Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector. "After an … [Read more...] about North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
data breach
FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals
Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged with … [Read more...] about FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper … [Read more...] about SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
Sep 05, 2024Ravie LakshmananMalware / Human Rights Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. "Sighting this group's [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to … [Read more...] about Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
North Korean Hackers Targets Job Seekers with Fake FreeConference App
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native … [Read more...] about North Korean Hackers Targets Job Seekers with Fake FreeConference App
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, the attackers took advantage of … [Read more...] about Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, … [Read more...] about RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit
Aug 31, 2024Ravie LakshmananRootkit / Threat Intelligence A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of … [Read more...] about North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit
Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort … [Read more...] about Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
Iranian Hackers Set Up New Network to Target U.S. Political Campaigns
Aug 30, 2024Ravie LakshmananCyber Threat / Cyber Espionage Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future's Insikt Group has linked the infrastructure to a hacking group it tracks as GreenCharlie, an Iran-nexus cyber threat … [Read more...] about Iranian Hackers Set Up New Network to Target U.S. Political Campaigns