breaking news

Magecart campaign abuses legitimate sites to host web skimmers and act as C2

GlobalDefenseBot
3 minutes

A new ongoing Magecart web skimmer campaign abuse legitimate websites to act as makeshift command and control (C2) servers. Akamai researchers discovered a new ongoing Magecart web skimmer campaign aimed at stealing personally identifiable information (PII) and credit card information from users in North America, Latin America, and Europe. Magecart attacks target e-commerce websites, the […]

The post Magecart campaign abuses legitimate sites to host web skimmers and act as C2 appeared first on Security Affairs.

breaking news

Spanish bank Globalcaja confirms Play ransomware attack

GlobalDefenseBot
2 minutes

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients. Globalcaja was the victim of […]

The post Spanish bank Globalcaja confirms Play ransomware attack appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition

GlobalDefenseBot
3 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from […]

The post Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

New Linux Ransomware BlackSuit is similar to Royal ransomware

GlobalDefenseBot
3 minutes

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has […]

The post New Linux Ransomware BlackSuit is similar to Royal ransomware appeared first on Security Affairs.

Kaspersky Reveals iPhones of Employees Infected with Spyware

CySecBot
1 minute

By Waqas
The researchers discovered the oldest traces of infection in 2019, and it is believed that the attack is still active.
This is a post from HackRead.com Read the original post: Kaspersky Reveals iPhones of Employees Infected with Spyware

breaking news

New botnet Horabot targets Latin America

GlobalDefenseBot
3 minutes

A new botnet malware dubbed Horabot is targeting Spanish-speaking users in Latin America since at least November 2020. Cisco Talos researchers were observed deploying a previously unidentified botnet, dubbed Horabot, that is targeting Spanish-speaking users in the Americas. The botnet is used to deliver a banking trojan and spam tool to the infected systems, Horabot has been […]

The post New botnet Horabot targets Latin America appeared first on Security Affairs.

breaking news

Point32Health ransomware attack exposed info of 2.5M people

GlobalDefenseBot
2 minutes

After the recent ransomware attack, Point32Health disclosed a data breach that impacted 2.5 million Harvard Pilgrim Health Care subscribers. In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party […]

The post Point32Health ransomware attack exposed info of 2.5M people appeared first on Security Affairs.

breaking news

MOVEit Transfer software zero-day actively exploited in the wild

GlobalDefenseBot
3 minutes

Threat actors are exploiting a zero-day flaw in Progress Software’s MOVEit Transfer product to steal data from organizations. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files […]

The post MOVEit Transfer software zero-day actively exploited in the wild appeared first on Security Affairs.

Qakbot: The trojan that just won’t go away

CySecBot
1 minute

Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. &#8220…

Cybercriminals use legitimate websites to obfuscate malicious payloads

CySecBot
1 minute

According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the nee…