Lazarus APT Uses Windows Update to Spew Malware
The group once again dangled fake job opportunities at engineers in a spear-phishing campaign that used Windows Update as a living-off-the-land technique and GitHub as a C2.
Read MoreZerodium Spikes Payout for Zero-Click Outlook Zero-Days
The sweetened deal came on the same day that Trustwave SpiderLabs published a new way to bypass Outlook security to deliver malicious links to victims.
Read MoreConti, DeadBolt Ransomwares Target Delta, QNAP
QNAP had to push out an unexpected (and not entirely welcome) NAS device update, and Delta Electronics’ network has been crippled.
Read MoreWho Wrote the ALPHV/BlackCat Ransomware Strain?
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat“), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. In this post, we’ll explore some of the clues left behind by a developer who was reputedly hired to code the ransomware…
Read MoreScary Fraud Ensues When ID Theft & Usury Collide
What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience spotlights what can happen when ID thieves and…
Read MoreCrime Shop Sells Hacked Logins to Other Crime Shops
Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites. Criminals…
Read MoreAs easy as 123456 !
Data security breaches have become common place over the last 10 years, so much so that as an industry we have almost become immune to them. However a recent study carried out by a Turkish Security researcher, Ata Hakcil, on password reuse found after analysing over a billion credentials that “123456” was the most commonly…
Read MoreThe Problem with the Kill Chain
The Kill Chain is IMHO yet another flawed term that has been adopted by the IT Security Industry to describe the methodology that attackers use against organisations to steal or compromise their assets. The term originates from the military and was first used by Lockheed Martin in 2009 to describe the steps an adversary would use…
Read More