Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Threat actors are using Internet Information Services - Microsoft's extensible web server software - to deliver a previously undocumented dropper that is being used to install a new backdoor and other tools. The group dubbed Cranefly uses a new backdoor called Danfuan, researchers say.
A Ukrainian man is fighting extradition to the United States, where he faces a four-count criminal indictment for his role in operating the Raccoon malware-as-a-service infostealer malware. Dutch authorities arrested Mark Sokolovsky, 26, in March, shows an unsealed indictment.
Apple has issued a slew of security updates amid reports that its iOS devices are being actively exploited via a zero-day vulnerability in the kernel. While Apple hasn't attributed the exploits to any specific group, experts say surveillance malware developers are a likely culprit.
Business Email Compromise (BEC) losses are up 51% year-over-year according to the FBI Crime Report. Additionally, Ransomware is surging, with more than double the number of incidents reported. It takes a defense-in-depth approach to reduce the risk of these popular threats. By understanding the current threats and...
Researchers uncovered a never-before-seen advanced threat actor dubbed Metador targeting telecommunications, internet service providers and universities in several countries in the Middle East and Africa for cyberespionage. They found two different Windows-based malware platforms.
Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.
The LockBit group has paid the first payment of $50,000 as part of its bug bounty program for researchers willing to aid in cybercriminality. The group had announced that it will pay individuals who find exploitable vulnerabilities in the software it uses to maliciously encrypt files.
Password manager LastPass says the attackers behind the August security incident had access to its systems for four days. LastPass CEO Karim Toubba, sharing details about last month's breach, confirms that there is no evidence of any threat actor activity beyond the established timeline.
After an international law enforcement operation shuttered stolen data forum RaidForums in February, one of its power users launched a replacement called Breached. Within months, the English-language forum has amassed more stolen records and nearly as many users as its predecessor.
The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S. and Japan to establish long-term access into victim networks to conduct espionage operations by deploying custom-built malware implants VSingle, YamaBot and MagicRAT.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
The operators behind banking Trojan SharkBot are distributing an updated version of the malware on now-deactivated malicious applications on Google Play. Called Mister Phone Cleaner and Kylhavy Mobile Security, the apps have been downloaded 10,000 and 50,000 times, respectively, says Fox-IT.
In the latest weekly update, four Information Security Media Group editors discuss key cybersecurity issues, including the high cost of BEC scams, a Cuba ransomware gang's attack on Montenegro, and why so many hacktivists couldn't overcome the technical ennui of the Russia-Ukraine cyberwar.
Chinese intelligence is conducting cyberespionage campaigns targeting corporations involved with energy extraction in the South China Sea, researchers say. Proofpoint and PwC conclude with moderate confidence the campaign is the work of the threat actor known as TA423 or Red Ladon.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.