Mar 10, 2023Ravie LakshmananEndpoint Security / Hacking An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed in 2016, is a modular … [Read more...] about New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
Worldwide
Elastic named a Major Player in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment
Consolidating cloud, endpoint, automation, and SIEM tools all in one unified platformElastic Security’s foundational strength is in supporting fast search across any data source for any environment. In fact, the IDC MarketScape report notes “Unlike others with separate products, Elastic includes its EDR and cloud workload protection products in its security offering.” The … [Read more...] about Elastic named a Major Player in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment
U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond. "The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, … [Read more...] about U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide
Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor. Russian cybersecurity company Kaspersky, which is tracking … [Read more...] about North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide
Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool — codenamed "Vermilion Strike" — marks one of the rare Linux ports, … [Read more...] about Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Emerging Ransomware Targets Dozens of Businesses Worldwide
An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, "Prometheus" is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run … [Read more...] about Emerging Ransomware Targets Dozens of Businesses Worldwide
Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide
A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli cybersecurity firm said it identified at least 250 public-facing web servers since … [Read more...] about Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide
A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020.Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway … [Read more...] about A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide
Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe.Collectively called the "Tetrade" by Kaspersky researchers, the malware families — comprising Guildma, Javali, Melcoz, and Grandoreiro — have evolved their capabilities to function as a … [Read more...] about 4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide
Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics
Silence APT, a Russian-speaking cybercriminal group, known for targeting financial organizations primarily in former Soviet states and neighboring countries is now aggressively targeting banks in more than 30 countries across America, Europe, Africa, and Asia.Active since at least September 2016, Silence APT group's most recent successful campaign was against Bangladesh-based … [Read more...] about Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics