One of the reasons the life cycle of these attacks has been so heavily reduced is because FIN12 campaigns don’t focus on finding sensitive data and stealing it before triggering a ransomware attack.
Researchers at Cryptolaemus said that the malware operators have also switched to 64-bit loaders and stealer modules on Epoch 4, one of subgroups of the botnet that run on separate infrastructure. Previously, it relied on 32-bit code.
Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang.
QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet.
The Unified Government of Wyandotte County and Kansas City, Kansas, experienced a cyberattack on its data centers over the Easter weekend. According to the UG, it’s still working to restore data services.
The second most mimicked brand is German package delivery DHL, which previously was at the top of the list. A contributing factor for this was the increased shopping during the holiday season.
Online fraud prevention startup SEON today announced that it has closed a $94 million Series B funding round that brings the total investment in the company to $107 million.
Intrusions begin with a large number of spearphishing messages sent to employees of cryptocurrency companies—often working in system administration or software development/IT operations (DevOps)—on a variety of communication platforms.
The Conti ransomware group attacked and forced the shutdown of the European wind turbine manufacturing giant Nordex. The attack was first discovered on March 31.
Attacks that exploit QR codes are known as ‘Qshing’ (QR code phishing). In January 2022, the U.S. Federal Bureau of Investigation (FBI) warned QR code users about tampering and cited increased reports of stolen credentials and monetary loss.