According to Microsoft, ransomware gangs are evolving their tactics, with an increase in data exfiltration attacks and the targeting of smaller organizations and less well-known software.
The attackers are using a Remote Management System (RMS) executable to trick victims into downloading malware disguised as banned applications like ExpressVPN, WeChat, and Skype.
The Royal Women’s Hospital in Melbourne has experienced a data breach, potentially compromising the personal information of 192 patients. The breach occurred when cybercriminals gained unauthorized access to a staff member’s private email account.
Qakbot malware operators have continued their malicious activities, distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails, despite the recent infrastructure takedown.
Researchers have discovered a new Android Trojan called GoldDigger that can primarily target users of over 50 Vietnamese banking apps, as well as e-wallets and crypto-wallets. GoldDigger’s reach may extend beyond Vietnam. Countering them demands client-side fraud protection solutions that emphasize real-time protection, adaptability, and a focus on behavioral indicators.
The GoldDigger trojan has been active since at least June 2023 and is currently targeting users of over 50 Vietnamese banking apps, as well as e-wallets and crypto-wallets.
The organizations targeted by PLAY include Roof Management, Security Instrument Corp, Filtration Control Ltd, Cinépolis Cinemas, CHARMANT Group, and Stavanger Municipality.
Attackers redirect victims to scams that involve QR codes and phishing websites promising to double their cryptocurrency investments, often using deep fake videos of Elon Musk to add credibility.
Stream-jacking attacks on YouTube are increasing, targeting popular channels to spread deceptive content. Cybercriminals hijack these channels, often impersonating famous figures or brands like Elon Musk and Tesla, promoting scams like crypto doubling. Viewers should be cautious of videos with clickbait titles, especially those promoting financial opportunities.
Really Simple Systems exposed a non-password-protected database with over 3 million records, including highly sensitive customer information such as medical records and tax documents.