Microsoft security researchers have recently published an article detailing a widespread phishing campaign looking to steal credentials by abusing redirector links. At first, the potential victim is baited by impersonations of well-known productivity tools. They are then redirected to multiple sites
FIN8 is a purely financially motivated cybercrime organization and since 2016, the group has successfully operated by targeting retail, restaurant, hospitality, healthcare, and entertainment industries. This is done to primarily steal payment information from Point of Sale (POS) devices those indust
The LockBit ransomware gang has been operational since 2019. In June 2021, the gang deployed a newer version of the ransomware, dubbed LockBit 2.0 by its developers, was seen by researchers making a stir on underground forums. Now, a report published by Trend Micro details how the new version has be
Getting to peek behind the curtains of a ransomware operation is rare. Figuring out the inner workings of modern ransomware-as-a-service operations is an investigation that can take hours upon hours to glean the smallest bits of information. Sometimes discoveries are made that pull the curtain back
Microsoft’s ever-popular Office 365 has been a favored target for many hackers. This is partly due to the popular application enjoying widespread adoption in both the corporate and government spheres as employees use many of the bundled applications for daily work life and the ability to easily shar
Bloomberg reports that hackers have just successfully stolen roughly 600 million USD from a decentralized finance platform. The theft occurred on the Poly Network which allows users to swap tokens across several blockchains. Tens of thousands of users are believed to be impacted by the theft with a
While classified as a new strain of ransomware BlackMatter is strongly believed to be a rebranding of the DarkSide ransomware operation infamous for the Colonial Pipeline Incident that drew far too much attention to the gang. BlackMatter is more than a rebranding and does boast some unique features,
As info stealers go Racoon Stealer has to be one of the more prolific malware strains of its type in recent memory. This is due in part to the malware being offered as a service, similar to how ransomware-as-a-service or other malware-as-a-service business models have been adopted recently. This mod
On July 9, 2021, the railway service used by Iranians for their daily transport needs suffered a cyber attack. New research published by Sentinel One reveals that the chaos caused during the attack was a result of a previously undiscovered form of wiper malware, called Meteor. The attack resulted i
According to a recently published report by the Sygnia Incident Response team, internet-facing Windows servers are being targeted by an advanced persistent threat group called Praying Mantis, or less glamorously TG1021. What makes their attack campaigns noteworthy is that they are almost exclusively