Cybercriminals behind recent Sodinokibi ransomware attacks are now upping their ante and scanning their victims' networks for credit card or point of sale (PoS) software. Researchers believe this is a new tactic designed to allow attackers to get the biggest bang for their buck - ransom payments and credit card data. The compromise of PoS software is a cybercriminal favorite for siphoning credit card information from unknowing customers. READ MORE...
Twitter is apologizing to business users for a data breach while announcing that their personally identifiable information might have been compromised. It turns out that details such as email addresses, telephone numbers, and the last four digits of credit card numbers were stored in those users' browser caches. As a result, other individuals using the same computer could have looked at the information with no additional authorization or authentication. READ MORE...
New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors. Researchers tracking Fxmsp's ventures on underground forums counted the network intrusions associated with this actor and revealed the presumed identity of the attacker. Fxmsp became widely known outside hacker forums about a year ago when cybersecurity boutique Advanced Intelligence published a series of reports on the actor. READ MORE...
A Thanos ransomware campaign targeting mid-level employees of multiple organizations from Austria, Switzerland, and Germany was met by the victims' refusal to pay the ransoms demanded to have their data decrypted. Thanos ransomware is a Ransomware-as-a-Service (RaaS) operation advertised on Russian-speaking hacker forums that allows affiliates to customize their own ransomware through a builder offered by the developer. READ MORE...
Authorities in New Zealand have seized the equivalent of $90 million in assets as part of an investigation into a Russian man accused of laundering cybercriminal funds through a global cryptocurrency exchange. The New Zealand Police announced Monday it had taken control of the funds, equivalent to $140 million in New Zealand dollars, belonging to Alexander Vinnik, the alleged operator of BTC-e, a currency trading platform shuttered by the U.S. government in 2017. READ MORE...
Zero-day vulnerabilities enable threat actors to take advantage of security blindspots. Typically, a zero-day attack involves the identification of zero-day vulnerabilities, creating relevant exploits, identifying vulnerable systems, and planning the attack. The next steps are infiltration and launch. This article examines three recent zero-day attacks, which targeted Microsoft, Internet Explorer, and Sophos. READ MORE...