This campaign targets South Korea-based think tanks whose research focuses on political, diplomatic, and military topics pertaining to North Korea, China, Russia, and the U.S.
Researchers from Sophos Labs said the attack was noticed after the firm’s own employees were targeted with spam emails. These emails were written with at least a basic level of social engineering.
Cyber security department director Chien Hung-wei told parliament representatives that the Taiwanese government infrastructure faces “five million attacks and scans a day”.
Ukraine agencies disclosed the details, including the real names, of the members of the Gamaredon group and linked its activities with Russia’s FSB. According to the report, the group allegedly carried out around 5,000 cyberattacks against Ukraine and attempted to target over 1,500 government computer systems. The technical details shared in the report shall help other […]
While ransomware attacks are relentless, recent crackdowns by law enforcement have forced some big players to close shop, even if temporarily.
Stor-a-File, a U.K-based data capture and storage company, suffered a ransomware attack in August that exploited an unpatched instance of SolarWinds’ Serv-U FTP software.
Residential proxies allowed the attackers to pass their internet traffic via a home user. This makes the traffic appear to have originated from a residential broadband customer in the U.S. instead of somewhere else, such as Eastern Europe.
MasterFred Android Malware Uses Fake Login Overlays to Targets Netflix, Instagram, and Twitter Users
A MasterFred sample was first submitted to VirusTotal in June 2021 and was first spotted in June. It also targets banking customers using fake login overlays in different languages.
The first vulnerability was found in one of the functions of Nimbus, which runs on top of a Thrift server. The second bug was found in Storm’s supervisor service, which runs on top of a Netty server.
The ITG23 group is partnering with TA551 (Shatak) threat group to distribute ITG23’s TrickBot and BazarBackdoor malware, which malicious actors use to deploy Conti ransomware on compromised systems.