The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet. These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports' websites offline on October 10 in similar network-traffic flooding incidents. The large-scale DDoS attack didn't disrupt air travel or cause any operational harm to the airports. READ MORE...
A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 software code repositories. According to a Dropbox advisory on Nov. 1, the mid-October attack consisted of emails that appeared to be from CircleCI, a popular DevOps platform, and directed Dropbox employees to go to a fake login page. READ MORE...
A French-speaking cybercrime group pulled off a series of heists over the past four years, netting perhaps as much as $30 million from firms in Africa, Asia and Latin America. Using a combination of high-quality spear phishing and off-the-shelf tools, the group has carried out more than 30 attacks targeting banks, financial services and telecommunications firms, according to research on the group's activities published Thursday. READ MORE...
Kaspersky is warning of a previously unknown espionage campaign targeting the Persian-speaking religious minority Baha'i with Android spyware. As part of the campaign, victims were lured to a VPN application claiming to provide access to Baha'i religious resources that are banned in Iran. The application contains highly sophisticated spyware designed to collect all types of data from devices, including call logs and contact lists, and to track victims' activities. READ MORE...
Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole with a CRITICAL severity rating, the project's highest. READ MORE...
Fortinet on Tuesday informed customers about 16 vulnerabilities discovered in the company's products, including six flaws that have been assigned a 'high' severity rating. One of the high-severity issues affects FortiTester and it allows an authenticated attacker to execute commands via specially crafted arguments to existing commands. FortiSIEM is affected by a vulnerability that allows a local attacker with command-line access to perform operations on the Glassfish server directly via a hardcoded password. READ MORE...
Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as "Carbanak." When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection and Response) evasion tools used exclusively by Black Basta since June 2022. READ MORE...
Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. "The media company in question is a firm that provides both video content and advertising to major news outlets. [It] serves many different companies in different markets across the United States," Sherrod DeGrippo told BleepingComputer. READ MORE...
U.S. banks and financial institutions reported a record surge in ransomware payments in 2021, with almost 1,500 filings valued at a total of nearly $1.2 billion, according to the Treasury Department's Financial Crimes Enforcement Network. The total represented a 188% increase from 2020, when there were 487 filings for a total value of $416 million. Officials said the rapid increase may be due to a surge in actual incidents as well as improved reporting and detection of attacks. READ MORE...