Researchers have identified the real-world identity of the threat actor behind Golden Chickens Malware-as-a-Service (MaaS), known as “badbullzvenom.”A 16-month-long investigation by eSentire’s Threat Response Unit revealed multiple instances of the badbullzvenom account being shared between two individuals.The second threat actor, Frapstar,
Researchers discovered a new attack on a Ukrainian target performed by Russian threat actors that used a new wiper malware that compromises the Windows operating system.SwiftSlicer, as the new malware was named, is attributed to the Sandworm malicious group known to work for the Russian General Staff Main Intelligence Directorate (GRU).More on the New SwiftS
Cybersecurity researchers uncovered a new strain of ransomware named Mimic. Mimic uses Everything API, a file search tool for Windows, to search for files to encrypt.Some of the code in Mimic is similar to that found in Conti, whose source code was leaked to a Ukrainian researcher in March 2022.As a sophisticated malware, Mimic can eliminate shadow copies, s
One of the most recent finds exposed the Aurora Stealer malware imitating popular applications to infect as many users as possible.Cyble researchers were able to determine that, in order to target a variety of well-known applications, the threat actors are actively changing and customizing their phishing websites. Aurora targets data from web browsers and cr
Federal authorities have taken down a website run by a notorious ransomware gang known to extort millions of dollars from victims as part of a global cybercrime operation.The FBI seized a cache of computer servers supporting the Hive group in Los Angeles late Wednesday, according to Attorney General Merrick Garland. At the same time, foreign law enforcement
Flaws found in the Galaxy App Store gave attackers the ability to install apps without the user’s knowledge and send them to malicious sites.Samsung was notified regarding flaws CVE-2023-21433 and CVE-2023-21434, in November and December 2022. After flagging the first bug as high and the second one as moderate risk, the company announced fixing both, o
The Federal Bureau of Investigation (FBI) has confirmed that the cyberattacks on Harmony Horizon, which resulted in the theft of $100 million worth of Ethereum, were coordinated by North Korean state-sponsored hacking group, Lazarus.The North Korean APT has moved $63.5 million from the Harmony Horizon hack it was responsible for last year.1/2 North Korea’s L
A phishing scam using legitimate remote monitoring and management (RMM) software was used to target at least two federal agencies in the U.S.Specifically, cyber-criminal actors sent phishing emails that led to the download of legitimate RMM software – ScreenConnect (now ConnectWise Control) and AnyDesk – which they then used in a refund scam to s
On January 25th, Killnet Russian activist threat group put several German websites offline after performing a DDoS attack.The hackers claimed they targeted government websites, banks, and airports as a reaction to Germany`s decision to supply Ukraine with 2 Leopard tanks. According to Germany’s BSI cyber agency, the attack campaign had low, short-term effect
Last week, video game developer Riot Games, which is behind popular games such as League of Legends and Valorant had its development environment compromised by threat actors through a social engineering attack. This week, the attackers demanded a $10 million ransom for source code stolen from League of Legends.The LA-based publisher took to Twitter to declar
Google has been sued by the U.S. Justice Department (DOJ) for exploiting its market dominance in online advertising.Tuesday, 24 January 2023, a lawsuit was filed by the DOJ along with eight states: Virginia, California, Colorado, Connecticut, New Jersey, New York, Rhode Island, and Tennessee.Why Is Google in the Wrong?The American firm is accused of buying o
The largest Russian ISP, Rostelecom, reports that DDoS attacks against Russian businesses hit an all-time high in 2022.In distributed denial of service attacks (DDoS), threat actors try to make a website or service that uses the internet inaccessible by flooding it with so many requests that the server can’t accept any more connections. This makes the
An “expansive” adware operation that spoofs over 1,700 apps from 120 publishers and affects around 11 million devices has been stopped by researchers.Dubbed VASTFLUX, the malvertising attack injected malicious JavaScript code into digital ad creatives and allowed threat actors to stack invisible ad videos behind one another to register ad revenue
On Thursday, 19 January 2023, The Irish Data Protection Commission (DPC) announced a fine of €5.5 million for WhatsApp over breaking privacy laws when handling users’ private information.Why the Fine Was Issued?The issue of the fine is an update dating from May 2018, just days before the General Data Protection Regulation (GDPR). In that update for Wha
T-Mobile announced a new data breach after a threat actor used one of its Application Programming Interfaces to steal personal data from 37 million active postpaid and prepaid customer accounts (APIs).37 Million Accounts ImpactedOn Thursday, the telecommunication giant T-Mobile revealed that it detected malicious activity on January 5, 2023. The attacker sta
Announce
Share high-quality web security related articles with you:)