- New Marsilia Ransomware Downloader Found
March 4, 2024
This week, the SonicWall Capture Labs threat research team analyzed a sample of Marsilia malware, also known as Mallox. This is a multi-stage sample that, when functional, will have a first stage that enumerates system information and creates persistence. The second stage is then downloaded and will perform data extraction and encryption for ransomware purposes. The ...
- New Banking Trojan “CHAVECLOAK” Targets Brazil
March 4, 2024
FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware. Notably, CHAVECLOAK is specifically designed to target users in Brazil, aiming to steal sensitive information linked to ...
- FCC and crypto firms are being hit in advanced phishing attacks using fake Okta logins
March 4, 2024
Security researchers have observed a highly sophisticated phishing campaign targeting employees of the US Federal Communications Commission (FCC), as well as popular crypto exchanges Binance, Coinbase, Kraken, and Gemini. First, they would create landing pages for logging into places like the FCC portal, or Binance. These landing pages would be seemingly identical to the authentic ones, ...
- South Africa: CIPC cyber attack leaves millions of entities vulnerable across nation
March 4, 2024
Sensitive data of at least three-million entities and individuals who were registered with the Companies and Intellectual Property Commission (CIPC) could have fallen into the wrong hands when the organisation’s database was hacked this week. Addresses, credit card details, ID numbers and names of companies and individuals might be compromised and the CIPC has called on ...
- BiBi attacks Israel: Pro-Hamas hackers use new malware to attack Israeli companies
March 3, 2024
A wave of new cyberattacks from pro-Hamas hackers using the BiBi malware has been identified in Israel in recent days. This involves four new variants of malware that are able to evade antivirus engines, according to the VirusTotal platform. The BiBi malware is a wiper-type malware designed to erase and corrupt data. Unlike other types of ...
- North Carolina: Around £2.1 million has been stolen from the housing agency as the US Secret Service is investigating
March 3, 2024
It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a multi-million pound fraud investigation by the US Secret Service into millions of public money that was ...
- 20 million Cutout.Pro AI service users hit by massive data breach
March 2, 2024
AI-powered photo and video editing platform Cutout.Pro has become the latest victim to what has turned out to be a pretty sizeable data breach. Personal information relating to as many as 20 million users, including email addresses, hashed and salted passwords, IP addresses, and names has been exposed, prompting significant privacy and security concerns. Read more… Source: MSN ...
- LockBit cyberattack: Fulton County refuses to pay ransom as deadline passes
March 1, 2024
Fulton County leaders say they have not paid any ransom to the criminal group claiming responsibility for the cyberattack that affected several of the county’s agencies. The group LockBit had set a deadline of 8:49 a.m. on Thursday for Fulton County to pay the ransom or risk having stolen data leaked onto the dark web. This ...
- US prescription market hamstrung for 9 days (so far) by ransomware attack
March 1, 2024
Nine days after a Russian-speaking ransomware syndicate took down the biggest US health care payment processor, pharmacies, health care providers, and patients were still scrambling to fill prescriptions for medicines, many of which are lifesaving. On Thursday, UnitedHealth Group accused a notorious ransomware gang known both as AlphV and Black Cat of hacking its subsidiary, Optum. ...
- Malicious meeting invite fix targets Mac users
March 1, 2024
Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. During the attacks the criminals will send a link supposedly to add a meeting to the target’s calendar. In reality the link runs a script to install Mac malware on the target’s machine. Cybersecurity expert Brian Krebs investigated and flagged the issue. Scammers, impersonating ...