breaking news

New CACTUS ransomware appeared in the threat landscape

GlobalDefenseBot
3 minutes

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. Researchers from cybersecurity firm Kroll have analyzed on a new ransomware family called CACTUS that has been spotted exploiting known flaws in VPN appliances to achieve initial access to targeted networks. The […]

The post New CACTUS ransomware appeared in the threat landscape appeared first on Security Affairs.

breaking news

Money Message gang leaked private code signing keys from MSI data breach

GlobalDefenseBot
4 minutes

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards […]

The post Money Message gang leaked private code signing keys from MSI data breach appeared first on Security Affairs.

breaking news

Western Digital notifies customers of data breach after March cyberattack

GlobalDefenseBot
4 minutes

Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March. In March 2022, Western Digital was hit by a ransomware attack and in response to the incident, it shut down several of its services. The company disclosed that an unauthorized party gained access […]

The post Western Digital notifies customers of data breach after March cyberattack appeared first on Security Affairs.

breaking news

CERT-UA warns of an ongoing SmokeLoader campaign

GlobalDefenseBot
3 minutes

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. Threat actors are using emails sent from compromised accounts with the subject “bill/payment” with […]

The post CERT-UA warns of an ongoing SmokeLoader campaign appeared first on Security Affairs.

breaking news

San Bernardino County Sheriff’s Department paid a $1.1M ransom

GlobalDefenseBot
3 minutes

The San Bernardino County Sheriff’s Department confirmed that it has paid a $1.1-million ransom after the April ransomware attack. The San Bernardino County Sheriff’s Department opted to pay a $1.1-million ransom after a ransomware attack infected its systems in early April. The ransomware attack forced the Police department to temporarily shut down some of its […]

The post San Bernardino County Sheriff’s Department paid a $1.1M ransom appeared first on Security Affairs.

breaking news

Dragon Breath APT uses double-dip DLL sideloading strategy

GlobalDefenseBot
3 minutes

An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]

The post Dragon Breath APT uses double-dip DLL sideloading strategy appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

GlobalDefenseBot
4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by […]

The post Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

North Korea-linked Kimsuky APT uses new recon tool ReconShark

GlobalDefenseBot
4 minutes

North Korea-linked APT group Kimsuky has been observed using a new reconnaissance tool dubbed ReconShark in a recent campaign. SentinelOne researchers observed an ongoing campaign from North Korea-linked Kimsuky Group that is using a new malware called ReconShark. The reconnaissance tool is delivered through spear-phishing emails, OneDrive links leading to document weaponized downloads, and the execution of malicious […]

The post North Korea-linked Kimsuky APT uses new recon tool ReconShark appeared first on Security Affairs.

breaking news

Fleckpe Android malware totaled +620K downloads via Google Play Store

GlobalDefenseBot
3 minutes

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps. The malicious campaign […]

The post Fleckpe Android malware totaled +620K downloads via Google Play Store appeared first on Security Affairs.