Cybercrime

September 16, 2023

According to the Ministry of State Security on Saturday which is the 23rd National Defense Education Day, China has become the main victim of advanced persistent threat (APT) attacks, adding that cyberspace has become an important battleground for foreign intelligence agencies to conduct cyber espionage against China, Xinhua Daily Telegraph reported. The national security departments of ...

September 15, 2023

UNC3944 is a financially motivated threat cluster that has persistently used phone-based social engineering and SMS phishing campaigns (smishing) to obtain credentials to gain and escalate access to victim organizations. At least some UNC3944 threat actors appear to operate in underground communities, such as Telegram and underground forums, which they may leverage to acquire tools, ...

September 15, 2023

The Spotlight Report ‘Cyber-attacks: the apex of crime-as-a-service’, examines the developments in cyber-attacks, discussing new methodologies and threats as observed by Europol’s operational analysts. It also outlines the types of criminal structures that are behind cyber-attacks, and how these increasingly professionalised groups are exploiting changes in geopolitics as part of their methodologies. This report is the ...

September 14, 2023

Police officers’ personal details have been hacked after a company was targeted in a cyber attack. The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP). The force confirmed it was aware of the ransomware attack. The hack means thousands of ...

September 14, 2023

The consequences of last year’s LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the “unauthorized party” that compromised LastPass users’ data was able to steal password vaults, it’s likely that they are having a hard time cracking them open. LastPass’s own ...

September 13, 2023

In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. That said, he percentage of attacked ICS computers dropped in Q1 2023, but then rose again in Q2 2023, reaching highest quarterly figure since 2022 – 26.8%. Read more… Source: Kaspersky  

September 13, 2023

A new ransomware family calling itself 3AM has emerged. To date, the ransomware has only been used in a limited fashion. Symantec’s Threat Hunter Team, part of Broadcom, has seen it used in a single attack by a ransomware affiliate that attempted to deploy LockBit on a target’s network and then switched to 3AM when ...

September 13, 2023

Trend Micro researchers have been observing malware families RedLine and Vidar since the middle of 2022, when both were used by threat actors to target victims via spear-phishing scams. Earlier this year, RedLine targeted the hospitality industry with its info stealer malware. Their latest investigations show that the threat actors behind RedLine and Vidar now ...

September 13, 2023

The Ministry of Technology said an investigation was called into the cyberattack that transpired on the 26th of August 2023. The statement added that the cyberattack, which targeted email systems under the ‘gov.lk’ domain, resulted in substantial data loss and a disruption of communications within various state offices. It stated that the ICTA disclosed that this ...

September 12, 2023

One of the most exciting aspects of malware analysis is coming across a family that is new or rare to the reversing community. Determining the function of the malware, who created it, and the reasons behind it become a mystery to solve. The previously unseen dropper variant FortiGuard Labs researchers recently found, named MidgeDropper, has ...