News • Insights • Analysis
Online services such as patient records and email have been down since Monday morning at five southwestern Ontario hospitals following a cyberattack, according to the hospitals’ IT provider. TransForm is a local non-profit founded by Windsor Regional Hospital, Erie Shores Read More …
In Brazil the PIX payment system is becoming more and more popular. Unsurprisingly, cybercriminals are jumping on the bandwagon, trying to abuse the system for their profit. A good example of this is GoPIX, a malware campaign that has been Read More …
In the previous blogpost on Triangulation, Kaspersky researchers discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. The researchers mentioned, among other things, that it is able to Read More …
Proofpoint researchers have long tracked clusters of malicious activity using banking malware to target users and organizations in Brazil and surrounding countries. Recently, researchers observed multiple threat clusters targeting Spain from threat actors and malware that have traditionally targeted Portuguese Read More …
Travellers using the popular hotel website Booking.com are being warned not to fall for scam emails asking them to confirm their hotel payment, after a hack of Booking.com’s email system. In recent weeks the Observer has been contacted by a Read More …
You can never be too careful when surfing the web, even if you’re looking for a new job. Corsair is a prominent name in the gaming hardware and accessories market, and it stands to reason that it would be a Read More …
In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims’ devices, delivering several types of malware all at once. The main aim is to utilize company Read More …
The Iranian Crambus espionage group (aka OilRig, APT34) staged an eight-month-long intrusion against a government in the Middle East between February and September 2023. During the compromise, the attackers stole files and passwords and, in one case, installed a PowerShell Read More …
Servers are always a point of interest for threat actors as they are one of the most efficient attack vectors to penetrate an organization. Server-related accounts often have the highest privilege levels, making lateral movement to other machines in the Read More …
In 2023, the InfoStealer market is a reasonably crowded affair. The likes of RedLine, Raccoon, and Vidar own a significant market share, with new entrants such as SaphireStealer appearing frequently. The latest entry, ExelaStealer has now taken the field. Very Read More …
