The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Author Archives: Onsite Computing, Inc.
A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). […] Go to Source Author: Bill Toulas
Reports that a Fortune 50 company paid a $75 million ransom to the Dark Angels ransomware group back in March is raising questions about whether CISOs should revisit their ransomware decision processes. The payment, which Zscaler said is almost double the previous top ransom paid, is concerning, not solely for the large dollar amount, but […]
The United Kingdom’s National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. […] Go to Source Author: Sergiu Gatlan
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. […] Go to Source Author: Bill Toulas
Pharmaceutical giant Cencora has confirmed that patients’ protected health information and personally identifiable information (PII) was exposed in a February cyberattack. […] Go to Source Author: Lawrence Abrams
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. […] Go to Source Author: Sergiu Gatlan
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox […]
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets. “Upon installation, this code […]