As the time for distribution of COVID-19 vaccines comes closer, law enforcement agencies across the world are warning of organized crime threats, including schemes to sell counterfeit vaccines on the dark web, as well as physical and virtual attacks targeting supply chain companies.
Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware and request payment.
Dutch HR firm Randstad and the public transportation agency of Vancouver, Canada, are continuing to recover from ransomware attacks. Both incidents appear to have involved Egregor ransomware, with Randstad reporting that data was exfiltrated and is now being leaked by attackers to try and force payment.
A source code flaw in the Google Play store platform could enable attackers to perform remote code execution for credential theft on several prominent apps, a new report by security firm Check Point Research finds.
The hacker-for-hire group DeathStalker, known for conducting espionage campaigns against small and medium-sized businesses, has started using a new malware strain called PowerPepper, according to a report from the security firm Kaspersky.
Trickbot malware has been updated with a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities, according to a report from the security firms Eclypsium and Advanced Intelligence. These flaws, if exploited, can give an attacker the ability to brick a device.
Interpol the international law enforcement organization, is warning of a potential surge in organized crime activity tied to COVID-19 vaccines. The alert follows recent reports of spikes in alleged cyberattacks by suspected North Korean hackers against companies working on vaccines and treatments.
A botnet called DarkIRC is exploiting a remote execution vulnerability in Oracle WebLogic, according to Juniper Threat Labs. Meanwhile, the malware used to create the botnet is being offered for sale on a darknet hacking forum.
As part of a cyberespionage campaign, the Russian hacking group known as Turla deployed a backdoor called "Crutch" that uses Dropbox resources to help gather stolen data, according to the security firm ESET.
Citi, Equifax, Capital One - the list of financial institutions that have suffered high-profile cyber incidents is long, and the penalties they've incurred have been steep. To Scott Kannry, CEO of Axio, it all comes down to cyber risk - and he has new ideas for redefining it.
Check Point Research has identified new variants of the long-dormant Bandook spyware that are being used for espionage campaigns across the world targeting government, financial, energy, food industry, healthcare, education, IT and legal organizations.
Based on the threats and tactics unleashed in 2020, cybersecurity promises to be a top-of-mind business risk for the next president to manage. Bill Swearingen of IronNet Cybersecurity reflects on a virtual roundtable discussion about what to expect over the next four years.
CISA is warning about a possible password leak that could affect vulnerable Fortinet VPNs and lead to further exploitation. The latest agency notice comes just days after hackers began publishing what they claim are leaked passwords on underground forums, according to researchers.