Delaware, USA – August 2, 2018 – Researchers from Kaspersky Lab discovered a new PowerGhost cryptocurrency miner, which attacks networks of organizations worldwide. Attackers use several fileless infection techniques to prevent detection by antivirus solutions. The initial system is infected remotely either by remote administration tools or by using exploits. Researchers from Sonicwall Capture Labs […]
Delaware, USA – August 1, 2018 – Another Ransomware attack practically froze the Matanuska-Susitna borough. The incident occurred on Tuesday, July 24, and the network did not fully recover so far. Attackers used BitPaymer Ransomware to encrypt 500 computers and 120 servers connected to government networks. According to official representatives of the Borough, no sensitive […]
Delaware, USA – July 31, 2018 – Experts from Check Point uncovered a large-scale malvertising campaign, which was used to redirect users to Exploit Kits landing pages and technical support scammers’ websites. During the investigation of one of the RIG EK campaigns, the researchers found the Master134 server, to which scripts on the hacked websites […]
Delaware, USA – July 30, 2018 – Newly discovered Underminer Exploit Kit targets Asian countries. The first traces of the Exploit Kit were discovered in November 2017, and its operators managed to stay below the radar since the middle of July until the attackers increased the scale and number of target countries. Adversaries started spreading […]
Delaware, USA – July 27, 2018 – Researchers from Symantec exposed the activities of the Leafminer hacking group allegedly linked to the Iranian government. The experts managed to gain access to one of the servers used in the group’s operations and obtain a list of Leafminer targets and their tools. Attackers have been conducting cyber […]
Delaware, USA – July 26, 2018 – The North American division of the Chinese shipping giant COSCO suffered from a massive ransomware attack. The company has not yet shared the details of which ransomware strain ‘paralyzed’ the network. At the moment the COSCO network in North America is disconnected from the company’s networks in other […]
Delaware, USA – July 25, 2018 – TA505 cybercriminal group has been known for 4 years with its large-scale malspam campaigns distributing banking trojans, ransomware and infostealers borrowing the infamous Necurs botnet. In early March, the group weaponized FlawedAmmyy RAT, which allows them to remotely control an infected system and provides access to all files […]
Delaware, USA – July 24, 2018 – Last week, Oracle released the update closing critical vulnerabilities in WebLogic servers, that can allow attackers to easily gain control over the entire server by dropping jsp backdoor without the need to use credentials. A few days later several proof-of-concept exploits for patched vulnerabilities were published on the […]
Delaware, USA – July 20, 2018 – LabCorp shared the details of the attack, which occurred last weekend. It was started on July 13, around midnight, when adversaries from SamSam group began brute-forcing RDP connections. At 6:00 p.m. on Saturday, July 14, the attackers started to encrypt computers at LabCorp. Organization’s Security Operation Center immediately […]
Delaware, USA – July 19, 2018 – Blackgear cyber ​espionage campaign has been conducted for 8 years, targeting organizations in Japan, South Korea and Taiwan. Attackers are interested in telecommunications and other high-tech industries. Researchers from Trend Micro recently discovered changes in the malware used in this campaign, as well as some new features. The […]