menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Malware News

Malware News

source image

Cybersecurity-Insiders

1M

read

138

img
dot

Image Credit: Cybersecurity-Insiders

Consequences of Bowing Down to Hackers in Ransomware Attacks

  • Ransomware attacks have become one of the most dangerous cybersecurity threats in recent years.
  • While paying the ransom might seem like a quick solution, doing so can have serious consequences.
  • Agreeing to pay encourages attackers to continue targeting others.
  • No guarantee of data recovery after paying a ransom is one of the biggest risks.
  • Paying a ransom can lead to serious legal consequences in certain industries.
  • Paying the ransom can damage a company’s reputation.
  • Financial costs don’t end with the ransom payment itself.
  • Paying the ransom can create a vicious cycle of extortion.
  • Organizations should focus on strengthening their cybersecurity defenses.
  • Prevention, preparation, and incident response planning are essential steps to mitigate the risks of ransomware attacks.

Read Full Article

like

8 Likes

source image

Neuways

1M

read

372

img
dot

Image Credit: Neuways

Ransomware Groups Exploiting Cloud Services for Data Exfiltration: A Growing Threat to Business Security

  • Ransomware groups are increasingly exploiting cloud services for data exfiltration.
  • Attackers target cloud storage, exploiting misconfigurations and weak identity practices.
  • Cloud-native tools are used for exfiltration, such as Azure Storage Explorer and Amazon S3 storage.
  • To mitigate risks, businesses should employ CSPM, enforce MFA, and deploy runtime protection for cloud resources.

Read Full Article

like

22 Likes

source image

Pymnts

1M

read

188

img
dot

Image Credit: Pymnts

AI Video Tool Scams Target Content Creators

  • Cybersecurity researchers have uncovered a sophisticated malware campaign using fake AI video generation software to steal sensitive data from Windows and Mac users.
  • The campaign employs stolen code-signing certificates and professional-looking websites, posing a new threat to businesses adopting AI tools.
  • Victims are advised to reset compromised credentials and enable multi-factor authentication on sensitive accounts.
  • The surge in AI-related scams threatens consumer confidence in legitimate eCommerce platforms, potentially slowing adoption among online shoppers and merchants.

Read Full Article

like

11 Likes

source image

Global Fintech Series

1M

read

228

img
dot

Image Credit: Global Fintech Series

Why Network Traffic Monitoring is Essential for Robust Cybersecurity in Financial Services

  • Network traffic monitoring has become a strategic imperative for financial services firms to maintain reliability, security and regulatory compliance.
  • Financial data is an attractive target for cybercriminals, making network traffic monitoring an essential safeguard for the integrity of the financial ecosystem.
  • For financial institutions, network traffic monitoring prevents costly outages and shields against security breaches with proactive oversight and detection of bottlenecks, bandwidth constraints, and unusual activity.
  • With numerous specialized security monitoring solutions available, banks are equipped to tackle various network management and security demands addressing resource and expertise limitations, balancing time constraints and competing responsibilities, and adapting to stringent regulatory requirements.
  • Banks increasingly invest in integrated monitoring tools for patch management, antivirus monitoring, performance monitoring, alert systems, and remote monitoring and management (RMM) tools.
  • Banca Marche implemented WhatsUp Gold for seamless network performance and real-time monitoring capabilities, enabling the bank to transition from a reactive to a proactive approach, managing approximately 2,500 endpoints with greater agility and accuracy.
  • Financial institutions undergoing rapid digitization of services are exposed to increasingly sophisticated cyber threats such as ransomware, phishing, and insider attacks, requiring a dynamic approach to cybersecurity.
  • The rapid digitization of financial services expands the attack surface, exposing institutions to increasingly sophisticated cyber threats such as ransomware, phishing, and insider attacks.
  • Financial institutions manage vast amounts of sensitive data, making them attractive targets for cybercriminals seeking financial gain.
  • Monitoring tools like Intermapper empower IT teams to respond swiftly, minimizing risks to network reliability and security and some of the world's leading high-frequency trading operations depend on Intermapper to maintain uninterrupted network performance.

Read Full Article

like

13 Likes

source image

Securityaffairs

1M

read

300

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

  • A botnet exploits GeoVision zero-day to compromise end-of-life (EoL) devices
  • Palo Alto Networks confirms active exploitation of recently disclosed zero-day
  • NSO Group used WhatsApp exploits even after being sued by Meta-owned company
  • Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Read Full Article

like

18 Likes

source image

Securityaffairs

1M

read

327

img
dot

Image Credit: Securityaffairs

A botnet exploits e GeoVision zero-day to compromise EoL devices

  • A botnet is exploiting a zero-day in end-of-life GeoVision devices to compromise devices in the wild.
  • The zero-day, tracked as CVE-2024-11120, is a pre-auth command injection vulnerability.
  • The botnet is used for DDoS or cryptomining attacks.
  • Approximately 17,000 Internet-facing GeoVision devices are vulnerable to the zero-day.

Read Full Article

like

19 Likes

source image

Hackernoon

1M

read

170

img
dot

Image Credit: Hackernoon

The Rise of Cyber Militias

  • The internet has allowed like-minded individuals to come together and communicate about shared interests, leading to the rise in cyber militias.
  • Cyber militias have broadened their causes to include social and environmental aims, becoming more popular over the last several years.
  • Wars, climate change, and civil unrest are some of the many factors that led to people's engagement in cyber militias, which are accessible and used for mobilization, communication, and solidarity.
  • Traditional activism required printing flyers, but the internet makes it incredibly easy to distribute information to the masses in seconds, leading to the emergence of cyber militias.
  • The increasing availability of AI-based video and picture tools has made it difficult to believe everything seen on the internet.
  • Cyber militias do not solely operate by creating or publishing doubtful or untruthful content. They also plan coordinated hacks that disrupt websites and online services.
  • Some college campuses are like miniature cities and are ideal targets for cyberattacks. Most educational institutions still remain unprepared.
  • Cyber militias have caused a shift whereby some participants actively take part in public spaces, inspired by the internet mobilization and activism.
  • The internet has increased the speed at which people can create content and how effectively they can engage others.
  • The modern difference in militias is that the internet and devices that connect to it have become powerful tools for getting heard and noticed during times of increasing upheaval.

Read Full Article

like

10 Likes

source image

TechCrunch

1M

read

157

img
dot

Image Credit: TechCrunch

What a second Trump term means for the future of ransomware

  • The US government has been making big strides in the fight against ransomware over the last four years.
  • The Biden administration declared ransomware as a national security threat and successfully targeted ransomware operators.
  • Despite the government’s efforts, cyberattacks targeting US organizations continue to rise.
  • President-elect Donald Trump is expected to inherit the major ransomware problem in January.
  • It is hard to predict what the next four years of cybersecurity policy could look like.
  • Trump’s first term was a mixed bag, but cybersecurity didn’t feature heavily in his messaging since.
  • However, the Republican National Committee said during the 2024 election cycle that an incoming Republican administration would 'raise the security standards for our critical systems and networks.'
  • Trump’s push to slash federal budgets raised concerns that agencies may have fewer resources available for cybersecurity, which could make US networks more vulnerable to cyberattacks.
  • With a scaled back focus on regulation, a second Trump term could pick up where it left off with offensive cyberattacks.
  • A second Trump term is expected to pursue initiatives that would deter enemies to US sovereign security such as the use of offensive cyber capabilities and ramping up of the ‘hack-back’ activities.

Read Full Article

like

9 Likes

source image

Securityaffairs

1M

read

98

img
dot

Image Credit: Securityaffairs

NSO Group used WhatsApp exploits even after Meta-owned company sued it

  • NSO Group developed malware that relied on WhatsApp exploits to infect target individuals even after the Meta-owned instant messaging company sued the surveillance firm.
  • NSO Group continued using WhatsApp exploits, including spyware called 'Erised,' even after being sued for violating anti-hacking laws.
  • NSO employees violated WhatsApp's Terms of Service by reverse-engineering, transmitting harmful code, and accessing the platform illegally.
  • Court filings reveal that NSO Group had minimal control over customers' use of its spyware, contradicting prior claims by the company.

Read Full Article

like

5 Likes

source image

Securityaffairs

1M

read

337

img
dot

Image Credit: Securityaffairs

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

  • The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies.
  • Glove Stealer is a .NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data.
  • The malware bypasses Chrome’s App-Bound Encryption by utilizing the IElevator service.
  • The campaign observed by researchers used a phishing message with an HTML file attachment to trick users into executing malicious scripts.

Read Full Article

like

20 Likes

source image

Socprime

1M

read

13

img
dot

Image Credit: Socprime

New Remcos RAT Activity Detection: Phishing Campaign Spreading a Novel Fileless Malware Variant

  • A new phishing campaign has been identified that spreads a fileless version of the Remcos RAT malware.
  • The campaign exploits a known vulnerability in Microsoft Office and uses a malicious Excel file as a lure.
  • The fileless Remcos RAT variant allows attackers to gain full remote control of compromised systems.
  • Security teams can utilize detection algorithms and AI-powered solutions to defend against this threat.

Read Full Article

like

Like

source image

Cybersecurity-Insiders

1M

read

373

img
dot

Image Credit: Cybersecurity-Insiders

Phorpiex Botnet Phishing Emails Linked to LockBit Black Ransomware Campaign

  • Phorpiex botnet identified as a key player in distributing phishing emails for deploying LockBit Black Ransomware
  • LockBit Black Ransomware is a new variant resulting from the merger of LockBit and BlackCat hacking groups
  • Ransomware attacks on healthcare institutions have severe consequences, impacting critical services and patient lives
  • Stricter laws and aggressive actions against cybercriminals needed to address the growing cybersecurity crisis

Read Full Article

like

22 Likes

source image

TorrentFreak

1M

read

256

img
dot

Men Arrested in Magis TV Piracy Raids Also Face Malicious Software Charges

  • Police in Colombia recently targeted the supply of Magis TV, a major Latin American IP-infringing streaming service, arresting two brothers who were selling access to the service under the brands Magis TV and Magis Oficial. The men are charged with copyright infringement, but also face the more unusual charge of using malicious software. Products called ‘Magis TV’ and ‘Magis Official’ could both be accessed via two websites and were part of bundles that included malware that enabled the camera, gave geolocation details and transmitted other personal information and files to external storage. Cybersecurity firm ESET has previously linked Magis TV to botnets that similarly contained malware.
  • Rightsholders in the US are said to be particularly concerned about the evolution of Magis TV's services.
  • Magis TV is based in China, but is available in Latin America via an Android app that is reachable on a large network of resellers’ web sites.
  • Police in Ecuador also targeted illegal streaming providers this week. One of them, Javier Eduardo López Cassan, was arrested for allegedly distributing Magis TV streams. Police claim he sold access via WhatsApp and other platforms.
  • More than 20 agents from different units, including the National Cybercrime Unit, the G3 Tactical Group of Guayaquil, Criminalistics, and the Law Enforcement Unit participated in the Ecuadorian operation.
  • Cassan is facing charges of unauthorized access to a computer, telematic or telecommunications system, which would bring a potential sentence of between three and five years imprisonment.
  • Rightsholders have widely embraced malware warnings, claiming that those who flout copyright with pirated content also risk malware attacks. However, their credibility is compromised by a marked emphasis on copyright infringement as a comparatively minor crime for which authorities often have the resources to bring charges. In contrast, malicious software and identity theft charges rarely make headlines.
  • The Colombian police have charged two brothers who were tracked by the Directorate Against Computer Crimes with violating copyright and using malicious software when they supplied access to illegal streaming services.
  • The planned takeover of Ta Ta Tu by social media platform VideoCoin has fallen apart, meaning Ta Ta Tu returns to a market that is home to several other players in the ad-funded streaming service business.
  • One of the most recognizable brands in the market for illegal streaming services, Magis TV, has become a high-priority target for rightsholders in the US.

Read Full Article

like

15 Likes

source image

Securelist

1M

read

256

img
dot

Image Credit: Securelist

Сrimeware and financial cyberthreats in 2025

  • Kaspersky’s Global Research and Analysis Team monitors cyberthreats directed at the financial industry, with banks and fintech companies being the most targeted.
  • The report outlines notable attack trends expected to face in 2025, based on predictions from the previous year.
  • The prediction of a surge in cyberattacks leveraging machine learning tools turned out to be true as cyberattacks boosted by AI emerged.
  • Cybercriminals exploited direct payment systems using clippers and mobile banking Trojans.
  • Attacks with mobile Automated Transfer Systems will become globally adopted.
  • Attacks by the Brazilian banking Trojans manifested as a global threat.
  • Ransomware groups intensified their focus on high-value targets, with increased focus on targeting financial services.
  • Open-source backdoor packages increasing making it difficult for cybersecurity professionals to track.
  • The number of widespread threat CVEs selected from high-value zero-day vulnerabilities has surged.
  • In 2025, the upsurge in stealer activity predicted will occur, leading to an increase in cyber or traditional crime.
  • Expected number of attacks targeting central banks and open banking APIs and expansion of Chinese speaking crimeware worldwide.
  • More AI and machine learning on defense side and upsurge in financial cyberattacks targeting smartphones.

Read Full Article

like

15 Likes

source image

Medium

1M

read

193

img
dot

Image Credit: Medium

Massive Data Breach Exposes 122 Million Business Contacts: Are You Protected? ️

  • A significant data breach has exposed the personal and professional information of 122 million individuals, originating from B2B data aggregator DemandScience.
  • B2B data aggregators like DemandScience store large volumes of sensitive data, making them attractive targets for cybercriminals.
  • To prevent breaches, B2B aggregators should implement stricter controls, conduct regular security audits, and communicate transparently with customers.
  • Wire Tor offers comprehensive Pentesting services to identify vulnerabilities, secure data assets, and provide ongoing support.

Read Full Article

like

11 Likes

For uninterrupted reading, download the app