menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Malware News

Malware News

source image

Securityaffairs

2w

read

0

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

  • RedLine info-stealer campaign targets Russian businesses through pirated corporate software
  • Romania’s election systems hit by 85,000 attacks ahead of presidential vote
  • Authorities shut down Crimenetwork, Germany’s largest crime marketplace
  • Cybercrime: INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million

Read Full Article

like

Like

source image

TechViral

2w

read

307

img
dot

Image Credit: TechViral

10 Warning Signs That Your Computer is Malware Infected

  • If your PC has a malware infection, it will show you a few signs.
  • Slowdown, frequent crashes, or the appearance of ads all over the OS are the first warning sign of a malware infection.
  • Pop-ups showing everywhere on your screen is clear sign of an adware infection.
  • Encountering a Blue Screen of Death (BSOD) is an obvious sign of malware infection.
  • A sudden increase in hard disk activity is a clear sign of a potential malware infection.
  • If network activity is going on suspicious processes or programs, it's possible that your device is infected with malware.
  • If you see any unusual activities such as landing page changes, toolbars popping up, and redirection to an alternate address, it's a clear sign of malware or adware infection.
  • Malware is often designed to disable antivirus software, and it doesn't leave users with any defense.
  • Unknown links sent to your friends through your online accounts could be a sign of malware infection.
  • Shortcut files on a USB drive or desktop are other signs of malware infection, and they can compromise sensitive data stored on the computer.

Read Full Article

like

18 Likes

source image

Securityaffairs

2w

read

38

img
dot

Image Credit: Securityaffairs

8Base ransomware group hacked Croatia’s Port of Rijeka

  • The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info.
  • The cyber attack was claimed by the 8Base ransomware group.
  • The Port of Rijeka is Croatia's largest dry cargo concessionaire and offers various economic services.
  • The ransomware gang claims to have stolen data such as accounting info and contracts.

Read Full Article

like

2 Likes

source image

Securityaffairs

2w

read

21

img
dot

Image Credit: Securityaffairs

Russia’s FSB used spyware against a Russian programmer

  • The Russian intelligence agency, FSB, used spyware to monitor a Russian programmer, Kirill Parubets, after detaining him for allegedly donating to Ukraine earlier this year.
  • During Parubets' detention, authorities seized his Android device and installed spyware on it.
  • The spyware allowed Russian authorities to track the device's location, record phone calls and keystrokes, and read messages from encrypted messaging apps.
  • The analysis of the device revealed that the spyware was a trojanized version of the genuine Cube Call Recorder app, enabling comprehensive surveillance of the target device.

Read Full Article

like

1 Like

source image

Cybersecurity-Insiders

2w

read

360

img
dot

Image Credit: Cybersecurity-Insiders

Ransomware attacks cost $17 billion in downtime

  • Ransomware attacks have caused huge financial losses and operational disruptions, and Comparitech estimates that the financial toll of ransomware-related downtime could reach a staggering $17 billion over the past 5-6 years (since 2018).
  • Comparitech's research highlights the hidden costs that can accumulate when businesses are unable to function normally, including lost jobs, customer trust, and long-term damage to the business.
  • The research also indicates a concerning increase in ransomware attacks for 2023, with over 194 companies falling victim to ransomware disruptions in that year alone.
  • Rising sophistication of cybercriminals and the expanding scope of their targets have made industries like finance, manufacturing, and healthcare vulnerable to ransomware attacks.
  • During ransomware attacks, businesses face a minimum of 11.6 days of operational disruption, which can spiral up to an alarming 129 days, resulting in lost productivity, reduced customer satisfaction, and the costs associated with recovery and mitigation efforts.
  • A disturbing new trend in the world of ransomware is emerging where cybercriminals are now focused on deleting data to pressure victims by threatening permanent data loss unless the ransom is paid, creating an even more urgent need to act.
  • Experts predict that data deletion tactics could cause more widespread panic and force businesses to reconsider their approach to handling ransomware incidents.
  • As ransomware attacks evolve, businesses must be prepared for an increasingly complex threat landscape and invest in robust cybersecurity measures, including regular data backups, employee training, and threat detection systems.
  • They must also prepare for the possibility of losing critical data and rethink their strategies for handling ransomware incidents.
  • The frequency and severity of ransomware attacks continue to rise, making it imperative for businesses to stay ahead of the curve in their defenses against this growing threat.

Read Full Article

like

21 Likes

source image

Socprime

2w

read

286

img
dot

Image Credit: Socprime

BlueAlpha Attack Detection: russia-affiliated Hacking Collective Abuses Cloudflare Tunnels to Distribute GammaDrop Malware

  • The Russian state-sponsored threat actor BlueAlpha has been conducting cyber-espionage campaigns against Ukraine since 2014.
  • BlueAlpha is now abusing Cloudflare service to distribute the GammaDrop malware.
  • The group uses Cloudflare Tunneling to obscure their infrastructure and bypass network detection mechanisms.
  • BlueAlpha employs sophisticated techniques like HTML smuggling and DNS fast-fluxing to evade security measures.

Read Full Article

like

17 Likes

source image

Securityaffairs

2w

read

0

img
dot

Image Credit: Securityaffairs

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CyberPanel flaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog.
  • The getresetstatus vulnerability in CyberPanel allows remote attackers to bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware.
  • The vulnerability impacted versions up to 2.3.6 and the unpatched 2.3.7, and was exploited in a large-scale hacking campaign targeting over 22,000 CyberPanel instances.
  • CISA has ordered federal agencies to fix this vulnerability by December 25, 2024.

Read Full Article

like

Like

source image

Schneier

2w

read

144

img
dot

Detecting Pegasus Infections

  • The company's Mobile Threat Hunting feature utilizes malware signature-based detection, heuristics, and machine learning to detect spyware infection on iOS and Android devices.
  • iVerify offers a free version of the feature, available through the iVerify Basics app, which allows users to generate and send a diagnostic utility file for analysis.
  • The company's infrastructure prioritizes user privacy, but users are required to enter an email address to receive scan results.
  • Recently, the Mobile Threat Hunting feature detected spyware infections, including seven cases related to the Pegasus software.

Read Full Article

like

8 Likes

source image

Cybersecurity-Insiders

2w

read

329

img
dot

Image Credit: Cybersecurity-Insiders

Ransomware attack on Deloitte and British Telecom

  • Deloitte UK has fallen victim to a significant cyberattack involving the Brian Cipher ransomware, compromising an estimated 1TB of sensitive data.
  • The attack highlights the trend of sophisticated threat actors exploiting vulnerabilities in corporate networks.
  • British Telecom has also been targeted by the Black Basta ransomware group, potentially leading to data theft and sale on the dark web.
  • Both companies are conducting investigations to determine the extent of the breaches and take necessary security measures.

Read Full Article

like

19 Likes

source image

Socprime

2w

read

82

img
dot

Image Credit: Socprime

RevC2 and Venom Loader Detection: New Malware Strains Massively Deployed via MaaS in a Sophisticated Campaign

  • Security researchers have discovered two new malware strains called RevC2 and Venom Loader.
  • These malware strains have been distributed since the summer of 2024 using Venom Spider's Malware-as-a-Service (MaaS) platform.
  • RevC2 and Venom Loader can be detected and analyzed using SOC Prime Platform and Uncoder AI.
  • Organizations are advised to maintain cyber vigilance and utilize advanced threat detection solutions against these evolving threats.

Read Full Article

like

4 Likes

source image

Securityintelligence

2w

read

283

img
dot

Image Credit: Securityintelligence

Roundup: The top ransomware stories of 2024

  • Ransomware payments reached record highs in 2024, with victims paying $459.8 million in the first half of the year.
  • Ransomware attacks on healthcare organizations surged, with 264 attacks recorded and average ransom demands exceeding $5.2 million.
  • Supply chain attack affected Starbucks and disrupted their operations, forcing manual scheduling and affecting payroll.
  • Despite law enforcement crackdowns, there was a 30% increase in the number of active ransomware groups in 2024.

Read Full Article

like

17 Likes

source image

Medium

2w

read

283

img
dot

Image Credit: Medium

Building Networked Inter-Process Connections for Malware

  • Named pipes are a reliable and fast method for transferring data between malware without detection.
  • It can be used to send payloads laterally within a victim network.
  • The server creates the pipe, while the client connects to send and receive data.
  • Security measures should be considered to ensure the safety of the pipe.

Read Full Article

like

17 Likes

source image

Securityaffairs

2w

read

266

img
dot

Image Credit: Securityaffairs

Black Basta ransomware gang hit BT Group

  • BT Group's Conferencing division shut down some servers following a Black Basta ransomware attack.
  • The attack did not impact live BT Conferencing services.
  • Black Basta ransomware gang claimed to have stolen 500GB of data from BT Group.
  • Black Basta has targeted various critical infrastructure sectors and impacted over 500 organizations worldwide.

Read Full Article

like

16 Likes

source image

TechCrunch

2w

read

48

img
dot

Image Credit: TechCrunch

Ransomware hackers target NHS hospitals with new cyberattacks

  • Ransomware hackers continue to target NHS hospitals across the UK, compromising multiple hospitals, exposing patient data, and disrupting emergency services.
  • Inc Ransom, a Russia-linked ransomware group, claims to have breached Alder Hey Children's Hospital Trust and stolen patient records, donor reports, and procurement data.
  • Alder Hey confirmed the cybersecurity incident and stated that investigations are ongoing to determine if confidential data has been obtained.
  • Wirral University Teaching Hospital, located near Alder Hey, has also been targeted, forcing the hospital to declare a 'major incident' and causing ongoing disruptions.

Read Full Article

like

2 Likes

source image

Arstechnica

2w

read

331

img
dot

Image Credit: Arstechnica

Russian court sentences kingpin of Hydra drug marketplace to life in prison

  • Russian court sentences kingpin of Hydra drug marketplace to life in prison
  • Stanislav Moiseyev, the man found guilty of being the kingpin of Hydra, a dark web drug marketplace, has been sentenced to life in prison.
  • Hydra was a Russian-language market that supplied more than a metric ton of narcotics and psychotropic substances to customers worldwide.
  • The dismantling of Hydra in 2022 led to the seizure of servers, infrastructure, and millions of dollars' worth of bitcoin, making it the largest crime forum at the time.

Read Full Article

like

19 Likes

For uninterrupted reading, download the app