Expert instructors from the SANS Institute here yesterday detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes bubbling to the surface included the intersection of AI with attack patterns and the ways that attackers are taking advantage of highly flexible development …
Read More »
Google this week announced that it has obtained a court order that helped it disrupt the CryptBot information stealer’s distribution. Initially designed to harvest and exfiltrate sensitive information such as credentials, cryptocurrency wallets, and more, CryptBot was also seen distributing banking trojans. Over the past year alone, the malware infected …
Read More »
Morphisec Threat Labs researchers have recently exposed a sneaky loader called “in2al5d p3in4er” (Invalid Printer) that delivers Aurora information stealer malware through YouTube videos. Using an advanced anti-VM technique, the in2al5d p3in4er loader, built with Embarcadero RAD Studio, specifically targets endpoint workstations. Late in 2022, Aurora appeared on the threat …
Read More »
Google’s Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine’s critical infrastructure in 2023. Google reports that from January to March 2023, Ukraine received roughly 60% of the phishing attacks originating from Russia, making it the most prominent target. In most cases, the campaign goals …
Read More »
LockBit ransomware gang is reportedly developing a new version of malware that can encrypt files on Apple macOS, as revealed by MalwareHunterTeam. This would be the first instance of malware targeting Mac devices, as LockBit has previously focused on Linux and Windows devices. The ransomware group is known for its RaaS (ransomware-as-a-service) operation, lending ransomware …
Read More »
A hacker group attacked the websites of Israel’s national mail service and major banks Friday, briefly bringing them down in an assault seemingly timed to coincide with a day of Iranian-promoted anti-Israel events. The attack was quickly squelched, authorities said, with apparently no significant harm or data leaks, though the …
Read More »
Recently, McAfee’s Mobile Research Team discovered ‘Goldoson,’ a new type of Android malware, has crept into the Google Play store through 60 genuine apps, downloaded by a whopping 100 million users. The sneaky malware component found in all 60 apps was not the developers’ fault. It had been slipped into …
Read More »
QBot malware is now distributed in phishing campaigns utilizing PDFs and Windows Script Files (WSF) to infect Windows devices. Qbot (aka QakBot) is a former banking trojan that evolved into malware that provides initial access to corporate networks for other threat actors. This initial access is done by dropping additional …
Read More »
A Russian hacktivist group has claimed to have breached the health management information system of India, which could contain the health data of millions of Indian citizens. “On 15 March 2023, CloudSek’s contextual AI digital risk platform XVigil discovered a threat actor group claiming to have targeted an Indian government website,” cybersecurity …
Read More »
InfoSecBulletin Cybersecurity for mankind