MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Trend Micro researchers have been continuously monitoring the MOONSHINE exploit kit’s activity since 2019. During our research, they discovered a MOONSHINE exploit kit server with improper operational security: Its server exposed MOONSHINE’s toolkits and operation logs, which revealed the information Read More …

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social engineering campaign back in May, 2024, Read More …

Ireland: Woman, 20s, arrested over potential data breach at utility service provider

A woman has been arrested over a potential data breach at a national utility service provider last year. The woman, aged in her 20s, was arrested yesterday and is detained at a garda station in Dublin. The potential breach was Read More …

UK: Ransomware hackers target NHS hospitals with new cyberattacks

Ransomware hackers have continued an assault on National Health Service trusts across the United Kingdom by compromising multiple hospitals, exposing sensitive patient data and disrupting emergency services. Inc Ransom, a prolific Russia-linked ransomware group that claimed responsibility for an attack Read More …

Foreign espionage agencies exploit crowdsourcing for covert intelligence gathering in China

China’s Ministry of State Security revealed on Wednesday that foreign intelligence agencies are using crowdsourcing to gather sensitive data in China, posing a covert but serious threat to national security. This covert method, dubbed “crowdsourced espionage,” poses an escalating threat. Read More …

AI chatbot provider exposes 346,000 customer files, including ID documents, resumes, and medical records

Researchers have discovered a huge Google Cloud Storage bucket, found freely accessible on the internet and containing a treasure trove of personal information. AI startup WotNot provides companies with the ability to create their own customized chatbot. The company reportedly Read More …

INTERPOL campaign warns against cyber and financial crimes

INTERPOL has launched a campaign to raise awareness on the growing threat of cyber and financial crimes against vulnerable individuals and organizations. The Think Twice campaign, which includes a series of short videos, focuses on five rising online threats: ransomware Read More …

Major SABS cyberattack raises questions about entity’s leadership

The South African Bureau of Standards (SABS) has suffered a major ransomware cyberattack, resulting in critical IT systems going down, Engineering News has learned. This is not the first time the SABS IT infrastructure has been hacked, with previous incidents Read More …

Threat Assessment: Howling Scorpius (Akira Ransomware)

Emerging in early 2023, the Howling Scorpius ransomware group is the entity behind the Akira ransomware-as-a-service (RaaS), which has consistently ranked in recent months among the top five most active ransomware groups. Its double extortion strategy significantly amplifies the threat Read More …

Zyxel Releases Advisory for Exploited Vulnerability CVE-2024-11667

Zyxel has released a security advisory addressing recent targeting of its firewall products. Attackers have been observed exploiting vulnerabilities patched in September (see Cyber Alert CC-4541) and a previously undisclosed high severity vulnerability. CVE-2024-11667 is a path traversal vulnerability and Read More …