Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ​A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from […]

The post Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha appeared first on Security Affairs.

2021-02-27T13:18:41-05:00February 27th, 2021|Latest Cyber Attacks, Malware, Ransomware|

Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack

Dutch Research Council (NWO) confirmed that the recent cyberattack that forced it to take its servers offline was caused by the DoppelPaymer ransomware gang. On February 14, Dutch Research Council (NWO) was hit by a cyber attack that compromised its network and impacted its operations. In response to the incident, the Dutch Research Council (NWO) […]

The post Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack appeared first on Security Affairs.

2021-02-26T18:09:32-05:00February 26th, 2021|Latest Cyber Attacks, Malware|

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The experts discovered the custom backdoor while investigating an […]

The post North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor appeared first on Security Affairs.

2021-02-26T18:09:32-05:00February 25th, 2021|Latest Cyber Attacks, Malware|

Cisco fixes maximum severity MSO auth bypass vulnerability

Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine. Cisco ACI MSO is an intersite network and policy orchestration solution that helps admins monitor the health of their organizations' interconnected sites across multiple data centers. Impacts only MSO 3.0 releases "A vulnerability in [...]

2021-02-26T18:09:32-05:00February 25th, 2021|General News|

Cyber-pandemic: The most notable cyber attacks of 2020

2020 and the COVID-19 pandemic saw employees move to remote working, keeping IT professionals on high alert for cyberattacks. Cynet has turned back the pages of 2020 to review the most noteworthy cyberattacks making up what it calls is the cyber-pandemic. "2020 was the year that COVID-19 brought a major cyber-pandemic to the world," the company says. An assessment by INTERPOL [...]

2021-02-26T18:09:31-05:00February 25th, 2021|General News|

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2.  This technique allows botnet operators to make their infrastructure resilient […]

The post A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 24th, 2021|Latest Cyber Attacks, Malware|

Cybercriminals Target QuickBooks Databases

The breaches start with two types of phishing attacks to gain access to QuickBooks databases, according to findings by ThreatLocker. In the first, the attackers send a PowerShell command that runs inside the malicious email. In the second, the attackers send a Word document via email; if the recipient opens the attached document, a macro or link within that document downloads a file onto their machine. Once the executable or PowerShell command runs, it retrieves the victim's most recently saved QuickBooks file location, points to the file share or local file, and grabs that file.

2021-02-28T01:58:33-05:00February 24th, 2021|General News|

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day […]

The post Airplane manufacturer Bombardier has disclosed a security breach, data leaked online appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 24th, 2021|Latest Cyber Attacks, Malware|

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […]

The post FIN11 cybercrime group is behind recent wave of attacks on FTA servers appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 23rd, 2021|Latest Cyber Attacks, Malware|

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was […]

The post Researchers uncovered a new Malware Builder dubbed APOMacroSploit appeared first on Security Affairs.

2021-02-22T02:28:33-05:00February 22nd, 2021|Latest Cyber Attacks, Malware|
Go to Top