January to March, the percentage of attacked ICS computers decreased by 1.7 p.p. Among regions, the highest percentage of ICS computers on which malicious objects were blocked was observed ...

September 7, 2022

Criminals are cashing in on the energy crisis by offering bogus rebates to try and trick victims into handing over bank account details. Police say in the past fortnight they’ve had nearly 1,600 reports of suspicious emails with links to malicious websites designed to steal personal and financial information. The scam emails pretend to be from the ...