The group behind Cicada3301 has been recruiting affiliates on cybercrime forums since June. It is speculated that Cicada3301 could be related to the now-defunct ALPHV group, as both ransomware share similarities.
Backers included BackingMinds, in combination with industry veterans such as Jesper Zerlang (ex-CEO of Logpoint), Lars Ankjer, Otto Krabbe, Rolf Bladt, and several angels and key employees.
GreenCharlie attackers use dynamic DNS providers to register domains for phishing attacks, with deceptive themes like cloud services and document visualization to trick victims into revealing sensitive information or downloading malware payloads.
Sinon is an open-source tool designed to automate the burn-in process of Windows-based deception hosts. It simplifies the orchestration of deception hosts at scale by incorporating generative capabilities to introduce diversity and randomness.
A fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further.
The new draft of NIST’s digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver’s licenses, as well as options for identification without using biometrics like facial recognition.
The CISA has launched a cyber incident reporting portal to make breach disclosure easier. It allows organizations to report cyberattacks, vulnerabilities, and data breaches voluntarily.
The campaign, known as “Contagious Interview,” tricks developers into downloading fake npm packages or installers. The attackers deploy a Python payload named InvisibleFerret to steal data from cryptocurrency wallets.
According to a report by Critical Start Cyber Research Unit, the manufacturing industry was the top target for cyber threats in H1 2024, professional services saw a 15% increase in attacks, and healthcare experienced a 180% surge in incidents.
Once installed, the Rocinante malware prompts the victim to grant Accessibility Services and displays phishing screens tailored to different banks to steal personal information.