Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks

The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies. Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after the LockBit operator had a falling out with Read More …

Australia asks FBI to help find attacker who stole data from millions of users

Australian authorities have asked the United States Federal Bureau of Investigation (FBI) to assist with investigations into the data breach at local telco Optus. Attorney general Mark Dreyfus yesterday revealed the FBI was asked to help identify the entities involved Read More …

New NullMixer dropper infects your PC with a dozen malware families

A new malware dropper named ‘NullMixer’ is infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results. NullMixer acts as an infection funnel, using a single Windows executable Read More …

Ukrainian hackers attacked the Mir payment system

Hackers staged a powerful and large-scale DDoS attack on the national payment system “Mir” against the backdrop of news about the possible refusal of a number of countries to work with it. How informs “Kommersant”, the goal is to overload Read More …

UK Police arrests teen believed to be behind Uber, Rockstar hacks

The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved in recent cyberattacks. In a short tweet shared by law enforcement, the teen was arrested in Oxfordshire as part of Read More …

Control System Defense: Know the Opponent

Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat (APT) groups, target OT/ICS assets to Read More …

Noberus Ransomware: Darkside and BlackMatter Successor Continues to Evolve its Tactics

Attackers deploying the Noberus (aka BlackCat, ALPHV) ransomware have been using new tactics, tools, and procedures (TTPs) in recent months, making the threat more dangerous than ever. Among some of the more notable developments has been the use of a Read More …

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

Cybercriminals compromise domain names to attack the owners or users of the domains directly, or use them for various nefarious endeavors, including phishing, malware distribution, and command and control (C2) operations. A special case of DNS hijacking is called domain Read More …

Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices

Microsoft analysis of a recent version of a previously reported info-stealing Android malware, delivered through an ongoing SMS campaign, demonstrates the continuous evolution of mobile threats. Masquerading as a banking rewards app, this new version has additional remote access trojan Read More …