Ransomware Attacks

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP […]

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by

North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, respectively, by Palo Alto Networks Unit

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER . “The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, which redirects

The recently discovered IronWind malware is distributed via email attachments, cleverly disguised as official correspondence related to the “Economic Cooperation Program with the Countries of the Gulf Cooperation Council 2023-2024.” Proofpoint cybersecurity researchers have discovered a new phishing campaign against Israeli entities, launched by a Middle Eastern APT group, TA402. Proofpoint has been monitoring TA402’s

Employee data—it contains some of your company’s most sensitive information. Salaries, social security numbers, health records…this stuff is like gold to cybercriminals.  While you need access to employee data to run your business, keeping it secure is seriously tricky with today’s sophisticated hacking threats. A data breach could wreck your operations and demolish trust with

According to eSentire, the ALPHV ransomware gang is employing the Nitrogen malware in the ongoing attacks. Cybersecurity experts at eSentire, a leading global cybersecurity solutions provider, have published details of an ongoing attack campaign from Russian-speaking affiliates of the notorious ALPHV (aka BlackCat) ransomware gang. According to eSentire’s Threat Response Unit (TRU) researchers, key targets

What do Boeing, an Australian shipping company, the world’s largest bank, and one of the world’s biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a critical vulnerability that security experts have warned of for more than a month, according

The notorious Lockbit ransomware group has leaked a trove of data belonging to the leading global aerospace company Boeing, apparently following failed ransom negotiations. The notorious LockBit ransomware group has struck again, and this time, its victim is aerospace giant Boeing. The ransomware gang infiltrated Boeing’s systems and stole a significant amount of sensitive data.