Nearly five months after security researchers warned of the Cactus ransomware group leveraging a set of three vulnerabilities in Qlik Sense data analytics and business intelligence (BI) platform, many organizations remain dangerously vulnerable to the threat. Qlik disclosed the vulnerabilities in August and September. The company’s August disclosure involved two bugs in multiple versions of […]
A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed. APT28 (aka Strontium, Forest Blizzard) has been using GooseEgg since potentially as far back as April 2019 to exploit CVE-2022-38028, Microsoft said in a new […]
Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. “Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia,” cybersecurity agencies from the […]
Dive Brief: UnitedHealth Group estimates costs from the Change Healthcare cyberattack could reach $1.6 billion this year, executives said on Tuesday. However, the managed care giant maintained its full-year earnings guidance, suggesting the financial fallout from the attack on the massive claims clearinghouse may be less serious than feared. The hit comes from direct response […]
Russian nation-state group Sandworm is believed to be utilizing a novel backdoor to target organizations in Ukraine and other Eastern and Central European countries, according to WithSecure researchers. The previously unreported backdoor, dubbed ‘Kapeka’, has a high level of stealth and sophistication, designed to both serve as an early-stage toolkit for its operators, and also […]
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets Pierluigi Paganini April 15, 2024 The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities […]
Insikt Group examines a large-scale Russian-language cybercrime operation using fake Web3 gaming initiatives to distribute malware designed to steal information from both macOS and Windows users. These Web3 games, which are based on blockchain technology, offer the potential for financial gains through cryptocurrency earnings. Web of Deceit: The Rise of Imitation Web3 Gaming Scams and […]
The Vedalia APT group has ingeniously utilized LNK files with double extensions, effectively masking the malicious .lnk extension. This tactic deceives users into believing the files are harmless, increasing the likelihood of execution.
Apr 09, 2024NewsroomBotnet / Crypto Mining A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain, Sysdig said in a report […]