Ransomware attack on ION Group impacts derivatives trading market
The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks,…
Category: Bleeping Computer
Over 29,000 QNAP devices vulnerable to code injection attacks
Tens of thousands of QNAP network-attached storage (NAS) devices are waiting to be patched against a critical security flaw addressed by the Taiwanese company on…
New DDoS-as-a-Service platform used in recent attacks on hospitals
A new DDoS-as-a-Service (DDoSaaS) platform named ‘Passion’ was seen used in recent attacks by pro-Russian hacktivists against medical institutions in the United States and Europe.…
Over 1,800 Android phishing forms for sale on cybercrime market
A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from…
New HeadCrab malware infects 1,200 Redis servers to mine Monero
New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet…
LockBit ransomware goes ‘Green,’ uses new Conti-based encryptor
The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for…
New Nevada Ransomware targets Windows and VMware ESXi systems
A relatively new ransomware operation known as Nevada seems to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows…
Google Fi data breach let hackers carry out SIM swap attacks
Google Fi, Google’s U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its…
Arnold Clark customer data stolen in attack claimed by Play ransomware
Arnold Clark, self-described as Europe’s largest independent car retailer, is notifying some customers that their personal information was stolen in a December 23 cyberattack claimed…
Crypto scam apps infiltrate Apple App Store and Google Play
Operators of high-yielding investment scams known as “pig butchering” have found a way to bypass the defenses in Google Play and Apple’s App Store, the…
Hackers use new IceBreaker malware to breach gaming companies
Hackers have been targeting online gaming and gambling companies with what appears to be a previously unseen backdoor that researchers have named IceBreaker. The compromise…
Microsoft disables verified partner accounts used for OAuth phishing
Microsoft has disabled multiple fraudulent, verified Microsoft Partner Network accounts for creating malicious OAuth applications that breached organizations’ cloud environments to steal email. In a…