For many years, Google has been monitoring the activity of commercial spyware sellers and in conjunction with Google’s Project Zero,  discovered the fact that RCS Labs, an Italian vendor, utilizes unusual drive-by downloads as first infection vectors to target iOS and Android mobile users.What Happened?Every campaign that TAG was made aware of began wi

Tropic Trooper is an independent terrorist organization that has conducted operations directed at specific targets in Taiwan, the Philippines, and Hong Kong. Since 2011, Tropic Trooper has been operating with the goal of targeting organizations in the public sector, the healthcare industry, the transportation sector, and the high technology sector.What Happe

Yodel is a delivery service company from the United Kingdom. It was initially known as the Home Delivery Network, until it bought the B2B and B2C businesses of DHL Express UK and afterward, renamed itself as Yodel in May 2010.What Happened?A cyberattack has caused delays in package distribution and online order tracking for the delivery service firm Yodel, w

To obtain Microsoft Office 365 and Outlook credentials, a new phishing operation has been targeting U.S. firms in the military, security software, manufacturing supply chain, healthcare, and pharmaceutical sectors. The operation is still active, and the attacker responsible is luring victims into opening a malicious HTML file with fake voicemail notification

Flagstar Bank is a financial institution with its headquarters located in Michigan and is one of the major residential mortgage servicers in the United States, being ranked among the top five largest banks in the country.What Happened?During a cyberattack in December, cybercriminals gained access to the personal information of 1.5 million Flagstar Bank clien

A new DeadBolt ransomware campaign has been brought to the attention of individuals and enterprises who use network-attached storage (NAS) machines manufactured by QNAP Systems, which is located in Taiwan.As HELPNETSECURITY explained, there also seems to be a fresh ech0raix/QNAPCrypt campaign that is now running; however, QNAP has not yet commented on this m

According to Microsoft, the BlackCat ransomware group is gaining access to targeted networks by exploiting unpatched Exchange server security flaws.After gaining access, the threat actors quickly began collecting data about the infected systems, followed by credential theft and lateral movement activities, intellectual property gathering, and delivering the

MaliBot can steal screenshots, intercept notifications and SMS messages, log boot operations, and provide its operators with remote control capabilities using a VNC system.The operators are granted the ability to travel between displays through VNC, as well as a scroll, take screenshots, copy and paste material, swipe, and conduct long pushes. In addition, t

Research conducted by Cymulate, a cybersecurity intelligence platform, found that 39 % of businesses were victims of cybercrime during the course of the preceding year; of those, two-thirds were victimized more than once. One in ten of the people who were struck more than once became prey to further cyberattacks of 10 or more instancesIt wasn’t one and

ALPHV BlackCat is a RaaS, therefore the ALPHV BlackCat operators recruit affiliates to perform corporate breaches and encrypt devices. ALPHV ransomware executable is written in Rust, a programming language that, while not often used by malware creators, is gaining popularity because of its high efficiency and memory safety.Ransomware-as-a-Service is an illic

Last month, security specialists found adware and info-stealing malware on the Google Play Store, with at least five threats still obtainable and with more than 2 million downloads.Adware infections showing unsolicited ads degrade the user experience, use up the battery, generate heat, and can even lead to fraudulent transactions.This software typically atte

The Vice Society ransomware gang declared that it had been behind the recent attack that targeted the capital of the Italian island of Sicily, Palermo. The incident has caused a large-scale service outage.The cyberattack took place last Friday, and all internet-based services are still down, affecting 1.3 million people and tourists who are there for vacatio

The infamous piece of malware known as Emotet has begun to distribute a new module that is intended to steal credit card information that is saved in the Chrome web browser.The event takes place in the midst of a rise in Emotet activity, which has been seen since the group was revived around the end of last year. Prior to that, it had been dormant for ten mo

Cybersecurity specialists discovered a massive phishing campaign that used Facebook Messenger to trick millions of individuals into entering their login details and watching advertisements on phishing pages.These stolen accounts were used by the threat actors to deliver more phishing messages to their friends, resulting in impressive earnings from online adv

An advisory recently published by multiple US federal agencies shows that Chinese state-backed cybercriminals have attacked and impacted important telecommunications organizations and network service providers in order to snatch credentials and collect sensitive data.This joint cybersecurity advisory was coauthored by the National Security Agency (NSA), the