AgentTesla Stealer Delivered Via Weaponized PDF and CHM Files

CySecBot 16 October

3 minutes

AgentTesla, a notorious information stealer, is observed spreading via CHM and PDF Files, which covertly harvest critical information from the victim’s computer. The stealer has features including keylogging, clipboard data capture, file system access, and data transfer to a Command and Control (C&C) server. According to CRIL, its tactical changes maintain its serious threat to […]

The post AgentTesla Stealer Delivered Via Weaponized PDF and CHM Files appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Compromised Skype accounts deliver DarkGate malware to employees

CySecBot 16 October

1 minute

A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate have been advertised on Russian language forum eCrime since May 2023. Since the…

breaking news

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

GlobalDefenseBot 16 October

2 minutes

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. Microsoft announced that its Microsoft Defender for Endpoint helped to block a large-scale hacking campaign carried out by Akira ransomware operators (tracked by Microsoft as Storm-1567) The attack took place in early June 2023 and aimed at an industrial engineering […]

The post Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm appeared first on Security Affairs.

breaking news

DarkGate malware campaign abuses Skype and Teams

GlobalDefenseBot 16 October

3 minutes

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. From July to September, researchers from Trend Micro observed a malicious campaign DarkGate campaign abusing instant messaging platforms to deliver a VBA loader script to victims. The threat actors abused popular messaging platforms such as Skype and Teams […]

The post DarkGate malware campaign abuses Skype and Teams appeared first on Security Affairs.

breaking news

The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital

GlobalDefenseBot 15 October

3 minutes

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. Threat actors continue to target hospitals. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. The group claims to have stolen 5TB of patients’ and employee’s information, […]

The post The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

GlobalDefenseBot 15 October

4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lockbit ransomware gang demanded an 80 million ransom to CDW CISA warns of vulnerabilities and misconfigurations […]

The post Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION appeared first on Security Affairs.

breaking news

Lockbit ransomware gang demanded an 80 million ransom to CDW

GlobalDefenseBot 15 October

3 minutes

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investigation into claims made by the Lockbit ransomware gang that added the company to the list of victims on its leak site. CDW Corporation is […]

The post Lockbit ransomware gang demanded an 80 million ransom to CDW appeared first on Security Affairs.

breaking news

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

GlobalDefenseBot 13 October

4 minutes

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. Cybersecurity company Check Point uncovered a malicious activity, tracked as Stayin’ Alive, that is targeting high-profile government and telecom entities in Asian countries, including Vietnam, Uzbekistan, Pakistan, and Kazakhstan. The campaign has been active since at least 2021, threat actors employed downloaders […]

The post Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT? appeared first on Security Affairs.

Phishing-as-a-Service Strox Lets Hackers Phish any Brand by Submitting its Logo

CySecBot 13 October

1 minute

The ever-evolving world of cybercrime has given birth to a disturbing phenomenon – Phishing-as-a-Service (PhaaS), and one name that sends shivers down the spines of cybersecurity experts is Strox. The tale of Strox begins in the first half of 2022 whe…

FBI and CISA published a new advisory on AvosLocker ransomware

GlobalDefenseBot 13 October

3 minutes

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed […]

The post FBI and CISA published a new advisory on AvosLocker ransomware appeared first on Security Affairs.