A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Israeli man sentenced to 80 months in prison for providing hacker-for-hire services Russian APT Gamaredon uses […]
8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. Phobos variants are usually distributed by the SmokeLoader, but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. The […]
The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and […]
Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. Most campaigns were using Dropbox links, which then evolved to using XLL and RAR file attachments to evade […]
The post TA402 Group using Weaponized XLL and RAR Files to Deliver Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
Researchers found that vulnerable MySQL servers are being deployed with the Ddostf DDoS bot, which is capable of launching Distributed Denial of Service (DDoS) attacks. Ddostf, which was first identified around 2016, is well-known for supporting both Windows and Linux platforms and is believed to have been built in China. As such, attacks targeting MySQL servers operating […]
The post Ddostf DDoS Malware Attacking MySQL Servers in Windows Environments appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm. The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect other platforms, including Android, Linux, and Mac devices. IPStorm botnet continues to infect systems across […]
SystemBC (aka Coroxy or DroxiDat) is a multifunctional malware known as Proxy, Bot, Backdoor, and RAT, adapting to attackers’ needs. Since 2018, this multifunctional malware has been active, and it remains popular in underground markets, with consistent annual incidents. Cybersecurity researcher, REXor (aka Aaron) recently discovered that several ransomware groups are employing SystemBC, a Swiss […]
The post SystemBC, a SWISS KNIFE Proxy Malware, Used by Numerous Ransomware Groups appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
By Waqas
The FBI arrested the operator of the IPStorm botnet, a Russian-Moldovan national, in Spain.
This is a post from HackRead.com Read the original post: Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US
As ransomware attacks continue wreaking havoc, the latest victim turned out to be the largest…
ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Co…
By Deeba Ahmed
As per cybersecurity researchers at Proofpoint, the APT group TA402 operates in support of Palestinian espionage objectives, with a primary focus on intelligence collection.
This is a post from HackRead.com Read the original post: Pro-Pa…