The threat actors attempted to misdirect attribution using inauthentic metadata and used publicly available crimeware services and code to minimize the amount of custom code involved in the attack.
The Bank of Russia’s paper is not largely directed at cybercrime. Instead, it takes a realistic look at the potential dangers of cryptocurrency on an emerging nations’ economy and energy security.
Attackers are targeting industrial enterprises with spyware campaigns that hunt for corporate credentials so they can be used both for financial gain and to cannibalize compromised networks to propagate future attacks, researchers have found.
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible Firmware Interface (UEFI) firmware.
According to research by Tenable, at least 40 billion records were exposed in 2021, calculated by the analysis of 1,825 breach incidents publicly disclosed between November 2020 and October 2021.
A North Korea-linked APT group has been spotted targeting cryptocurrency startups worldwide with fake MetaMask browser extensions to steal cryptocurrency from users’ wallets. The attackers work around a complex infrastructure, including various exploits and malware implants to target victims. Organizations, especially startups, are recommended to train their employees to be careful with sensitive data and […]
A new report suggests that North Korean hackers mooched off at least $400 million in cryptocurrencies through cyberattacks in 2021, which is a whopping 40% increase as compared to the last year. Hackers use a systematic money laundering process that involves multiple software tools to collect cryptocurrencies from thousands of addresses.
Codenotary, the immutability specialist that can instantly identify untrusted components in software, announced that it has raised $12.5 million in series B funding by new and existing investors.
ThreatLabz researchers observed several similarities in the C2 communication and .NET payload between this campaign and the previous campaigns attributed to the Molerats APT group.
Cybersecurity researchers from Akamai Technologies outlined a new, fraudulent campaign that leverages Amazon’s name to promote a fraudulent “Amazon to create its own digital token” scheme.