China-linked hacking group APT31 has been using new malware in recent attacks targeting Mongolia, Belarus, Canada, the United States, and - for the first time - Russia, according to enterprise cybersecurity firm Positive Technologies. Also tracked as Judgment Panda, Zirconium, and Red Keres, APT31 is believed to be working on behalf of the Chinese government, conducting cyberespionage campaigns against targets of interest to the country. READ MORE...
In another cyberattack on a healthcare system, threat-actors have tried to throw a wrench into the ongoing COVID-19 vaccine roll-out in the region of Lazio, Italy. The large and densely populated region is the country's second most populous and includes the country's capital, Rome. On Sunday the Facebook page of the region informed the public that hackers had disabled the systems of the regional health care agency. READ MORE...
Ransomware has seen a significant uptick so far in 2021, with global attack volume increasing by 151 percent for the first six months of the year as compared with the year-ago half. Meanwhile, the FBI has warned that there are now 100 different strains circulating around the world. From a hard-number perspective, the ransomware scourge hit a staggering 304.7 million attempted attacks within SonicWall Capture Labs' telemetry. READ MORE...
Criminals behind the Raccoon Stealer platform have updated their services to include tools for siphoning cryptocurrency from a target's computer and new remote access features for dropping malware and scooping up files. The stealer-as-a-service platform, whose customers are typically rookie hackers, offers turnkey services for pilfering browser-stored passwords and authentication cookies. READ MORE...
A Netherlands security research firm has uncovered a new Android dropper app, dubbed Vultur, that delivers legitimate functionality, then silently shifts into malicious mode when it detects banking and other financial activities. Vultur, found by ThreatFabric, is a keylogger that captures financial institution credentials by piggybacking on the current banking session and stealing funds right away - invisibly. And just in case the victim realizes what is happening, it locks down the screen. READ MORE...
Researchers have identified more than a dozen vulnerabilities in the NicheStack TCP/IP stack, which appears to be used by many operational technology (OT) vendors. The vulnerabilities are collectively tracked as INFRA:HALT. The security holes, discovered by researchers from Forescout Research Labs and JFrog Security Research, can be exploited by an attacker for remote code execution, denial-of-service (DoS) attacks, information leaks, TCP spoofing, and DNS cache poisoning. READ MORE...
Security researchers have discovered Cobalt Strike denial of service (DoS) vulnerabilities that allow blocking beacon command-and-control (C2) communication channels and new deployments. Cobalt Strike is a legitimate penetration testing tool designed to be used as an attack framework by red teams (groups of security professionals who act as attackers on their own organization's infrastructure to discover security gaps and vulnerabilities.) READ MORE...