Lumen’s Black Lotus Labs recently witnessed that Hackers are currently targeting DrayTek Vigor router models 2960 and 3900 in a campaign known as ‘Hiatus’. The primary goal of hackers is to steal data from victims and establish …
ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. This backdoor is part of an ongoing campaign that ESET can trace back to early January 2023. Execution graph showing the subpro…
By Deeba Ahmed
Authorities have arrested two suspected members of the DoppelPaymer ransomware gang in Germany and Ukraine, believed to be high-value members of the cybercrime syndicate.
This is a post from HackRead.com Read the original post: Top membe…
German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group. “On 28 February 2023, the German […]
The post European police dismantled the DoppelPaymer ransomware gang appeared first on Security Affairs.
An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed HiatusRAT) and a packet capturing program. “The impacted models are high-band…
Experts discovered a fully featured information stealer, tracked as ‘Colour-Blind’ in the Python Package Index (PyPI). Researchers from Kroll’s Cyber Threat Intelligence team discovered a malicious Python package uploaded to the Python Package Index (PyPI) that contained a fully-featured information stealer and remote access trojan tracked as Colour-Blind. Below is the list of capabilities supported […]
The post Colour-Blind, a fully featured info stealer and RAT in PyPI appeared first on Security Affairs.
In a recent analysis, MQsTTang, a newly designed custom backdoor, has been scrutinized by ESET researchers. After a thorough investigation, the source of this malware has been attributed to the infamous Mustang Panda APT group by the experts. Tracing b…
The Play ransomware gang has finally begun to leak the data stolen from the City of Oakland in a recent attack. The Play ransomware gang has begun to leak data they have stolen from the City of Oakland (California) in a recent cyberattack. Oakland is the largest city in the East Bay region of the […]
The post Play Ransomware gang has begun to leak data stolen from City of Oakland appeared first on Security Affairs.
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M stolen credit/debit […]
The post Security Affairs newsletter Round 409 by Pierluigi Paganini appeared first on Security Affairs.
Researchers at Metabase Q discovered a new ATM malware, dubbed FiXS, that was employed in attacks against Mexican banks since February 2023. Researchers at Metabase Q recently spotted a new ATM malware, dubbed FiXS, that is currently targeting Mexican banks. The name comes from the malware’s code name in the binary. The experts have yet to determine […]
The post FiXS, a new ATM malware that is targeting Mexican banks appeared first on Security Affairs.