The attacks began in mid-May 2023 when the attackers started targeting Internet-exposed private Emby servers and infiltrating those configured to allow admin logins without a password on the local network.
Since the first known appearance of AceCryptor back in 2016, many malware authors have used the services of this cryptor, even the best-known crimeware like Emotet, back when it didn’t use its own cryptor.
Dark Frost represents the latest iteration of a botnet that appears to have been stitched together by stealing source code from various botnet malware strains such as Mirai, Gafgyt, and QBot.
Today, when threats are coming from a variety of places, not just one or a few, it becomes much harder to prepare for attacks and know what to patch or otherwise remediate because there is a lot more to address.
Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end “enterprise” product tiers. By withholding this capability from smaller organizations, they put customers’ security at risk.
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers.
While investigating attacks targeting a government entity in the UAE, Fortinet researchers also discovered an implant on Microsoft Exchange servers which was a novel web shell, dubbed ExchangeLeech, due to its unique ability to harvest credentials.
FortiGuard Labs came across an ongoing threat campaign targeting YouTube users searching for pirated software earlier this month. Videos advertising downloads of pirated software are uploaded by verified YouTube channels with large subscriber counts.
While there are no reported instances of Slack messages being weaponized, the trove of communications the platform collects from clients ranging from government agencies to activists has made user communications a target of both lawsuits and hackers.
A Brazilian hacking crew targeted users of over 30 Portuguese financial institutions earlier this year in a campaign that provides the latest example of financially motivated hackers in Brazil hitting foreign targets, according to SentinelLabs.