The prolific TA505 cybercrime group targeted corporate networks across Europe using spear-phishing emails to spread the SDBbot remote access Trojan, according to IBM X-Force researchers. The malicious messages were disguised as emails from HR departments.
The State Department is offering a $5 million reward for information about North Korean-sponsored hacking campaigns, according to an advisory released this week by several U.S. agencies about the ongoing threat these campaigns pose to financial institutions and others.
Many criminals are continuing to tap cybercrime platforms and services to make it easier to earn an illicit paycheck, sometimes by combining tools, such as Emotet, Ryuk and TrickBot. This "loader-ransomware-banker trifecta has wreaked havoc" in recent years, says security firm Intel 471.
In January, hackers reportedly compromised portions of the New York state government's computer network by taking advantage of an unpatched vulnerability in Citrix enterprise software. Although state officials say no data was compromised, the attack reportedly disabled some state agency information systems.
The SEC has settled charges against two traders who were accused of profiting from the hacking of an SEC EDGAR system server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.
Travelex, a London-based foreign currency exchange that does business in 26 countries, including the U.S., paid a ransomware gang $2.3 million to regain access to its data following an attack, the Wall Street Journal reports. The incident crippled the company's customer services for weeks.
Cybercrime groups and nation-state hacking gangs are continuing to exploit the COVID-19 pandemic to further their aims, U.K. and U.S. security agencies warn in a joint alert. While overall attack levels haven't increased, they say, "the frequency and severity of COVID-19-related cyberattacks" looks set to surge.
The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch DDoS attacks on demand, according researchers at Bitdefender.
A recent disinformation campaign that apparently originated in Russia used forged U.S. diplomatic documents and social media to spread false stories in Eastern Europe and Asia, according to a new research report, which warns that these tactics could be used against the U.S. in the run-up to the fall election.
For nearly a decade, five hacking groups with apparent links to the Chinese government have targeted vulnerable Linux servers that make up the backend IT infrastructure of thousands of companies and organizations around the world, according to a research report from BlackBerry.
Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns. Despite some gangs claiming to no longer be targeting healthcare organizations, experts have seen "no abatement, empathy or free decryptor" from any of them.
Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report.
AI meeting assistants present increasing risks as more companies rely on teleconferencing during the COVID-19 pandemic, says U.K.-based Steve Marshall, CISO at Bytes Technology, an IT and cybersecurity consultancy, who discusses risk mitigation steps.