Tag: cybersecuritynews

Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict
Risk, Security

Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict

Security researchers at Check Point Research have discovered a malware campaign launched in November 2022 against targets in Armenia (CPR). The campaign utilised a backdoor that the security company identified as OxtaRAT, according to a warning issued on Thursday. According to the technical description, the most recent version of OxtaRAT is a polyglot file that combines an image and a compiled AutoIT script. A web shell can be installed, port scanning is performed, a web shell can be installed, the compromised system can be remotely controlled with Tight VNC, footage from the web camera and desktop can be recorded, and more are all features of the tool read more Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict. With ReconBee.com Stay ahead of the latest threats with...
Google Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine
Risk, Security

Google Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine

Russian-sponsored cyberattacks against Ukraine increased by 250% in 2022 compared to 2020, while those against NATO nations increased by 300%. In a report titled Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape, released on February 16 in collaboration with Google Trust & Safety and threat intelligence company Mandiant, now a part of Google Cloud, Google Threat Analysis Group (TAG) made several startling discoveries. Google discovered that Russia's assertive, multifaceted plan to "achieve a decisive combat advantage in cyberspace" may have started as early as 2019 read the complete article Google Report Reveals Russia'Elaborate Cyber Strategy in Ukraine. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and ...
PayPal Phishing Scam Uses Invoices Sent Via PayPal
News

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Criminals continue to send phishing emails by taking advantage of how simple it is to create PayPal accounts and generate invoices. Users of PayPal should exercise caution and avoid falling for the phishing schemes that are prevalent on the service. Researchers at Avanan found a new campaign last year where attackers sent fraudulent invoices and phishing emails straight from PayPal. The technique was distinct from typical assaults that impersonated PayPal in that it was more challenging for end users and email security providers to identify and stop criminal behavior read the complete article PayPal Phishing Scam Uses Invoices Sent Via PayPal. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybers...
VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree
Risk, Security

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

On Monday, VMware stated that it had not discovered any proof that threat actors were using a zero-day vulnerability in its software as part of an ongoing global ransomware attack campaign. The virtualization services provider stated that the majority of complaints indicate that End of General Support (EoGS) and/or significantly out-of-date products are being targeted with known vulnerabilities that have already been patched and publicised in VMware Security Advisories (VMSAs). Additionally, the business advises users to update to the most recent supported releases of vSphere components in order to resolve known concerns and turn off the OpenSLP service in ESXi read the complete article VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree.
Pixpirate: New Android Banking Trojan Targeting Brazilian Financial Institutions
Risk, Security

Pixpirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has targeted Brazilian financial institutions with the intention of defrauding them using the PIX payments system. The malware is being tracked as PixPirate by the Italian cybersecurity firm Cleafy, which found it between the end of 2022 and the beginning of 2023. According to researchers Francesco Iubatti and Alessandro Strino, "PixPirate belongs to the newest generation of Android banking trojans, as it can perform ATS (Automatic Transfer System), enabling attackers to automate the insertion of a malicious money transfer over the Instant Payment platform Pix, adopted by multiple Brazilian banks read the complete article Pixpirate: New Android Banking Trojan Targeting Brazilian Financial Institutions.
Zero-trust security becoming a significant element for enterprises in adopting cybersecurity solutions
Risk, Security

Zero-trust security becoming a significant element for enterprises in adopting cybersecurity solutions

Cybersecurity-related news stories predominate. There seems to be an endless assortment of unrelenting assaults against corporations, including ransomware, phishing, and denial-of-service attacks. Unfortunately, cyberattacks have an impact on businesses financially in addition to making news about them. Enterprises have been compelled to align their security policies based on business intent due to the rise in cloud apps, mobile devices, remote workers, and IoT-connected equipment. In the past, cybersecurity professionals tended to place a higher priority on safeguarding users and company assets read the complete article Zero trust security becoming a significant element for enterprises in adopting cybersecurity solutions. To learn cybersecurity and cybersecurity awareness blog...
Hackers target thousands of computers Italy calls for a meeting
Risk, Security

Hackers target thousands of computers Italy calls for a meeting

Thousands of machines worldwide were vulnerable to a ransomware attack on VMware ESXi servers, according to Italy's national cybersecurity office, days after a similar hack targeted a UK derivatives trading firm. The Italian government has announced that the cybersecurity agency, or ACN, will consult with senior officials on Monday morning to assess the situation. The agency claims that the US, Canada, and France are also impacted. "The vulnerability being targeted is two years old and should have been patched by now," says Stefano Zanero, full professor of cybersecurity at Italy's Politecnico di Milano, "but evidently many systems are still not safeguarded." Zanero went on to say that Italy wasn't specifically a target. A form of virus known as ransomware encrypts a victim's fil...
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Risk, Security

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

A recent wave of assaults targets VMware ESXi hypervisors with the intention of installing malware on infected systems. A fix for CVE-2021-21974 has been available since February 23, 2021, according to an alert sent on Friday by the French Computer Emergency Response Team (CERT). VMware identified the problem as an OpenSLP heap-overflow vulnerability that might result in the execution of arbitrary code in its own alert that was published at the time. The virtualization services provider stated that a malicious actor that is present on the same network segment as ESXi and has access to port 427 may be able to start the heap-overflow problem that leads to remote code execution in the OpenSLP service read the complete article New Wave of Ransomware Attacks Exploiting VMware Bug to T...
0ktapus hackers are back and targeting tech and gaming companies, says leaked report
Risk, Security

0ktapus hackers are back and targeting tech and gaming companies, says leaked report

According to a report obtained by TechCrunch, the hackers who reportedly attacked more than 130 organizations last year and stole the login information for close to 10,000 employees are still focusing on a number of tech and video game companies. The hackers are referred to as "Scattered Spider" in the report written by cybersecurity company CrowdStrike. The company made reference to the report released by Group-IB, another cybersecurity company, last year when it stated that this group is also known as "Roasted 0ktapus" in a prior report that was made publicly available. Threat intelligence firms create reports like the one TechCrunch was able to receive for their clients in an effort to warn them about hackers who are either directly targeting them or other businesses in the same ...
Threat Actors Use ClickFunnels to Bypass Security Services
Risk, Security

Threat Actors Use ClickFunnels to Bypass Security Services

Threat actors have been observed navigating around security measures and rerouting users to malicious links by using the trusted ClickFunnels service. Avanan, a Check Point Software company, had security researchers discuss the findings in an advisory that was shared with Infosecurity and released earlier today. According to Jeremy Fuchs, marketing content manager at Avanan, "ClickFunnels is an internet tool that helps entrepreneurs and small businesses generate leads, construct marketing engines, and expand their enterprises." However, hackers are using it to get around security measures. Threat actors have specifically taken advantage of ClickFunnels read the complete article Threat Actors Use ClickFunnels to Bypass Security Services. You can protect your business and yourse...