Cybercrime

June 28, 2022

Trend Micro Research recently analyzed several cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. After investigating the chain of events, they found that many of these attacks resulted in data being exfiltrated from the infected systems. However, the researchers also found that some of the victims were infected ...

June 28, 2022

Ransomware operators typically constrain their activities to the dark web to conceal their illegal activities. Their public leak sites and victim communication portals are accessible only on The Onion Router (TOR) network via a specific URL that is only available via direct disclosure. This limits access to fellow operators, victims and security researchers who track ...

June 28, 2022

The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. The Raccoon Stealer operation shut down in March 2022 when its operators announced that one of the lead developers was killed during Russia’s invasion of Ukraine. The remaining team promised to return with ...

June 28, 2022

If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year. RansomHouse says it obtained the files from an intrusion into AMD’s network on January 5, 2022, and that this isn’t ...

June 28, 2022

A NATO member is under attack. Normally the meaning of this would be frighteningly clear, but this is an attack with a difference: not a physical attack, but a cyber attack; and working out what a cyber attack means is never simple. The NATO member in question is the Baltic state of Lithuania, which was targeted on ...

June 27, 2022

Trend Micro has been monitoring the leak sites of multiple ransomware groups since November 2019 and continuously looking at the number and composition of organizations that have been victimized and whose information has been publicized by these groups. As a result of their research thus far, Conti and LockBit stand out in terms of their ...

June 27, 2022

Russian hacker group Killnet has claimed responsibility for a denial-of-service (DDOS) cyberattack on Lithuania, saying it was in response to the decision by Vilnius to block the transit of some sanctioned goods to the Russian exclave of Kaliningrad. Lithuanian state and private institutions were hit by the denial-of-service cyberattack on Monday, the Baltic country’s National Cyber ...

June 26, 2022

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim’s authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. With the large number of data breaches, remote access trojan attacks, and phishing campaigns, stolen login credentials have become abundant. However, the increasing adoption of multi-factor authentication (MFA) has made ...

June 25, 2022

TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack. The company did not confirm but there is reason to suspect that it is dealing with an attack from the LockBit ransomware group. TB Kawashima is a manufacturer ...

June 25, 2022

US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing scourge of ransomware. “Only by working together with key law enforcement and prosecutorial partners in the EU can we effectively combat the threat that ransomware poses to our society,” said US assistant attorney ...