[HackerNews] New Ransomware Gangs — Haron and BlackMatter — Emerge on Cybercrime Forums

Two new ransomware-as-service (RaaS) programs have appeared on the threat radar this month, with one group professing to be a successor to DarkSide and REvil, the two infamous ransomware syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya over the past few months. “The project has incorporated in itself the best features of […]

Read More

[HackerNews] Best Practices to Thwart Business Email Compromise (BEC) Attacks

Business email compromise (BEC) refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main mechanisms through which attackers penetrate organizations utilizing BEC techniques, spoofing and account take-over attacks. In a recent study, 71% of organizations acknowledged they had seen a business email compromise (BEC) […]

Read More

[HackerNews] New Android Malware Uses VNC to Spy and Steal Passwords from Victims

A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. Dubbed “Vultur” due to its use of Virtual Network Computing (VNC)’s remote screen-sharing technology to gain full visibility on targeted users, the […]

Read More

[HackerNews] Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to weaponize publicly disclosed flaws to their advantage swiftly. “Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, […]

Read More