A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers.
This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is “likely used in ransomware attacks to establish a foothold for lateral movement.”
Read more…
Source:
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- QakBot attacks with Windows zero-day (CVE-2024-30051)
May 14, 2024
In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild. While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on ...
- Millions of Messages Distribute LockBit Black Ransomware
May 13, 2024
Beginning April 24, 2024 and continuing daily for about a week, Proofpoint observed high-volume campaigns with millions of messages facilitated by the Phorpiex botnet and delivering LockBit Black ransomware. This is the first time Proofpoint researchers have observed samples of LockBit Black ransomware (aka LockBit 3.0) being delivered via Phorpiex in such high volumes. The LockBit ...
- How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
May 13, 2024
The incoming phone call flashes on a victim’s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercriminals the ability to hijack their online accounts or drain their crypto and digital wallets. “This is the PayPal security team here. We’ve detected some unusual activity on your ...
- Philippine National Police checking alleged data breach in its logistics system
May 13, 2024
The Philippine National Police (PNP) on Monday said it was looking into a possible breach in its logistics, data, information, and management system. “At about 10 a.m. today, it was reported that yun pong logistics, data, information, and management system experienced an alleged breach,” PNP spokesperson Police Colonel Jean Fajardo said in a presser. Read more… Source: GMA ...
- Dell data breach may affect up to 49m customers
May 13, 2024
Dell has confirmed a data breach that could, according to reports, have affected up to 49m customers. The breach revealed names and addresses of Dell customers, as well as information about equipment purchased, although the tech giant says that no payment or banking details were uncovered in the incident. Read more… Source: MSN News Sign up for our Newsletter Related:
- Some Firstmac customer details breached in home lender hack
May 10, 2024
Some current and former customers of Brisbane-based non-bank home lender Firstmac were notified this afternoon that some of their details had been compromised in a “cyber incident”. Firstmac said that as soon as the incident was detected, they took steps to secure their systems, and engaged cyber security experts. Read more… Source: MSN News Sign up for our Newsletter Related: