cybersecurity threats
-
RansomHub Affiliates Exploit EDR Tools in Ransomware Attacks
ESET’s recent analysis highlights the alarming tactics employed by RansomHub affiliates, who utilize a custom tool to disable security measures in a coordinated effort with other ransomware groups.
-
Cybersecurity Breach: 150,000 Websites Compromised by Malicious JavaScript
A cybersecurity campaign has compromised approximately 150,000 legitimate websites through malicious JavaScript injections to promote illegal gambling platforms. Analysts highlight the evolving tactics of threat actors, raising concerns over the integrity and security of online spaces.
-
Cybersecurity Firm Exposes Ransomware Infrastructure, Protects Victims
Cybersecurity firm Resecurity has successfully infiltrated and dismantled the infrastructure of the BlackLock ransomware gang, providing critical alerts to victims ahead of planned data leaks.
-
OpenAI Expands Bug Bounty Program and Cybersecurity Initiatives
OpenAI has announced expansions to its bug bounty and cybersecurity grant programs, including a significant increase in the maximum bug bounty payout from $20,000 to $100,000 and new microgrants for innovative cybersecurity research proposals.
-
New Variants of SparrowDoor Malware Linked to Chinese Threat Actor FamousSparrow
The Chinese hacking group FamousSparrow has been linked to recent cyber attacks involving new variants of the SparrowDoor malware and the ShadowPad backdoor, targeting a U.S. trade group and a Mexican research institute.
-
RedCurl Cyberspies Adopt Ransomware Tactics Targeting Hyper-V Servers
RedCurl, a cyber-espionage group known for corporate intrusions, has shifted tactics by deploying ransomware designed to encrypt Hyper-V virtual machines. This significant evolution in their operational strategy raises concerns about their intentions and operational objectives.
-
Google Patches Critical Zero-Day Flaw in Chrome Amid Ongoing Cyber Threats
Google has issued a security patch for Chrome to address a severe zero-day vulnerability exploited in phishing attacks, urging users to update their browser as cyber threats continue to evolve.
-
Phishing Scams Exploit iMessage and RCS as New Threat Emerges
Chinese phishing operatives are now exploiting iMessage and RCS to conduct sophisticated scams, capitalizing on the encryption and advanced features of these messaging platforms. Cybersecurity firm Prodaft reveals alarming success rates for these scams, with the platform Lucid impersonating organizations worldwide.
-
New Malicious npm Packages Target Open-Source Systems with Sophisticated Attacks
Cybersecurity researchers warn of two malicious npm packages, ethers-provider2 and ethers-providerz, designed to alter legitimate installations, providing attackers enhanced access to developer systems. The novel methods underscore the growing sophistication of software supply chain threats.
-
RedCurl Hacking Group Transitions to Ransomware Tactics, Raising Alarm Among Cybersecurity Experts
The Russian-speaking hacking group RedCurl has shifted from its focus on corporate espionage to deploying ransomware for the first time, revealing a new strain identified as QWCrypt and raising significant concerns in cybersecurity circles.
