Cybersecurity News - Page 35

The attacks involve both financially motivated cybercriminal groups, such as TA2723, and state-backed threat actors.

Stryzhak gained access to the Nefilim ransomware platform in June 2021 in exchange for 20 percent of any ransom proceeds.

In brief: SonicWall, Sisco, WatchGuard patch actively exploited zero-days, the Clop extortion group targets CentreStack file servers, and more.

The probe was launched after French authorities received intelligence from Italy indicating that the ferry’s IT system had been infected with a RAT.

Attacks involving Cisco SEG and SEWM appliances have been attributed to a suspected Chinese threat group known as UAT-9686.

The campaign involves at least 17 compromised Firefox extensions that use steganography to conceal a JavaScript loader within PNG logo files.

Scammers allegedly tricked victims into installing remote access software, allowing criminals to steal online banking credentials.

The extension includes scripts designed to capture conversations across major platforms such as ChatGPT, Claude, and Gemini.

The attack starts with the attackers gaining initial access via ViewState deserialization or ToolShell-based exploits, then deploy ShadowPad on the compromised server.

BlackForce is designed to steal user credentials and conduct Man-in-the-Browser (MitB) attacks.