cyber crime

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends and provide recommendations to reduce the attack surface to ransomware attacks. As of July 2023, […]

The post FBI: Ransomware actors abuse third parties and legitimate system tools for initial access appeared first on Security Affairs.

November 8, 2023
0 comment
Read More >>

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. The impacted hospitals are Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, and Windsor […]

The post Five Canadian Hospitals impacted by a ransomware attack on TransForm provider appeared first on Security Affairs.

November 8, 2023
0 comment
Read More >>

Socks5Systemz proxy service delivered via PrivateLoader and Amadey

Threat actors infected more than 10,000 devices worldwide with the ‘PrivateLoader’ and ‘Amadey’ loaders to recruit them into the proxy botnet ‘Socks5Systemz.’ Bitsight researchers uncovered a proxy botnet delivered, tracked as Socks5Systemz, which was delivered by PrivateLoader and Amadey loaders. The name Socks5Systemz comes from the name of the unique login panel consistently present in […]

The post Socks5Systemz proxy service delivered via PrivateLoader and Amadey appeared first on Security Affairs.

November 6, 2023
0 comment
Read More >>

US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors

The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Friday sanctioned Ekaterina Zhdanova, a Russian national, for her role in laundering and managing virtual currency on behalf of Russian elites, ransomware operators, and other threat actors. “Through […]

The post US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors appeared first on Security Affairs.

November 5, 2023
0 comment
Read More >>

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are cloud security firm Aqua have observed threat actors exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables in attacks against cloud environments. The vulnerability Looney Tunables (CVE-2023-4911 (CVSS score 7.8)) is a buffer overflow issue that […]

The post Kinsing threat actors probed the Looney Tunables flaws in recent attacks appeared first on Security Affairs.

November 4, 2023
0 comment
Read More >>

Multiple WhatsApp mods spotted containing the CanesSpy Spyware

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users. These modifications can serve various purposes, such as adding new features, customizing the app’s […]

The post Multiple WhatsApp mods spotted containing the CanesSpy Spyware appeared first on Security Affairs.

November 3, 2023
0 comment
Read More >>

Clop group obtained access to the email addresses of about 632,000 US federal employees

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit […]

The post Clop group obtained access to the email addresses of about 632,000 US federal employees appeared first on Security Affairs.

November 3, 2023
0 comment
Read More >>

Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. Apache ActiveMQ is an open-source message broker software that serves as a message-oriented middleware (MOM) […]

The post Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware appeared first on Security Affairs.

November 2, 2023
0 comment
Read More >>

Boeing confirmed its services division suffered a cyberattack

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors.  In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022). Last week, the […]

The post Boeing confirmed its services division suffered a cyberattack appeared first on Security Affairs.

November 2, 2023
0 comment
Read More >>