FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals https://firewall.firm.in/wp-content/uploads/2024/09/lock.jpg Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and ...

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams https://firewall.firm.in/wp-content/uploads/2024/09/korea.jpg Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a ...

Clearview AI fined by Dutch agency for facial recognition database – ET CISO https://etimg.etb2bimg.com/thumb/msid-113051010,imgsize-8792,width-1200,height=765,overlay-etciso/data-breaches/clearview-ai-fined-by-dutch-agency-for-facial-recognition-database.jpg U.S. facial recognition company Clearview AI has been fined 30.5 million euros ($33.7 million) for building what Dutch data protection watchdog DPA said on Tuesday was an illegal database. DPA also issued an additional order, imposing a penalty of up to 5 million euros on Clearview ...

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm https://firewall.firm.in/wp-content/uploads/2024/09/chinesehackerz.jpg Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus ...

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems https://firewall.firm.in/wp-content/uploads/2024/09/linux.png Sep 03, 2024Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. “It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities ...

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus https://firewall.firm.in/wp-content/uploads/2024/09/chart.jpg Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and ...

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors https://firewall.firm.in/wp-content/uploads/2024/09/ransomware.jpg Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and ...

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns https://firewall.firm.in/wp-content/uploads/2024/09/Iranianhackers.jpg Aug 30, 2024Ravie LakshmananCyber Threat / Cyber Espionage Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future’s Insikt Group has linked the infrastructure to a hacking group it tracks as ...

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit https://firewall.firm.in/wp-content/uploads/2024/08/chrome.jpg Aug 31, 2024Ravie LakshmananRootkit / Threat Intelligence A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the ...

Google says Russian hackers using iOS, Chrome flaws to steal users data – ET CISO https://etimg.etb2bimg.com/thumb/msid-112934730,imgsize-25018,width-1200,height=765,overlay-etciso/data-breaches/google-says-russian-hackers-using-ios-chrome-flaws-to-steal-users-data.jpg The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Chrome on Android exploits created by commercial spyware vendors like NSO Group and Intellexa in a series of cyberattacks between November 2023 and July 2024. “The campaigns first delivered an ...