Until its takedown in April 2022, Hydra owned 93% of all illicit underground economic activities. Year-over-year, dark web marketplace revenues at the end of 2021 were about $3.1 billion, but by the end of 2022, they totaled only about $1.5 billion.
Dubbed V3G4 by researchers, it is a type of malware that specifically targets Internet of Things (IoT) devices. Like the original Mirai botnet, V3G4 infects IoT devices by exploiting default data login credentials such as usernames and passwords.
North Korean APT37 was spotted using a highly evasive M2RAT malware and steganography to target individuals for intelligence collection. It exploits an old EPS bug, tracked as CVE-2017-8291, in the Hangul word processor (commonly used in South Korea). The malware uses a shared memory region for executing commands and exfiltrating data from infected machines.
The most recent in a series of US Government Accountability Office (GAO) reports on the state of cybersecurity across the federal government makes specific recommendations about the collection, use, and sharing of PII.
As the name suggests, ProxyShellMiner exploits the ProxyShell vulnerabilities CVE-2021-34473 and CVE-2021-34523 in Windows Exchange servers for initial access and compromise of an organization to deliver crypto miners.
The Defense Department’s inspector general found that unsanctioned apps downloaded onto government-issued mobile devices “could pose operational and cybersecurity risks to DOD information and information systems.”
CheckPoint discovered these packages on January 17, 2023, all uploaded to NPM by a user named “trendava.” Following the company’s report, NPM removed them the following day.
Email inboxes of Namecheap subscribers started to receive phishing messages last week in an attempt to dupe them into disclosing personal data or their crypto wallets’ recovery phrases. Scammers impersonated DHL and MetaMask in their campaigns. Namecheap said that their own systems had not been compromised and that the upstream third-party system they employ to […]
The LockBit hacking group that encrypted Royal Mail data sought a $79.4 million ransom from the company, a demand that the postal group’s board appears to have rebuffed, setting the stage for a potential large-scale leak of company information.
The Chinese state-sponsored threat actor DEV-0147 has been spotted targeting diplomatic entities in South America with the ShadowPad remote access Trojan (RAT), also known as PoisonPlug.