North of 1,000 samples of the Godfather mobile banking Trojan are circulating in dozens of countries worldwide, targeting hundreds of banking apps. First discovered in 2022, Godfather — which can record screens and keystrokes, intercepts two-factor authentication (2FA) calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread […]
Apr 11, 2024NewsroomEndpoint Security / Ransomware A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. “This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors,” Proofpoint said. “Additionally, […]
Dozens of environments and hundreds of individual user accounts have already been compromised in an ongoing campaign targeting Microsoft Azure corporate clouds. The activity is in some ways scattershot — involving data exfiltration, financial fraud, impersonation, and more, against organizations in a wide variety of geographic regions and industry verticals — but also very honed, […]
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible […]
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive “criminal affiliate program,” new findings from Infoblox reveal. The latest development demonstrates the “breadth of their activities and depth of their connections within the cybercrime industry,” the company said, describing […]
Pro-Palestinian hackers say they breached dozens of Israeli entities amid the ongoing war in Gaza, which has also extended into cyberspace. A group calling itself Cyber Toufan said it launched an operation against Israel at the end of November, promising to publish leaked information from hacked websites every day throughout the month. Earlier this week, […]
A prolific Russian-speaking ransomware group has made over $100m from dozens of victims since April 2022, new analysis has revealed. Corvus Insurance used the Elliptic Investigator blockchain forensics tool to lift the lid on the Black Basta group. The tool helped it to uncover patterns in the group’s online activities which enabled it to trace […]
VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited by attackers to alter firmware or escalate privileges. It’s not uncommon for threat actors, including cybercriminals and state-sponsored groups, to abuse kernel drivers in their operations. Such drivers can allow malicious hackers to manipulate system […]
Dozens of vulnerabilities affecting the Squid caching and forwarding web proxy remain unpatched two years after a researcher responsibly disclosed them to developers. Squid is a widely used open source proxy. According to the official site, “Many of you are using Squid without even knowing it! Some companies have embedded Squid in their home or […]