Threat actors are using Internet Information Services - Microsoft's extensible web server software - to deliver a previously undocumented dropper that is being used to install a new backdoor and other tools. The group dubbed Cranefly uses a new backdoor called Danfuan, researchers say.
Cybercriminals are out there, watching and waiting for the perfect opportunity. They are gathering information about your organization and users, devising the perfect plan to infiltrate your defenses.
But with a strategic approach to cyber defense you can hack the hacker before they strike! In this session, we'll...
When ransomware hits, every minute of downtime matters. A company faces an average downtime of 22 days after ransomware hits.
Join this session to learn how to secure your virtualized assets before, during, and after an attack. We'll show how you can quickly search for indicators of compromise across your virtual...
Every organization has employees distributed across multiple locations, such as headquarters and branch offices. With the Covid-19 pandemic, remote working from home has become a norm. Wherever they are, a company’s staff will need to access IT services, applications and data that are also spread out over a number...
Researchers uncovered a never-before-seen advanced threat actor dubbed Metador targeting telecommunications, internet service providers and universities in several countries in the Middle East and Africa for cyberespionage. They found two different Windows-based malware platforms.
The LockBit group has paid the first payment of $50,000 as part of its bug bounty program for researchers willing to aid in cybercriminality. The group had announced that it will pay individuals who find exploitable vulnerabilities in the software it uses to maliciously encrypt files.
If you receive a sextortion email at work, how did the criminals find you? Do they really have embarrassing videos, your browsing history, or password? Cofense can shed some light on this dark corner of the web. After all, we’ve been monitoring the largest confirmed dump of email addresses used for sextortion to...
New malware variants are being developed at breakneck speeds, each more sophisticated and devastating than the last. On top of that, successful threats are being commodified by initial access brokers (IAB) and sold as-a-service. Threats are propagating faster than ever with stealthy evasion techniques coded in,...
The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S. and Japan to establish long-term access into victim networks to conduct espionage operations by deploying custom-built malware implants VSingle, YamaBot and MagicRAT.
The operators behind banking Trojan SharkBot are distributing an updated version of the malware on now-deactivated malicious applications on Google Play. Called Mister Phone Cleaner and Kylhavy Mobile Security, the apps have been downloaded 10,000 and 50,000 times, respectively, says Fox-IT.
As ransomware continues to pummel organizations left, right and center, two states have responded by banning certain types of ransom payments, and more look set to soon follow suit. But experts warn such bans could have "terrible consequences," leading to costlier and more complicated recovery.
Food delivery firm DoorDash says its customers and employees have been impacted by the phishing attack on its third-party service provider. DoorDash says it experienced "unusual and suspicious activity" on its third-party vendor's computer network that was a victim of a phishing campaign.
Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.
Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain. The latest campaign began in June 2022, uses Grandoreiro banking Trojan and impersonates Mexican government officials, Zscaler ThreatLabz reports.
The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions much easier than you would think. Using a regular looking phishing email, they can bypass MFA just as easily as if it were a simple...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.