Hostrisk

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

favicon

(threatpost.com)

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

favicon

(threatpost.com)

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

favicon

(threatpost.com)

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data.

U.K. Water Supplier Hit with Clop Ransomware Attack

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data.

favicon

(threatpost.com)

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.

Black Hat and DEF CON Roundup

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.

favicon

(threatpost.com)

The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.

Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.

favicon

(threatpost.com)

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.

favicon

(threatpost.com)

Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.

Messaging Apps Tapped as Platform for Cybercriminal Activity

Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.

favicon

(threatpost.com)

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.

Novel Malware Hijacks Facebook Business Accounts

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.

favicon

(threatpost.com)

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.

favicon

(threatpost.com)

Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?

favicon

(threatpost.com)

Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.

Google Boots Multiple Malware-laced Android Apps from Marketplace

Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.

favicon

(threatpost.com)

Microsoft has linked a threat that emerged in June 2021 and targets small-to-mid-sized businesses to state-sponsored actors tracked as DEV-0530.

Emerging H0lyGh0st Ransomware Tied to North Korea

Microsoft has linked a threat that emerged in June 2021 and targets small-to-mid-sized businesses to state-sponsored actors tracked as DEV-0530.

favicon

(threatpost.com)

Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.

Journalists Emerge as Favored Attack Target for APTs

Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.

favicon

(threatpost.com)

Victims instructed to make a phone call that will direct them to a link for downloading malware.

‘Callback’ Phishing Campaign Impersonates Security Firms

Victims instructed to make a phone call that will direct them to a link for downloading malware.

favicon

(threatpost.com)

The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.

Sneaky New Orbit Malware Backdoors Linux Devices

The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.

favicon

(threatpost.com)

State-sponsored actors are deploying the unique malware–which targets specific files and leaves no ransomware note–in ongoing attacks.

U.S. Healthcare Orgs Targeted with Maui Ransomware

State-sponsored actors are deploying the unique malware–which targets specific files and leaves no ransomware note–in ongoing attacks.

favicon

(threatpost.com)

Iran’s steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country’s rail system.

Latest Cyberattack Against Iran Part of Ongoing Campaign

Iran's steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country's rail system.

favicon

(threatpost.com)

Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.

ZuoRAT Can Take Over Widely Used SOHO Routers

Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.

favicon

(threatpost.com)

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.

A Guide to Surviving a Ransomware Attack

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.

favicon

(threatpost.com)