DirtyMoe’s attack chain begins with the attackers attempting to gain admin privileges on a target’s Windows machine. It often relies on the PurpleFox exploit kit to misuse EternalBlue.

The previously undocumented malware has been dubbed “Sardonic” by Bitdefender, which it encountered during a forensic investigation in the wake of an unsuccessful attack carried out by FIN8.

The vulnerability ties the decryption of SM2 encrypted data, the changes depend on the targeted application and data it maintains (i.e. credentials) in the heap while the issue is exploited.

The company doesn’t think it was the intent of the hacker to release patients’ medical information but rather as a way to launch more sophisticated phishing email attacks on other Revere employees.

According to the latest telemetry by Trend Micro, researchers revealed that they had detected multiple LockBit 2.0 attack attempts in Chile, Italy, Taiwan, and the U.K.

Recent studies on the FluBot banking malware confirmed that there has been a spike in the number of malicious distribution pages affecting a number of Australian, Polish, and German banks.

Chief among the new entrants is AvosLocker, a RaaS group that commenced operations in late June via “press releases” that are branded with a blue beetle logo to recruit new affiliates.

According to a report published by PhishLabs, 54% of attacks in the cryptocurrency industry came from threat actors impersonating brands, employees, and executives on social media.

The hackers changed their obfuscation and encryption techniques every 37 days. This implies that the gang is highly motivated and possesses sophisticated detection evasion mechanisms.

Researchers found that an attacker with access to a health care facility’s network could take control of B. Braun SpaceStation by exploiting a common connectivity vulnerability.