Tag: group
-
CeranaKeeper: A New China-Aligned Threat Targeting Thailand’s Government
ESET researchers have exposed a newly identified advanced persistent threat (APT) group, dubbed CeranaKeeper, targeting governmental institutions in Thailand since 2023. Originally, some of this activity was attributed to the... First seen on securityonline.info Jump to article: securityonline.info/ceranakeeper-a-new-china-aligned-threat-targeting-thailands-government/
-
Medical Group Pays $240K Fine for 3 Ransomware Attacks
Nonprofit Group Hit 3 Times in 3 Weeks in 2018, Affecting PHI of 85,000 Patients. Federal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week span in early 2018, compromising the sensitive information of 85,000 patients. First seen…
-
Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard
The successful disruption of notorious Russian hacker group Star Blizzard’s operations arrives one month out from the US presidential election, one of the APT’s prime targets. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-doj-dismantle-russian-hacker-group-star-blizzard
-
Fake Trading Apps for Android, iOS Lead to Pig Butchering Scam
In a pig butchering scam, fake trading apps first available on Google and Apple apps stores and later on phishing download sites lured victims into depositing money into fraudulent accounts, which was then stolen, according to a report from Group-IB. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/fake-trading-apps-for-android-ios-lead-to-pig-butchering-scam/
-
DOJ, Microsoft Take Down Domains Used by Russian-Backed Group
The DOJ and Microsoft in a joint effort seized dozens of domains from a Russian-based threat group known as Star Blizzard, which for more than a year was targeting civil society groups like NGOs and journalist as well as government agencies in a spear-phishing campaign aimed at stealing information. First seen on securityboulevard.com Jump to…
-
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group
Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing of a warrant to seize 41 domains used by Russia-linked Callisto Group (formerly SEABORGIUM, also known as COLDRIVER) for computer fraud in the United States. US…
-
Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group
Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of domains a Russian hacking group linked to the Federal Security Service (FSB) uses. This collaborative effort is critical in countering cyber threats targeting democratic institutions worldwide. Seizing Domains to Disrupt Cyberattacks In coordination with the DOJ, Microsoft’s Digital Crimes Unit (DCU)…
-
>>Pig Butchering<< Scam: Cybercriminals Prey on Mobile Trading Enthusiasts
Cybersecurity specialists from Group-IB have uncovered an alarming new trend in fraudulent activity, targeting users of iOS and Android devices through fake trading apps. Dubbed >>Pig Butchering,
-
Breach Roundup: AI ‘Nudify’ Sites Serve Malware
Tags: ai, breach, cybercrime, group, hacking, insurance, malware, north-korea, scam, vulnerability, windowsAlso: Prison Sentences for BEC Scammers and a West African Cybercrime Crackdown. This week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows…
-
AI ‘Nude Photo Generator’ Delivers Infostealers Instead of Images
The FIN7 group is mounting a sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes out of photos. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ai-nude-photo-generator-delivers-infostealers
-
Microsoft and DOJ disrupt Russian FSB hackers’ attack infrastructure
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-and-doj-seize-spear-phishing-domains-used-by-star-blizzard-russian-hackers/
-
DOJ, Microsoft seize more than 100 domains used by the FSB
The simultaneous actions targeted the Star Blizzard espionage operation, which went after government and civil society groups around the world. First seen on cyberscoop.com Jump to article: cyberscoop.com/doj-microsoft-fsb-espionage-star-blizzard/
-
China-Backed APT Group Culling Thai Government Data
CeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/new-china-backed-apt-group-culling-thai-government-data
-
Private US companies targeted by Stonefly APT
Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/03/private-us-companies-targeted-by-stonefly-apt/
-
FIN7 Gang Hides Malware in AI “Deepnude” Sites
Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fin7-hides-malware-ai-deepnude/
-
North Korean Stonefly Group Continues Attacks on US Targets
Symantec’s Threat Hunter Team reveals that Stonefly, a North Korean cyberespionage group, persists in targeting U.S. organizations despite recent indictments and a multi-million dollar reward offered for information leading to... First seen on securityonline.info Jump to article: securityonline.info/north-korean-stonefly-group-continues-attacks-on-us-targets/
-
Key Group Ransomware: A Growing Threat Using OffShelf Tools
In a recent report by Kaspersky Labs, a new ransomware group known as Key Group, or Keygroup777, has been highlighted for its use of publicly available ransomware builders. The group,... First seen on securityonline.info Jump to article: securityonline.info/key-group-ransomware-a-growing-threat-using-off-the-shelf-tools/
-
Ransomware activity shows no signs of slowing down
Ransomware attacks have seen a significant resurgence, disrupting multiple sectors and affecting global supply chains. Despite efforts to disrupt major ransomware groups, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/03/ransomware-incidents-rise-video/
-
Global Governments Release New Ransomware Response Guidance
Counter Ransomware Group Focuses on Timely Reporting, Avoiding Paying the Ransom. New voluntary ransomware guidance released during the International Counter Ransomware Initiative meeting this week calls for victims to report attacks to law enforcement on a more timely basis – and involve more advisors in deciding whether to pay a ransom. First seen on govinfosecurity.com…
-
Hawaii Clinic Notifies 124,000 of Hack Credited to Lockbit
Data Leak Preceded Law Enforcement Crackdown on Group That Targets Health Sector. A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. Lockbit 3.0 claims to have published the stolen records on its data leak site in June – months before global authorities this week disclosed…
-
Evil Corp/REvil malware crime group outed as a family affair
First seen on scworld.com Jump to article: www.scworld.com/news/evil-corprevil-malware-crime-group-outed-as-a-family-affair
-
FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fin7-hackers-launch-deepfake-nude-generator-sites-to-spread-malware/
-
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB.The campaign is part of a consumer investment fraud scheme that’s also widely known as pig butchering, in which prospective victims are lured into making investments…
-
Phishing remains cloud intrusion tactic of choice for threat groups
The long-lasting effectiveness and success of phishing campaigns underscores the most central challenge in cybersecurity — people are the weakest link. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/phishing-top-intrusion-tactic/728671/
-
Stonefly Group Targets US Firms With New Malware Tools
North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/stonefly-targets-us-firms-new/
-
International police dismantle cybercrime group in West Africa
First seen on therecord.media Jump to article: therecord.media/interpol-west-africa-cybercrime-group-cote-divoire
-
Evil Corp/REvil Malware Crime Group Outed As Family Affair
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36423/Evil-Corp-REvil-Malware-Crime-Group-Outed-As-Family-Affair.html
-
Rhadamanthys information stealer introduces AI-driven capabilities
The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorded Future’s Insikt group have documented the evolution of the Rhadamanthys info stealer. The malware was first identified in 2022, and since then it has been upgraded with advanced features,…