Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and persistent,… Read More "New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking"
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
Oct 03, 2024Ravie LakshmananCybercrime / Financial Fraud INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed… Read More "INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa"
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on… Read More "Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch"
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
Oct 03, 2024Ravie LakshmananCybercrime / Ransomware A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what… Read More "LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort"
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Oct 02, 2024Ravie LakshmananCyber Threat / Malware Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the attackers didn’t succeed… Read More "Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations"
Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Oct 02, 2024Ravie LakshmananVulnerability / Data Breach Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the… Read More "Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit"
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
Oct 02, 2024Ravie LakshmananCybercrime / Threat Intelligence A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. “A sophisticated… Read More "Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals"
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
Oct 02, 2024Ravie LakshmananCyber Espionage / Cloud Security A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand… Read More "China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration"
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme… Read More "Fake Trading Apps Target Victims Globally via Apple App Store and Google Play"
Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
Oct 02, 2024Ravie LakshmananVulnerability / Network Security A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities could enable attackers… Read More "Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities"