breaking news

Experts temporarily disrupted the RedLine Stealer operations

Security experts from ESET, have temporarily disrupted the operations of the RedLine Stealer with the help of GitHub. ESET researchers announced to have temporarily disrupted the operations of the RedLine Stealer with the help of GitHub. The two companies teamed up with Flare to curb the operations of the malware operators. The experts discovered that […]

The post Experts temporarily disrupted the RedLine Stealer operations appeared first on Security Affairs.

April 18, 2023
0 comment
Read More >>

CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added Chrome and macOS vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to […]

The post CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

April 18, 2023
0 comment
Read More >>

The intricate relationships between the FIN7 group and members of the Conti ransomware gang

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force researchers recently discovered a new malware family, called Domino, which was created by developers associated with the FIN7 cybercriminal group (tracked by X-Force as ITG14). FIN7 is a Russian criminal group (aka Carbanak) that has […]

The post The intricate relationships between the FIN7 group and members of the Conti ransomware gang appeared first on Security Affairs.

April 18, 2023
0 comment
Read More >>

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. The victims include journalists, political opposition figures, and an NGO worker […]

The post Israeli surveillance firm QuaDream is shutting down amidst spyware accusations appeared first on Security Affairs.

April 18, 2023
0 comment
Read More >>

New QBot campaign delivered hijacking business correspondence

Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts observed a surge in attacks that QBot malware attacks (aka Qakbot, QuackBot, and Pinkslipbot). QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other […]

The post New QBot campaign delivered hijacking business correspondence appeared first on Security Affairs.

April 17, 2023
0 comment
Read More >>

China-linked APT41 group spotted using open-source red teaming tool GC2

China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control (GC2) in an attack against an unnamed Taiwanese media organization. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, […]

The post China-linked APT41 group spotted using open-source red teaming tool GC2 appeared first on Security Affairs.

April 17, 2023
0 comment
Read More >>

Vice Society gang is using a custom PowerShell tool for data exfiltration

Vice Society ransomware operators have been spotted using a PowerShell tool to exfiltrate data from compromised networks. Palo Alto Unit 42 team identified observed the Vice Society ransomware gang exfiltrating data from a victim network using a custom-built Microsoft PowerShell (PS) script. Threat actors are using the PowerShell tool to evade software and/or human-based security detection mechanisms. PS scripting […]

The post Vice Society gang is using a custom PowerShell tool for data exfiltration appeared first on Security Affairs.

April 17, 2023
0 comment
Read More >>

Experts warn of an emerging Python-based credential harvester named Legion

Legion is an emerging Python-based credential harvester and hacking tool that allows operators to break into various online services. Cado Labs researchers recently discovered a new Python-based credential harvester and hacking tool, named Legion, which was sold via Telegram. At this time, the sample analyzed by Cado Labs has a low detection rate of 0 […]

The post Experts warn of an emerging Python-based credential harvester named Legion appeared first on Security Affairs.

April 17, 2023
0 comment
Read More >>

Experts found the first LockBit encryptor that targets macOS systems

Researchers warn that the LockBit ransomware gang has developed encryptors to target macOS devices. The LockBit group is the first ransomware gang of all time that has created encryptors to target macOS systems, MalwareHunterTeam team warn. MalwareHunterTeam researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal. The discovery is disconcerting and demonstrates […]

The post Experts found the first LockBit encryptor that targets macOS systems appeared first on Security Affairs.

April 16, 2023
0 comment
Read More >>

NCR was the victim of BlackCat/ALPHV ransomware gang

NCR was the victim of the BlackCat/ALPHV ransomware gang, the attack caused an outage on the company’s Aloha PoS platform. NCR Corporation, previously known as National Cash Register, is an American software, consulting and technology company providing several professional services and electronic products. It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, […]

The post NCR was the victim of BlackCat/ALPHV ransomware gang appeared first on Security Affairs.

April 16, 2023
0 comment
Read More >>