Cyware Alerts - Hacker News

Financial sector faces more ransomware attacks.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 24 April 2022, 1425 UTC.

Content provided by "Cyware.com."

Source:  https://www.cyware.com.

Please check link or scroll down to read your selections.

Thanks for joining us today.

hawaiicybersecurityjournal.blogspot.com


Cyware Alerts - Hacker News

Financial Sector Faces Ransomware Attacks, Now More Than Ever

Financial Sector Faces Ransomware Attacks, Now More Than Ever - Cyware Alerts - Hacker News
A new VMware report states that threat actors have moved from hacking wire transfers to targeting market data. Around 75% faced at least one ransomware attack, among which 63% paid the ransom.

Emotet Revamp: New Payloads and 64-Bit Modules

Emotet Revamp: New Payloads and 64-Bit Modules - Cyware Alerts - Hacker News
According to Kaspersky, Emotet infection has seen a ten-fold increase from February to March, going from 3,000 to 30,000 emails. It is switching to new payloads detected by fewer antivirus engines.

REvil's Tor Servers are Active Again

REvil's Tor Servers are Active Again - Cyware Alerts - Hacker News
REvil ransomware’s servers in the Tor network are active again after months of inactivity. At present, these servers are redirecting users to a new operation that is believed to have started in mid-December 2021.

Lazarus APT Uses TraderTraitor Malware to Target Cryptocurrency Organizations

Lazarus APT Uses TraderTraitor Malware to Target Cryptocurrency Organizations - Cyware Alerts - Hacker News
In an alert, the FBI, CISA, and the Treasury Department revealed that the group is sending a large number of spear-phishing messages to employees working in blockchain technology and cryptocurrency firms. These emails often mimic a recruitment effort and offer high-paying jobs to entice the recipie ... Read More

FIN12 Gets Faster at Encrypting Networks, Mean Dwell Times Reduce

FIN12 Gets Faster at Encrypting Networks, Mean Dwell Times Reduce - Cyware Alerts - Hacker News
According to Mandiant's M-Trends 2022 report, the global median dwell time dropped down to 21 days in 2021 from 24 days in 2020. One reason why the attack life cycle of FIN12 has been shortened is that the gang does not focus on stealing confidential data before triggering the ransomware attack.

HHS Warns About Hive Ransomware Attacks on Healthcare Sector

HHS Warns About Hive Ransomware Attacks on Healthcare Sector - Cyware Alerts - Hacker News
The HHS claimed that Hive ransomware is the fourth most active ransomware group in the cybercrime landscape. It conducts double extortion against organizations and leaks the stolen data on the dark web.

Night Sky Ransomware's Ride From Dawn Till Dusk

Night Sky Ransomware's Ride From Dawn Till Dusk - Cyware Alerts - Hacker News
A recent report by Vedere Labs provides several details about Night Sky, whose samples were first spotted in January during a short campaign that targeted two victims from Bangladesh and Japan. 

Inno Stealer - Fake Windows 11 Upgrade Spreads Infostealer

Inno Stealer - Fake Windows 11 Upgrade Spreads Infostealer - Cyware Alerts - Hacker News
The new infostealer malware targets various web browsers and crypto wallets such as Chrome, Brave, Comodo, Opera, Vivaldi, Edge, 360 Browser, GeroWallet, BraveWallet, and GuildWallet.

BotenaGo's New Avatar Targets Lilin DVR Devices

BotenaGo's New Avatar Targets Lilin DVR Devices - Cyware Alerts - Hacker News
In October 2021, the source code of BotenaGo was leaked, leading to the creation of newer variants based on the original. Since then, researchers have observed various variants of BotenaGo.

Recent Emotet Outbreak Poses a Threat to Organizations

Recent Emotet Outbreak Poses a Threat to Organizations - Cyware Alerts - Hacker News
Recently, researchers from FortiGuard Labs found a variety of malicious Microsoft Office files (maldocs) being used in a series of phishing attacks delivering Emotet. The first attack appeared in November 2021. While the Word documents contain malicious VBA code, the Excel files use Excel 4.0 mac ... Read More

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

Containers can escape regardless of whether they run Java applications, or whether their underlying host runs Bottlerocket, AWS's hardened Linux distribution for containers.

Pulling back the curtain on the ZLoader takedown, and the power of security, nonprofit threat sharing

Last week Microsoft, ESET, Black Lotus Labs, Palo Alto Networks, Health-ISAC, and the Financial Services-ISAC, took control over the notorious ZLoader botnet, after an injunction issued by the U.S. Court for the Northern District of Georgia.

Attacks Against DeFi Protocols Surge

Attacks Against DeFi Protocols Surge - Cyware Alerts - Hacker News
Last year, more than $3 billion worth of digital assets were stolen. In Q1 2022, over $1.3 billion has already been stolen, indicating that the path taken by cybercriminals is even more aggressive this year.

New SolarMarker Variant with Improved Evasion Tactics

New SolarMarker Variant with Improved Evasion Tactics - Cyware Alerts - Hacker News
SolarMarker operators were observed using signed files, obfuscated PowerShell scripts, large files, and impersonation of legitimate software installers to stay undetected.

Banking, Crypto, and Other Scams Muddy the Cyberspace

Banking, Crypto, and Other Scams Muddy the Cyberspace - Cyware Alerts - Hacker News
In 2021, approximately 20,000 people fell victim to RAT scams, as per a report by the U.K's Action Fraud. Collectively, they lost $75 million. The U.S. lost around $2.4 billion to BEC scams in 2021, a 33% increase from 2020.

New IcedID Malware Campaign Targets Ukrainian Government

New IcedID Malware Campaign Targets Ukrainian Government - Cyware Alerts - Hacker News
The targeted intrusions are a part of hostile activities against the nation since the year started. As per CERT-UA, the country has suffered 362 cyberattacks since the invasion.

Watchdog warned UK government of spyware infections inside 10 Downing Street

"We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks," Citizen Lab said in a blog post.

Google fixes Chrome zero day being used in exploits in the wild

Google hasn't revealed any details about it besides that it was a type confusion in Chrome's V8 JavaScript engine. "Google is aware that an exploit for CVE-2022-1364 exists in the wild," the company says.

Night Sky: A Short-Lived Threat from a Long-Lived Threat Actor

Night Sky was discovered to be a fork of a ransomware family called Rook, which was itself derived from the leaked source code of Babuk and deployed by the same threat actor that used LockFile and AtomSilo, which share the same decryption tool.

Conti Ransomware's Toll on the Healthcare Industry – Krebs on Security

According to recently revealed information, Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “Ryuk.”

WH Smith Subsidiary Funky Pigeon Halts All Customer Orders After Security Incident

London Stock Exchange-listed WH Smith issued a statement to the market admitting Funky Pigeon was "subject to a cyber security incident affecting part of its systems on Thursday 14 April 2022."

UK: Over 42 million people had financial data compromised in 2021- 2022

According to a release from international law firm RPC, the financial information belonging to approximately 42.2 million people in the U.K. was surrendered due to a growing number of ransomware attacks.

 

Comments

Popular posts from this blog

The Hacker News Daily Updates

Cyber War News Today

CyberNews: Weekly News Roundup