The Budworm advanced persistent threat (APT) group continues to actively develop its toolset. Most recently, the Threat Hunter Team in Symantec, part of Broadcom, discovered Budworm using an updated version of one of its key tools to target a Middle Eastern telecommunications organization and an Asian government. Both attacks occurred in August 2023. Budworm (aka LuckyMouse, Emissary Panda, […]
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing […]
Researchers have discovered the infrastructure linked to a threat group called ShadowSyndicate, believed to have launched attacks using seven distinct ransomware families in the last year. Active since June 2022 or earlier, connections between this group and the developers of Cl0p, Play, Royal, and Cactus ransomware have been highlighted in a study by Group-IB and […]
Sony has launched an investigation after a cybercrime group claimed to have compromised the company’s systems, offering to sell stolen data. A representative of the Japanese electronics and entertainment giant told SecurityWeek that it’s currently investigating the situation and has no further comments at this time. The probe was launched after a relatively new ransomware […]
The infamous ALPHV ransomware group, also recognized as Black Cat hacker collective, has revealed the list of its latest victims. With a growing list of compromised entities, the group has lately honed in on three fresh targets in its most recent targeted attacks. In this latest series of cyber attacks, Clarion, Phil-Data Business Systems Inc, […]
Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. “ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs,” Group-IB and Bridewell said in a new joint […]
The Royal ransomware group intruded Dallas’ systems and surveilled and exfiltrated data for a month before it initiated a ransomware attack that threw city operations into disarray last spring, the city said Wednesday in a post-attack report. The prolific ransomware group, which was linked to a spree of attacks in the Dallas metro area, established […]
Researchers at SentinelOne have noticed a potential cyberespionage group, whose origins are unclear (as of now), and employed modular backdoors and covert techniques to target telecommunication firms in the Middle East, Western Europe, and South Asia. This group, labeled Sandman APT, utilizes a new backdoor named LuaJIT, which is a just-in-time compiler for the Lua […]
A cyberattack suspected to be carried out by a pro-Russia hacking group reportedly resulted in widespread service disruptions at several Canadian airports. The Canada Border Services Agency (CBSA) confirmed to Recorded Future News that the connectivity issues that affected check-in kiosks and electronic gates at airports last week are the result of a distributed denial […]