Malware

Malvertising Campaigns Surged in 2023

Apr 11, 2024 By Stu Sjouwerman In KnowBe4

Researchers at BlueVoyant observed a 50% increase in large-scale malvertising campaigns in 2023 compared to 2022. “Fraudulent search engine ads appear as benign advertisements, almost indistinguishable from legitimate ones,” the researchers write. “This makes ads a highly effective distribution mechanism since users often rely on the top search result rather than directly typing in a domain.

Read Post

KnowBe4

Read more about Malvertising Campaigns Surged in 2023

Accelerating Ransomware Recovery with Rubrik Threat Hunting for U.S. Government

Apr 10, 2024 By Alok Shah In Rubrik

At this point, it is clear: cyber attacks from nation-state adversaries persistently threaten local, state, and federal governments, as well as educational institutions. It is not a matter of if bad actors can penetrate existing security controls, as they are already doing so and will continue to do so. Whether it is due to one unpatched machine or one user clicking on a link in an email, we believe cyberattacks are inevitable.

Read Post

Rubrik

Read more about Accelerating Ransomware Recovery with Rubrik Threat Hunting for U.S. Government

CTI Roundup: LockBit Update, Earth Freybug Deploys UNAPIMON Malware

Apr 10, 2024 By Tanium In Tanium

Law enforcement’s impact on LockBit, how unpatched vulnerabilities contribute to ransomware attacks, and Earth Freybug deploys UNAPIMON malware.

Read Post

Tanium

Read more about CTI Roundup: LockBit Update, Earth Freybug Deploys UNAPIMON Malware

Responsible AI: How teams move faster and safer with Rubrik Laminar DSPM.

Apr 10, 2024 By Filip Verloy In Rubrik

We are in a new global AI race to unlock new, knowledge-based capabilities at a scale never before seen. Companies like OpenAI have proven that early movers reap outsized rewards, so speed is of the essence.

Read Post

Rubrik

Read more about Responsible AI: How teams move faster and safer with Rubrik Laminar DSPM.

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

Apr 9, 2024 By Stu Sjouwerman In KnowBe4

A new PhaaS service brings the power of bypassing multi-factor authentication (MFA) to the world’s most-used email platforms. At its core, Tycoon 2FA isn’t doing anything new. It uses a reverse proxy server to host a phishing web page that impersonates the legitimate email platform in question. Then it intercepts the victim's input and relays them to the legitimate service. But it’s how this platform does it that is sophisticated.

Read Post

KnowBe4

Read more about New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

Large-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.

Apr 8, 2024 By Stu Sjouwerman In KnowBe4

A new campaign of StrelaStealer attacks identified by security analysts at Unit42 has been spotted targeting E.U. and U.S. organizations. This somewhat new infostealer has evolved to be even better at evading detection in a new string of campaigns aimed at stealing email credentials from well-known email clients.

Read Post

KnowBe4

Read more about Large-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.

CL0P Ransomware: The Latest Updates

Apr 7, 2024 By Cyberint Research In Cyberint

Responsible for a number of infamous ‘big game hunter’ ransomware attacks and believed active since at least 2019, the ransomware threat group dubbed ‘CL0P‘ is thought to be a Russian-language cybercriminal gang and have been widely reported as associated with, or their malware adopted by, other cybercriminal groups including ‘FIN11’, a part of the larger financially-motivated ‘TA505’ group, and ‘UNC2546’.

Read Post

Cyberint

Read more about CL0P Ransomware: The Latest Updates

The Uptick in RA Group Ransomware's Activity

Apr 7, 2024 By Adi Bleih In Cyberint

In April 2023, Researchers uncovered a new ransomware actor named RA Group, demonstrating a connection to the Babuk ransomware through the utilization of leaked source code. Following the full disclosure of Babuk’s ransomware source code by an alleged group member in September 2021, various ransomware families have emerged, incorporating this leaked code into their attacks.

Read Post

Cyberint

Read more about The Uptick in RA Group Ransomware's Activity

Foresiet Threat Research Alert: Caution! Cybercriminals Posing as NordVPN Infect Millions through Google and Bing Ads!

Apr 5, 2024 By Foresiet In Foresiet

Google has historically served as a prominent platform for such malicious advertisements. However, Bing is now increasingly susceptible to becoming a target due to its tight integration with the Windows ecosystem and the Edge browser. Bing searches are being manipulated to redirect users to a counterfeit website closely resembling the legitimate NordVPN site. To further deceive users, the threat actors attempted to digitally sign a malicious installer and hosted it on Dropbox.

Read Post

Foresiet

Read more about Foresiet Threat Research Alert: Caution! Cybercriminals Posing as NordVPN Infect Millions through Google and Bing Ads!

Shamane Tan on professional growth - Cyber Security Decoded

Apr 5, 2024 By Rubrik In Rubrik

On Cyber Security Decoded, Shamane Tan reflects on those who have shown her support during her career, and emphasizes the importance of giving back to others who are just starting out in #CyberSecurity. If you’re getting started in the #technology industry, seeking out mentorship can be vital for your career and building a ladder. And if you’re a leader, giving back by sharing your experiences by those looking to find a career path can be very rewarding and contribute to the overall success and growth of your organization.

View Video