Three Nigerians have been extradited from the United Kingdom to the United States to face charges in relation to their roles in business email compromise (BEC) fraud schemes, the US Department of Justice announced.The three – Oludayo Kolawole John Adeagbo, Donald Ikenna Echeazu, and Olabanji Egbinola – allegedly caused losses of more than $5 million as part

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The latest version of the SOVA Tro

Dark web intelligence firm Cyble reports seeing an increase in cyberattacks targeting virtual network computing (VNC).The VNC graphical desktop-sharing system relies on the Remote Frame Buffer (RFB) protocol to provide control of a remote machine over a network.Exposing VNC to the internet has long been deemed a security risk, yet Cyble has identified over 8

China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS systems, Trend Micro reports.Also referred to as APT27, Bronze Union, Emissary Panda, Lucky Mouse, and TG-3390 (Threat Group 3390), Iron Tiger has been active since at least 2010, targeting hundreds of

A new type of scam, called “pig butchering” is gaining momentum. Pig butchering is a unique scam which uses a romance scam script, but with an investment spin on it, where victims are groomed to invest large sums of money, often on fake crypto apps. Behind the scenes of these scams are scam centers run by cryptocurrency scammers, who coerce human trafficking

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks. The Zeppelin ransomware first appeared on the threat l

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory detailing the Zeppelin ransomware.Initially detailed in 2019, Zeppelin is a highly targeted piece of ransomware derived from the Delphi-based Vega (VegaLocker) Ransomware-as-a-Service (RaaS) family.Over the past three year

The United States has been offering significant rewards for information on individuals involved in the Conti ransomware operation and the Department of State on Thursday provided additional details on who it’s looking for and even shared a photo of a suspect.The State Department is looking for information on the hackers behind Conti, TrickBot and Wizard Spid

A new zero-day vulnerability affecting Zimbra has been exploited to hack more than 1,000 enterprise email servers, according to incident response firm Volexity.In July and early August, Volexity was called in to investigate several Zimbra Collaboration Suite breaches. The company’s analysis showed that the attackers had most likely exploited CVE-2022-27925,

The Conti ransomware gang is using BazarCall phishing attacks as an initial attack vector to access targeted networks. BazarCall attack, aka call back phishing, is an attack vector that utilizes targeted phishing methodology and was first used by the Ryuk ransomware gang in 2020/2021. The BazarCall attack chain is composed of the following stages: S

Profit-driven cybercriminals breached Cisco systems in May and stole gigabytes of information, but the networking giant says the incident did not impact its business.Cisco on Wednesday released a security incident notice and a technical blog post detailing the breach. The intrusion was detected on May 24, but the company shared its side of the story now, sho

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Ta

The threat actor that recently breached Twilio systems also targeted Cloudflare, and a few of the web security company’s employees fell for the phishing messages.Twilio revealed over the weekend that it became aware of unauthorized access to some of its systems on August 4. An investigation showed that the attackers had tricked some of its employees into pro

10 packages have been removed from the Python Package Index (PyPI) because they were found harvesting data. Check Point researchers have discovered ten malicious packages on the Python Package Index (PyPI). The packages install info-stealers that allow threat actors to steal the private data and personal credentials of the developers. The researchers p

The number of ransomware attacks on industrial organizations decreased from 158 in the first quarter of 2022 to 125 in the second quarter, and it may be — at least partially — a result of the Conti operation shutting down.According to data collected by industrial cybersecurity firm Dragos, Conti accounted for a significant chunk of the ransomware attacks on