In early 2020, Formbook was rebranded as Xloader, and the operators behind it moved to a malware-as-a-service (MaaS) business model, renting C2 infrastructure to customers.
New studies by NCC Group and Barracuda Networks show threat actors are increasing ransomware exploits, with consumer goods and services receiving the brunt of attacks and a large percentage of victims being hit multiple times.
To defend against RedGolf attacks, organizations are recommended to apply patches regularly, monitor access to external facing network devices, track and block identified C2 infrastructure, and configure IDS/IPS to monitor for malware detections.
The crime group created over 100 fake “phishing” sites targeting users in France, Spain, Poland, the Czech Republic, Portugal, and other European countries, enticing them with products below market prices.
The Azure Pipelines flaw affected both the SaaS version of Azure DevOps Server and the self-hosted, on-premises version. Customers running the on-premises version need to patch their instances to remediate the RCE vulnerability.
Researchers spotted a new malware operation, named NullMixer, that hit over 8,000 targets within a week, with a special focus on North America, Italy, and France. The attackers use SEO poisoning, along with social engineering tactics to lure their potential victims, consisting mostly of IT personnel and technocrats. Now stay ahead of such threats with our […]
AlienFox is a modular toolset comprising various custom tools and modified open-source utilities created by different authors. Threat actors use AlienFox to collect lists of misconfigured cloud endpoints from security scanning platforms.
The number of credential phishing emails sent spiked by 478%. Emotet and QakBot are the top malware families observed. For the eighth consecutive year, business email compromise (BEC) ranked as the top cybercrime.
A majority of organizations reported that global geopolitical instability has influenced their cyber strategy “moderately” or “substantially”. Their biggest concerns regarding cyberattacks are business continuity (67%) and reputational damage (65%).
Successful exploitation on unpatched devices using Sudo versions 1.8.0 through 1.9.12p1 could enable attackers to escalate privileges by editing unauthorized files after appending arbitrary entries to the list of files to process.