A crew of highly-skilled hackers specialized in corporate espionage has resumed activity, one of their victims this year being a large wholesale company in Russia. Tracked as RedCurl, the group attacked the Russian business twice this year, each time using carefully constructed spear-phishing emails with initial-stage malware. Active since 2018, RedCurl is responsible for at least 30 attacks against businesses in Russia (18 of them), Ukraine, Canada, Norway, the UK, and Germany. READ MORE...
A phishing kit that has been used in thousands of attacks worldwide has been active for significantly longer than previously thought - and it continues to pose a potent threat to organizations across multiple sectors, new analysis shows. The kit, named PerSwaysion, is designed to give cybercriminals a way to launch a phishing campaign relatively easily and with little up-front effort. READ MORE...
The past year's massive migration of movie and television audiences to streaming services has provided scammers with a sweet opportunity to launch phishing attempts to lure would-be subscribers into giving up their payment information. Where there's payment data, cybercriminals are sure to follow, Kaspersky's Leonid Grustniy pointed out in his latest report, warning about phishing campaigns disguised to look like Netflix, Amazon Prime and other streaming service offers. READ MORE...
The accelerated digitalization related to the COVID-19 pandemic has significantly influenced the development of a number of cyber threats, according to the new edition of Europol's Internet Organised Crime Threat Assessment. Criminals have been quick to abuse the current circumstances to increase profits, spreading their tentacles to various areas and exposing vulnerabilities, connected to systems, hospitals or individuals. READ MORE...
?There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. These attempts to enlist Chinese threat actors are mainly seen on the RAMP hacking forum, which is encouraging Mandarin-speaking actors to participate in conversations, share tips, and collaborate on attacks. READ MORE...
Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD). Tracked as CVE-2021-42306 (CVSS score of 8.1), the vulnerability exists because of the manner in which Automation Account "Run as" credentials are created when a new Automation Account is set up in Azure. READ MORE...
The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021. No CVE identifier has been issued for the security error yet, but FatPipe, which specializes in SD-WAN solutions, did confirm that its WARP, MPVPN, and IPVPN devices are affected by the issue. READ MORE...