Today's big ransomware story is a star-studded affair, according to entertainment news website Variety[.]com. Variety says that the law firm Grubman Shire Meiselas & Sacks, or just gsmlaw[.]com for short, has experienced a ransomware attack that apparently involved the appropriately named REvil malware. Rather than simply knocking the law firm out of action temporarily, the ransomware crooks are said to have stolen personal data from a laundry list of celebrity clients, too. READ MORE...
Railway rolling stock manufacturer Stadler Rail is currently investigating a malware attack that forced some of its systems offline. Headquartered in Bussnang, Switzerland, the company produces a variety of trains (high-speed, intercity, regional and commuter heavy rail, underground, and tram trains), and trams, and has roughly 11,000 employees at over 40 locations. READ MORE...
A group of hackers has started to advertise on the dark web data allegedly stolen as a result of multiple recent breaches, including ones that affected Tokopedia, Styleshare, Minted, ChatBooks, and others. Known as "Shiny Hunters," the group recently claimed responsibility for hacking Tokopedia, Indonesia's largest online store, and claimed last week to have breached Microsoft's GitHub account. READ MORE...
A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. MageCart was first spotted over a decade ago by cybersecurity company RiskIQ but attacks have grown rampant over the past two years when big-name companies were hit - British Airways, Ticketmaster, OXO, Newegg. READ MORE...
The operators of the Astaroth infostealer have implemented several new tactics aimed at evading detection, which researchers say have made the malware "painful to analyze." Astaroth first emerged in 2017, but has steadily been used over the years in increasingly sophisticated campaigns aimed at exfiltrating sensitive data. More recent analysis of the infostealer has now emerged, after it was discovered at the heart of a spear-phishing campaign targeting Brazilians over the past nine months. READ MORE...
The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the use of coronavirus themes. Since April, it has been seen attacking U.S. targets with a few changed processes. The main upgrades in the latest version can be found in the process-injection and bot-configuration aspects if the malware's operations, according to researchers. READ MORE...