New Purple Fox version includes Rootkit and implements wormable propagation

Researchers from Guardicore have spotted a new variant of the Purple Fox Windows malware that implements worm-like propagation capabilities. Researchers from Guardicore have discovered a new version of the Purple Fox Windows malware that implements worm-like propagation capabilities.Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails. Previous versions of […]

The post New Purple Fox version includes Rootkit and implements wormable propagation appeared first on Security Affairs.

2021-03-29T02:52:58-04:00March 29th, 2021|Latest Cyber Attacks, Malware|

Energy giant Shell discloses data breach caused by Accellion FTA hack

Oil and gas giant Royal Dutch Shell (Shell) discloses a data breach resulting from the compromise of its Accellion File Transfer Appliance (FTA) file sharing service. Energy giant Shell disclosed a data breach resulting from the compromise of an Accellion File Transfer Appliance (FTA) used by the company. Shell is an Anglo-Dutch multinational oil and […]

The post Energy giant Shell discloses data breach caused by Accellion FTA hack appeared first on Security Affairs.

2021-03-23T05:06:06-04:00March 23rd, 2021|Latest Cyber Attacks, Malware|

CISA and FBI warn of ongoing TrickBot attacks

CISA and FBI are warning of ongoing TrickBot attacks despite security firms took down the C2 infrastructure of the infamous botnet in October. The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) warn of ongoing Trickbot attacks despite in October multiple security firms dismantled its C2 infrastructure in a joint operation. On […]

The post CISA and FBI warn of ongoing TrickBot attacks appeared first on Security Affairs.

2021-03-19T08:30:12-04:00March 19th, 2021|Latest Cyber Attacks, Malware|

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Group-IB published a report titled “Ransomware Uncovered 2020-2021”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021”. The research dives deep into the global ransomware outbreak in 2020 and analyzes major players’ TTPs (tactics, techniques, and procedures). By […]

The post Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150% appeared first on Security Affairs.

2021-03-04T06:52:48-05:00March 4th, 2021|Latest Cyber Attacks, Malware|

Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys

Cybersecurity firm Qualys seems to have suffered a data breach, threat actors allegedly exploited zero-day flaw in their Accellion FTA server. Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server. A couple of weeks ago, security experts […]

The post Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys appeared first on Security Affairs.

2021-03-03T18:14:44-05:00March 3rd, 2021|Latest Cyber Attacks, Malware|

Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack

Dutch Research Council (NWO) confirmed that the recent cyberattack that forced it to take its servers offline was caused by the DoppelPaymer ransomware gang. On February 14, Dutch Research Council (NWO) was hit by a cyber attack that compromised its network and impacted its operations. In response to the incident, the Dutch Research Council (NWO) […]

The post Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack appeared first on Security Affairs.

2021-02-26T18:09:32-05:00February 26th, 2021|Latest Cyber Attacks, Malware|

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The experts discovered the custom backdoor while investigating an […]

The post North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor appeared first on Security Affairs.

2021-02-26T18:09:32-05:00February 25th, 2021|Latest Cyber Attacks, Malware|

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day […]

The post Airplane manufacturer Bombardier has disclosed a security breach, data leaked online appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 24th, 2021|Latest Cyber Attacks, Malware|

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […]

The post FIN11 cybercrime group is behind recent wave of attacks on FTA servers appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 23rd, 2021|Latest Cyber Attacks, Malware|

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was […]

The post Researchers uncovered a new Malware Builder dubbed APOMacroSploit appeared first on Security Affairs.

2021-02-22T02:28:33-05:00February 22nd, 2021|Latest Cyber Attacks, Malware|
Go to Top