ESET researchers discovered a cyberespionage campaign that, since at least September 2023, has been victimizing Tibetans through a targeted watering hole (also known as a strategic web compromise), and a supply-chain compromise to deliver trojanized installers of Tibetan language translation software. The attackers aimed to deploy malicious downloaders for Windows and macOS to compromise website […]
The attack occurred on September 28 and resulted in data being stolen before the hackers encrypted company systems. The breach impacted patients associated with ESO’s customers, including hospitals and clinics in the US.
The phishing emails were sent to employees in early September and allowed the criminals to steal a range of personal data, including names, health and medical information, credit card numbers, and online account credentials.
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious ads were tricking victims into downloading this piece of malware under the disguise of a popular application. In an interesting new development, AMOS is now being delivered to Mac users via a fake browser update […]
A malware phishing campaign that began spreading DarkGate malware in September of this year has evolved to become one of the most advanced phishing campaigns active in the threat landscape. Since then, the campaign has changed to use evasive tactics and anti-analysis techniques to continue distributing DarkGate, and more recently, PikaBot. The campaign surged just […]
Ransomware activity reached an all-time high in September, with 514 attacks recorded. The previous record was in March 2023, but this new surge was led by different threat groups. LockBit 3.0, LostTrust, and BlackCat were the top attackers.
andresr/Getty Images NCC Group released its Threat Pulse for September, which detailed a shocking increase of 153% in September for ransomware attacks. According to the report, the following groups were listed in the number of attacks: LostTrust RansomedVC LockBit Clop As far as targets for ransomware, North America was once again at the top of […]
Key Points Throughout September 2023, an attacker executed a targeted campaign via Pypi to draw developers using Alibaba cloud services, AWS, and Telegram to their malicious packages. Rather than performing automatic execution, the malicious code within these packages was strategically hidden within functions, designed to trigger only when these functions were called. The Attackers leveraged […]
In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin for the popular tagDiv premium themes Newspaper and Newsmag). Shortly after that, we started noticing new waves of Balada malware injections on websites that were actively using tagDiv themes. This […]