The U.S. security agencies have issued advisories against highly dangerous cyber threats from Russian Foreign Intelligence Service (SVR) operators (APT29, Cozy Bear, and Dukes), and the threat actors are adapting accordingly.
Three new malware DOUBLEDRAG, DOUBLEDROP, and DOUBLEBACK, associated with a massive cyberespionage campaign, have been targeting several organizations in the U.S. The related phishing attacks were carried out by a new financially motivated threat actor group dubbed UNC2529.
These fraudulent applications are aimed at exploiting the increased interest in trading apps, driven by the recent significant rise in the value of cryptocurrencies and interest in stock trading.
The Qualys Research Team found 10 remotely exploitable and 11 locally security flaws, collectively known as 21Nails. Versions prior to Exim 4.94.2 are vulnerable to attacks exploiting 21Nails.
While it has been more than a year since the pandemic struck and the world lost more than 3 million lives, threat actors are still hell-bent on disrupting the networks of healthcare facilities, with no concern for human lives.
The CISA has published a report on the FiveHands ransomware deployed by an aggressively financially motivated group – UNC2447. The campaign involved extortion incidents between January and February.
While ransomware operators have adopted various extortion tactics to make their victims pay up, it’s important to take a look at key statistics on victims paying or not paying the ransom.
The FBI says that cybercrime gangs are using search results and search engine ads to lure victims on phishing sites for financial institutions in order to collect their login credentials.
The Cuba Ransomware group and the operators behind the Hancitor downloader have reportedly united for easy access to compromised corporate networks. For years, Cuba ransomware has been in and out of the ransomware game; it came to the limelight after the ATFS attack.
Researchers from Kaspersky uncover an ongoing espionage campaign called TunnelSnake targeting Asian and African diplomats and some high-profile organizations. The attack is being allegedly conducted by Chinese actors.