Vincent Cannady, a former cybersecurity consultant, was arrested for allegedly extorting a publicly traded IT company by threatening to disclose confidential data unless they paid him $1.5 million.
Yaroslav Vasinskyi, a 24-year-old Ukrainian national and affiliate of the notorious REvil ransomware-as-a-service (RaaS) group, has been sentenced to 13 years and 7 months in prison by a US court.
By automating and personalizing various aspects of the attack process, such as crafting convincing emails and creating realistic phishing pages, threat actors can deceive even the most aware users.
An investigation by Amnesty International’s Security Lab revealed that Indonesia has been procuring powerful and invasive commercial spyware and surveillance products from international vendors, brokers, and resellers.
The scam involved call center workers impersonating the victims’ relatives, claiming they were in legal trouble or had been in an accident, and convincing the victims to send thousands of dollars to help them.
Sweden has faced a wave of distributed denial of service (DDoS) attacks since it started the process of joining NATO, according to network performance management provider Netscout.
The district court of Länsi-Uusimaa, Finland, sentenced Aleksanteri Kivimäki, 26, on Tuesday for crimes against the Vastaamo center and those in its care, which included more than 20,000 extortion attempts.
This botnet exploits the CVE-2015-2051 flaw to download a dropper script, and then deploys the Goldoon malware for DDoS attacks. The botnet uses various autorun methods for persistence and connects to a C2 server for instructions.
This flaw allows for an account takeover via Password Reset, enabling attackers to hijack accounts without any interaction. The affected versions range from 16.1 to 16.7, with GitLab releasing patches for versions 16.1.6 to 16.7.2.
The initiative is designed to mitigate the threat of consumer-grade devices being targeted by commercial spyware, potentially enabling sophisticated threat actors to use these as a stepping stone into back-end corporate systems and data.