Cybercrime, Conti attacks healthcare and first responder networks
The FBI cybersecurity experts: The ransomware hit at least 16 specific targets. The malware steals victims’ files and encrypts the servers to force a ransom payment.
Cybercrime, Hello ransomware uses China Chopper web shell vulnerability
Trend Micro cybersecurity experts: The malware (aka WickrMe) arrives via the CVE-2019-0604. Then, the threat actors exploit web shell to download Cobalt Strike.
Cybercrime, new Hancitor campaign via email attachment
The doc file starts malware infection thanks to the internal dll. The trojan is used as a downloader of other payloads such as Cobalt Strike and Ursnif / Gozi.
Cybercrime, ransomware actors deploy SystemBC as a backdoor
Sophos cybersecurity experts: It has being used for communications, data exfiltration and the download and execution of malicious modules.
Cybercrime, WebLogic Servers vulnerability used to install Cobalt Strike
SANS cybersecurity experts: Campaign exploits a chain of Powershell obfuscated scripts to download the malware. Probably it’s the work of a ransomware gang.
Cybercrime, Sodinokibi attackers leverage Cobalt Strike and scan for POS
Symantec cyber security experts spotted a ransomware campaign which exploits legitimate tools and both malware to earn big profits from large-multinational companies.
Cybercrime spread BazarBackdoor trojan via Sendgrid
The cyber security experts: The malware is sent through a phishing campaign by TrickBot authors with different lures. Moreover, after a period of time, it installs Cobalt Strike on infected computer.
Cybercrime spread PyXie RAT to steal credentials and passwords
Cylance cyber security experts: The new malware targets a wide range of industries. It has been seen in conjunction with Cobalt Strike beacons and a downloader that has similarities to Shifu.
West African Financial Institutions have been hit by waves of cyber attacks
Symantec cyber security experts: cybercrime targets are in Cameroon, DRC, Ghana, Equatorial Guinea, and Ivory Coast with commodity malware and living off the land tools.
From APT29 cyber attacks on US with real pdf documents to confuse victims
Yoroi - Cybaze ZLab cyber security experts analyzed a new strain of malware, used by Russian-linked hackers to target US entities. Here is what they found.