FamousSparrow APT Wings in to Spy on Hotels, Governments
A custom “SparrowDoor” backdoor has allowed the attackers to collect data from targets around the globe.
A cyberespionage group dubbed “FamousSparrow” by researchers has taken flight, targeting hotels, governments and...
5 Tips for Achieving Better Cybersecurity Risk Management
Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively.
When thinking about cybersecurity risk management, think about the last time you...
VMware Warns of Ransomware-Friendly Bug in vCenter Server
VMware urged immediate patching of the max-severity, arbitrary file upload flaw in Analytics service, which affects all appliances running default 6.5, 6.7 and 7.0 installs.
VMware has released a security...
How REvil May Have Ripped Off Its Own Affiliates
A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliates’ cuts of ransom payments.
There’s no honor between thieves,...
Turla APT Plants Novel Backdoor In Wake of Afghan Unrest
“TinyTurla,” simply coded malware that hides away as a legitimate Windows service, has flown under the radar for two years.
The Turla advanced persistent threat (APT) group is back...
Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?
Nick Kael, CTO at Ericom, discusses how phishing is gaining sophistication and what it means for businesses.
Hackers are upping their game, using an approach I call “Deep Sea Phishing,”...
Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang
Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems.
Criminals behind the Ryuk ransomware were early exploiters...
AT&T Phone-Unlocking Malware Ring Costs Carrier $200M
With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier’s U.S. network — all the way...
Financial Cybercrime: Following Cryptocurrency via Public Ledgers
John Hammond, security researcher with Huntress, discusses a wallet-hijacking RAT, and how law enforcement recovered millions in Bitcoin after the Colonial Pipeline attack.
This is Part II of a two-part...
Airline Credential-Theft Takes Off in Widening Campaign
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom.
A two-year-old espionage campaign against the airline industry is...
