Sitewide-SGP 160x600
Booking.com

News Updated every hour from selected RSS

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.

Alex Holden is founder of Hold Security, a Milwaukee-based cybersecurity firm. Holden’s team gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “Cl0p” a.k.a. [...]

Fri, Dec 09, 2022, Continue reading at the source

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees.

A slide from a talk given in Sept. 2022 by Google researcher Luca Nagy. https://www.youtube.com/watch?v=5Gz6_I-wl0E&t=6s

Glupteba is a [...]

Tue, Dec 06, 2022, Continue reading at the source

ConnectWise, which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.

A phishing attack targeting MSP customers using ConnectWise.

ConnectWise Control is extremely popular among MSPs that manage, protect and service large numbers of computers remotely for client organizations. Their product provides a dynamic software client and hosted [...]

Fri, Dec 02, 2022, Continue reading at the source

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.

Pushwoosh says it is a U.S. based company that provides code for software developers to profile smartphone app users based on their online activity, allowing them [...]

Tue, Nov 29, 2022, Continue reading at the source

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic.

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites.

The Disneyland Team uses common misspellings for top bank brands in its domains. For example, one domain the gang has used since March 2022 is ushank[.]com — which [...]

Thu, Nov 17, 2022, Continue reading at the source
Udemy Generic 728x90