ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild. The new DePriMon downloader was used by the Lambert APT group, aka Longhorn, to deploy malware. According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since […]
A critical flaw in the Jetpack WordPress Plugin could be exploited by threat actors to hack WordPress websites running flawed versions of the plugin. A critical vulnerability affects the Jetpack WordPress Plugin version Jetpack 5.1. and later, admins and owners of WordPress websites are urged to update their installs to Jetpack version 7.9.1. Jetpack is a […]
The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware and provided useful information on the threat. The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware, the tech giant provided useful information on the threat and how it spreads. “Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information […]
Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. Group-IB, a Singapore-based cybersecurity company: ransomware accounted for over half of all malicious mailings in H1 2019, detected and analyzed by Group-IBâs Computer Emergency Response Team (CERT-GIB), with Troldesh aka Shade being the most popular tool […]
Macyâs has started notifying some of its customers that crooks used a software skimmer to steal their personal and financial information. Macyâs has started notifying some of its customers that discovered a software skimmer on its website used by crooks to steal their personal and financial information. The malicious software was discovered on October 15, […]
Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The state government of Louisiana was hit by a ransomware attack that affected multiple state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. The incident forced […]
NextCry is a new ransomware that was spotted by researchers while encrypting data on Linux servers in the wild. Security experts spotted new ransomware dubbed NextCry that targets the clients of the NextCloud file sync and share service. The name comes from the extensions the ransomware appends to the filenames of encrypted files. The malicious code targets Nextcloud […]
With the advent of this year’s holiday shopping season are cybercriminals are using carding bots to test stolen payment card data before using them. Cybercriminals need to test the validity of the stolen card data before carrying out fraudulent transactions or selling them during the holiday shopping season. Cybercriminals are automating this process using carding […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware Major ASP.NET hosting provider SmarterASP hit by ransomware attack Apple Mail stores parts of encrypted emails in […]
Sergiy P. , the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P. Usatyuk, a man that was operating several DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. DDoS-for-hire services, aka stressers or booters, allows crooks […]