Cybercrime

October 22, 2020

French IT services giant Sopra Steria suffered a cyberattack on October 20th, 2020, that reportedly encrypted portions of their network with the Ryuk ransomware. Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide. The company provides a wide range of IT services, including consulting, systems integration, and software development. On October ...

October 21, 2020

In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola. The history of this ransomware began in the first half of 2019, and back then it didn’t have ...

October 21, 2020

A month after details were published about three severe vulnerabilities in a type of server used to manage fleets of mobile devices, multiple threat actors are now exploiting these bugs to take over crucial enterprise servers and even orchestrate intrusions inside company networks. The targets of these attacks are MDM servers from software maker MobileIron. MDM stands ...

October 21, 2020

Montreal’s Société de transport de Montréal (STM) public transport system was hit with a RansomExx ransomware attack that has impacted services and online systems. On October 19th, STM suffered an outage that affected its IT systems, website, and customer support. While these outages did not affect the operation of buses or metro systems, people with disabilities who ...

October 20, 2020

The Trickbot malware operation is on the brink of completely shutting down following efforts from an alliance of cybersecurity and hosting providers targeting the botnet’s command and control servers. Initial disruption actions seemed to leave the botnet unphased as its operators were able to rebuild the infrastructure and the network of infected computers. Although the battle is ...

October 19, 2020

Researchers have uncovered a new form of malware using remote overlay attacks to strike Brazilian bank account holders. The new malware variant, dubbed Vizom by IBM, is being utilized in an active campaign across Brazil designed to compromise bank accounts via online financial services. On Tuesday, IBM security researchers Chen Nahman, Ofir Ozer, and Limor Kessem said ...

October 19, 2020

A hacking group is donating stolen money to charity in what is seen as a mysterious first for cyber-crime that’s puzzling experts. Darkside hackers claim to have extorted millions of dollars from companies, but say they now want to “make the world a better place”. In a post on the dark web, the gang posted receipts for ...

October 19, 2020

Trend Micro have already published findings on the SLUB malware’s past campaigns. In our latest research paper, we uncovered a recent watering hole campaign that involves a new variant of the malware. The threat, which we dubbed as such due to its abuse of Slack and GitHub in previous versions, has not abused either of ...

October 19, 2020

The Ryuk threat actors have struck again, moving from sending a phishing email to complete encryption across the victim’s network in just five hours. That breakneck speed is partially the result of the gang using the Zerologon privilege-escalation bug (CVE-2020-1472), less than two hours after the initial phish, researchers said. The Zerologon vulnerability allows an unauthenticated attacker ...

October 15, 2020

The card details of more than three million customers of Dickey’s Barbecue Pit, the largest barbecue restaurant chain in the US, have been posted this week on a carding and fraud marketplace known as Joker’s Stash. The discovery was made by Gemini Advisory, a cyber-security firm that tracks financial fraud. “We worked with several partner financial institutions ...