Fresh samples of Qakbot malware have been circulating in email campaigns since mid-December, indicating ongoing experimentation by its developers. One variant uses a fake Adobe product installer to deceive users into installing the malware on Windows systems. Qakbot, also known as QBot, has long been used to deliver various malicious payloads, including ransomware, primarily through […]
Unveiling the New Developments in Qakbot Malware Read More »
A group called GoldFactory has made advanced banking malware, like GoldPickaxe for iOS and GoldDigger for Android, targeting countries like Thailand and Vietnam. They trick people into downloading the malware through fake messages and websites, stealing personal information and intercepting messages. PC Matic is a 100% USA-based cybersecurity solution, providing industry-leading security that is affordable
GoldFactory: The Masterminds Behind Advanced Mobile Banking Malware Read More »
Prudential Financial, a major global financial services company, suffered a breach last week where attackers accessed employee and contractor data before being stopped from further access. The company, managing $1.4 trillion in assets and serving over 50 million customers worldwide, detected the breach on February 5, one day after unauthorized access. The breach was disclosed
Prudential Financial Faces Cybersecurity Breach Read More »
Southern Water, a company providing water services across several regions in England, has disclosed that data belonging to 5-10% of its customers has been compromised in a cyber attack. Personal information and financial data may have been stolen and potentially sold on the dark web. The compromised data includes names, dates of birth, national insurance
Southern Water Cyber Attack: Personal Data of Thousands Compromised Read More »
The Health Sector Cybersecurity Coordination Center (HC3) has released an analyst note detailing the activities of the Akira ransomware group. Akira has conducted 81 cyberattacks, targeting various sectors, including healthcare, and is suspected to have ties with the Conti ransomware gang. HC3 warns that Akira operates as a ransomware-as-a-service (RaaS) operation, employing double extortion tactics
Akira Ransomware Poses Growing Threat to Healthcare and Critical Sectors Read More »
A significant ransomware attack has disrupted the operations of 21 hospitals in Romania, causing their healthcare management system, the Hipocrate Information System (HIS), to go offline. The attack, which occurred over the weekend, encrypted the system’s database, rendering it inaccessible. The Romanian Ministry of Health confirmed the incident and stated that IT specialists, including cybersecurity
Ransomware Attack Shuts Down Healthcare System in Romania: 21 Hospitals Offline Read More »
A cyberattack targeting the Colorado State Public Defender’s Office has shut down its computer network, leaving public defenders across the state unable to access essential work systems. This attack, identified as malware encryption, has rendered public defenders incapable of accessing court documents and filings and performing significant work for their clients. The Office spokesperson, James
Colorado State Public Defender’s Office Paralyzed by Cyberattack Read More »
A new variant of the XLoader malware has been discovered, capable of automatically launching on infected Android smartphones without user interaction. This strain can extract sensitive data such as photos, messages, and contact lists. Distributed through shortened links in text messages, XLoader impersonates Google Chrome to gain permissions and evade detection. It can even extract
New XLoader Variant: Android Malware Evolves to Auto-Launch Threat Read More »
Security researcher Kevin Beaumont is warning about the efforts of ransomware groups Akira and Lockbit to exploit older vulnerabilities in Cisco ASA SSL VPN devices. These groups target vulnerabilities for which patches have been available since 2020 and 2023. Beaumont emphasizes the importance for administrators to upgrade to the latest ASA release, particularly on devices
Ransomware Threat Alert: Urgent Patching Needed for Cisco ASA SSL VPN Vulnerabilities Read More »
The notorious Russian ransomware group ALPHV/BlackCat claims to have stolen a significant amount of military documents from a contractor of the Pentagon, impacting Virginia-based IT services firm Technica Corporation. This firm purportedly has access to classified information from US intelligence agencies. The breach also affected entities like the FBI and DCSA. The ransomware gang threatens
ALPHV/BlackCat Ransomware Resurfaces: Threatens to Expose Stolen Military Documents Read More »