The initial vector for these ransomware families involves what the Windows maker calls “user-assisted methods,” wherein the victim downloads and installs trojanized applications.
According to Binarly, the Qualcomm vulnerabilities have been confirmed to impact — in addition to Lenovo devices — Arm-based Microsoft Surface and the Windows Dev Kit 2023 (Project Volterra) computers, as well as Samsung products.
Active since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug, and has been historically associated with the use of the ComRAT malware.
It’s no secret that rogue ads have been a particular plague on the Internet for as far back as we can remember. The FBI warning concerns fake ads impersonating the real thing and diverting potential victims off to parts unknown.
Some of the targeted banks include the likes of Banco AV Villas, Banco Caja Social, Banco de Bogotá, Banco Popular, Bancoomeva, BBVA, Colpatria, Davivienda, and TransUnion.
The Supreme Court of Ohio issued a ruling that EMOI Services shouldn’t be covered by insurance against a ransomware attack as it didn’t cause direct or physical harm to tangible components of software, as it doesn’t have any.
The attacks and leaks were believed to be perpetrated by the threat actor Vice Society, which has conducted numerous ransomware and extortion campaigns targeting education institutions in the U.K and the U.S.
Automated Libra is a South African-based freejacking group that primarily targets cloud platforms offering limited-time trials of cloud resources in order to perform their cryptomining operations.
The variant analyzed by Trend Micro has made its way into the MacOS platform and has adopted a new technique to deliver documents embedded with malicious macros to users without having to pretend to be invoices or other business-related files.
The ASEC analysis team uncovered a new shell script compiler (shc)-based Linux malware dropping XMRig miner on compromised systems. The hackers pulled off the attack through a dictionary attack on mismanaged Linux SSH servers. An attack chain spotted in the campaign included both the shc downloader malware and a Perl-based DDoS IRC bot.