North Korea’s Lazarus Group has made $3 billion out of cryptocurrency hacks.
Since at least 2017, threat actors from the Democratic People’s Republic of Korea (DPRK) have been focusing on the cryptocurrency sector as a way to generate revenue and evade sanctions. In a report shared with The Hacker News, cybersecurity firm Recorded Future stated that “the…
0 Comments5 Minutes
The Methods Cybercriminals Use to Get Your Users’ Passwords and Then Sell Them
The value of account credentials has increased in the cybercrime market since they are a common initial access vector. Consequently, your company’s entire network could be at risk from just one pair of compromised credentials. Data breaches that happened between November 2021 and October 2022…
0 Comments9 Minutes
Uncovering a Passive Approach to Extracting Private RSA Keys from SSH Tunnels
A recent study has shed light on the potential for passive network attackers to obtain Private RSA Keys from SSH Tunnels. This is achieved by capitalizing on the identification of inherent computational issues that surface during the connection establishment process. [FREE E-BOOK] The Definite…
0 Comments5 Minutes
Emails with a shipping theme are being used to spread a new WailingCrab malware loader.
Cybercriminals are employing email messages centred around delivery and shipping to spread a newly identified and sophisticated malware loader named WailingCrab. “The malware itself is split into multiple components, including a loader, injector, downloader, and backdoor,” stated…
0 Comments7 Minutes
North Korean hackers pose as recruiters and job seekers.
Threat actors from North Korea have been linked to two campaigns. In these instances, they distribute malware and engage in unauthorized job applications with companies in the United States and other countries by pretending to be recruiters and job seekers. [FREE E-BOOK] The Definite Blueprint for…
0 Comments6 Minutes
NetSupport RAT targets both the business and government sectors
A remote access trojan, known as NetSupport RAT, is actively being used by threat actors to launch attacks on organizations across the education, government, and business services sectors. “The delivery mechanisms for the NetSupport RAT encompass fraudulent updates, drive-by downloads,…
0 Comments4 Minutes
Play Ransomware Is being Provided as a Service to Cybercriminals
The Play ransomware strain has transformed into a lucrative business model, being marketed to other threat actors “as a service,” according to new data that was discovered by Adlumin. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing “The unusual lack of…
0 Comments4 Minutes
CISA Issue a Public Alert Regarding Rhysida Ransomware
The threat actors behind the Rhysida ransomware conduct opportunistic attacks on enterprises in a variety of industries. The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC)…
0 Comments5 Minutes
Unveiling a New Ransomware Group: Leveraging Hive’s Source Code and Infrastructure
To propel their initiatives in the threat landscape, the threat actors orchestrating the formation of the ransomware group Hunters International have seized control of the source code and infrastructure once belonging to the now-defunct Hive operation. “It appears that the leadership of the…
0 Comments5 Minutes
A DDoS botnet OracleIV is targeting public Docker Engine APIs
Publicly accessible instances of the Docker Engine API are currently under attack by threat actors. This is part of a broader campaign aiming to co-opt these machines into a distributed denial-of-service (DDoS) botnet known as OracleIV. Researchers Nate Bill and Matt Muir from Cado disclosed that…
0 Comments6 Minutes