The DEV-0569 threat actor was found abusing Google Ads in ongoing advertising campaigns to deploy malware, exfiltrate victims’ passwords, and breach networks for ransomware attacks. Some of the top programs impersonated by adversaries are Rufus, 7-Zip, FileZilla, LightShot, AnyDesk, LibreOffice, VLC, Awesome Miner, WinRAR, and TradingView.
Move over Lockbit, there’s a new ransomware-as-a-service (RaaS) player in town attacking the education sector—and its name is Vice Society. Vice Society is believed to be a Russian-based intrusion, exfiltration, and extortion group.
The websites of German airports, public administration bodies, and financial sector organizations have been hit by cyberattacks instigated by a Russian “hacker group”, authorities said Thursday.
Businesses not registered with the Singapore SMS Sender ID Registry by January 31 will have their messages labelled as “Likely-SCAM”, as the country rolls out more measures to combat online scams.
Two hacking breaches – one at a non-profit provider mental health and substance treatment services and the other at a provider of behavioral health services – affected sensitive information of nearly 400,000 individuals.
Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update.
A combination of these vulnerabilities allows remote attackers to execute arbitrary system commands on any OpenEMR server and to steal sensitive patient data. In the worst case, they can compromise the entire critical infrastructure.
Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona “badbullzvenom.”
Cyble researchers determined that, in order to target a variety of well-known applications, the attackers are actively changing and customizing their phishing websites. Aurora targets data from web browsers and crypto wallets, among others.
The latest wave has been active since December 26, 2022, and over 5,600 websites are impacted by it so far. It has switched from fake CAPTCHA push notification scams to black hat ad networks.