Cybercrime, DoppelPaymer is back with a new name: Grief
Bleeping Computer: The two Ransomware-as-a-Service operations exploit the same encrypted file format and the distribution channel: the Dridex botnet.
Cybercrime: here it comes BlackMatter, the DarkSide and REvil heir
Recorded Future cybersecurity experts: The Ransomware-as-a-Service will target all big industries, except healthcare and governments.
Cybercrime, PEGASUS data leaks are on sale on the web
The user lucifer6a offers them on Raid Forums with a couple of samples to confirm its authenticity. They seem genuine.
Cybercrime, maxi phishing campaign against the main email providers
The bait is a fake eFax. The link in the message points to a page where you can choose your provider and enter sensitive data, which will be stolen.
Hacking, PetitPotam let attackers gain control of an entire Windows domain
It has been discovered by the cybersecurity researcher topotam. It coerces machine account authentication via MS-EFSRPC.
Cybercrime, Lokibot is now also conveyed through artwork
The email xlsx attachment contacts a single link from which an exe is downloaded and executed: the malware.
Cyber Espionage, APT31 launched a large campaign impacting many French entities
ANSSI cybersecurity experts: The cybercrime actor uses a network of compromised home routers as operational relay boxes.
Cybercrime, new wave of the FickerStealer campaign via DocuSign and Hancitor
The email xls attachment contains a dll with Chanitor, which downloads the final malware.
Cybercrime, MosaicLoader spreads disguised as a cracked software
Bitdefender cybersecurity experts: The malware can deliver any payload. Threat actors purchased ad slots in search engine results to boost it.
Cybercrime, Agent Tesla campaign via fake DHL receipt
The email compressed attachment contains an exe: the malware itself. The data is exfiltrated via smtp.