News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: group

Campaigns by cybercriminal group TA4903
March 17, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Cybersecurity experts have identified new campaigns by cybercriminal group TA4903, which specializes in phishing and business email compromise (BEC, also known as CEO fraud). The group is a group of financially motivated cyber criminals who have recently made a name for themselves through large-scale email campaigns. US organizations in particular find themselves in the crosshairs of attackers, and occasionally companies from other parts of the world too. Proofpoint's key takeaways from TA4903: TA4903 has two main goals: credential phishing and BEC. The group regularly runs campaigns where they present themselves as…

Read more

CosmicBeetle attacks European organizations 
September 16, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The hacker group CosmicBeetle attacks organizations worldwide, especially European ones. The group uses the Spacecolon toolset to spread ransomware among its victims and extort ransoms. The attackers exploit the zero-logon vulnerability in web servers for their attacks. Alternatively, hackers resort to classic brute force attacks on RDP credentials to break into organizations. Spacecolon has been active since at least May 2020 to date. CosmicBeetle also operates globally The specialists at ESET were able to track CosmicBeetle and its tools worldwide. Countries in the European Union such as Spain, France, Belgium, etc. are particularly affected.

Read more

Microsoft discovers Storm-0978 spying phishing
July 16, 2023
| No comments
| PR News
Microsoft discovers Storm-0978 spying phishing

Microsoft has identified a phishing campaign by Russian threat actor Storm-0978 targeting defense and government agencies in Europe and North America. It's about financial data and espionage in the attack. Storm-0978 (DEV-0978; also referred to by other vendors as RomCom, the name of their backdoor) is a Russia-based cybercriminal group known for conducting opportunistic ransomware and extortion operations, as well as credential-targeting attacks. Storm-0978 operates, develops and distributes the RomCom backdoor. The actor also deploys the underground ransomware, which is closely related to the Industrial Spy ransomware, which first appeared in the wild in May 2022…

Read more

Lazarus Group Unleashes Backdoor DTrack on Businesses
18 December 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

Notorious APT actor Lazarus is expanding its attacks and is now targeting companies in Europe, including Germany and Switzerland. The Kaspersky experts were able to identify attacks with the backdoor DTrack on two German chemical processing and manufacturing companies and one on a Swiss chemical processing company. Lazarus has been active since at least 2009 and has been blamed for cyber espionage, cyber sabotage and ransomware attacks. Initially, the group was focused on implementing what appeared to be a geopolitical agenda centered primarily on South Korea….

Read more

ESET: Cyber ​​espionage group Worok exposed
September 25, 2022
| No comments
| ESET, Short news
Eset_News

The targets of Worok cyber espionage are high-ranking institutions in the telecommunications, banking, energy, military, government and shipping sectors. The group is currently still targeting Asia, Africa and the Middle East. The Worok hacker group uses targeted attacks to spy on high-ranking institutions in Asia, Africa and the Middle East. Researchers from the European security manufacturer ESET have succeeded in uncovering the activities of the actors and analyzing their previously unknown tools. The group has been active since 2020, but has been on the road again since February 2022 after a longer break. Worok uses in-house developments The arsenal…

Read more

Findings on the Black Basta ransomware group
September 21, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Unit 42, Palo Alto Networks' malware analysis team, has released a report detailing the Black Basta ransomware group, which first appeared in April 2022 and has been on the rise ever since. Since the emergence of ransomware, members of the group have been very active in distributing and extorting companies. The attackers run a cybercrime marketplace and blog where the group lists their victims' names, descriptions, publication percentage, number of visits, and any data exfiltrated. Black Basta runs its own leak page Although the…

Read more

Lorenz ransomware slips through VoIP phone vulnerability 
September 18, 2022
| No comments
| PR News
Lorenz ransomware slips through VoIP phone vulnerability

Arctic Wolf recently investigated a Lorenz ransomware attack that used a vulnerability in the Mitel MiVoice VoIP appliance (CVE-2022-29499) for first access and Microsoft's BitLocker Drive Encryption for data encryption. Users of the VoIO solution should urgently run the security patches. Lorenz is a ransomware group that has been active since February 2021 at the latest and, like many ransomware groups, exfiltrates data from its attack target before encrypting the systems. In the most recent quarter, the group primarily targeted small and medium-sized businesses in the United States, but organizations in China and Mexico were also hit. SMEs…

Read more

Luna ransomware group uses OS-independent programming language 
August 19, 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

Kaspersky researchers have identified a new ransomware group that further underlines the trend towards using cross-platform functionalities. The Luna group uses ransomware written in Rust. It allows malware to be easily adapted from one operating system to another. Using malware written in Rust, Luna can attack Windows, Linux, and ESXi systems at once. The Dark Web ad spotted by Kaspersky states that Luna only works with Russian-speaking partners. Additionally, the ransom note hard-coded in the binary contains some typos, which suggests…

Read more

APT group lures people into the trap with phishing emails about the Ukraine war
4 April 2022
| No comments
| ESET, Short news
Eset_News

ESET researchers have uncovered an ongoing phishing email campaign by cyber-espionage group Mustang Panda. This is notorious for attacking government institutions, companies and research institutes. In the current case, the APT (Advanced Persistent Threat) group is attacking organizations in Asia, Sudan, South Africa, Cyprus and Greece. The victims are lured into the trap with phishing e-mails that deal with the Russian invasion of Ukraine. Other topical lures in the digital post included a COVID-19 travel restriction, an approved assisted area map for Greece and a European Parliament regulation. Those who fell for the criminals paved the way for…

Read more

FBI warns of Cuba ransomware group
27 December 2021
| No comments
| Short news
B2B Cyber ​​Security ShortNews

49 organizations from five sectors of the critical infrastructure were attacked by the ransomware group Cuba, according to the FBI. The damage is at least $ 43,9 million. At the end of last week, the American FBI issued a warning warning of the machinations of the Cuba ransomware group. Recently, it appears to have been targeting companies in the finance, healthcare, manufacturing, information technology and government organizations that are part of the critical infrastructure in particular. The press release reported 49 known cases in which at least $ 43,9 million in ransom were extorted. As if this sum ...

Read more

© 2024 MedPressIT GbR
Cookie Settings