"BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground"

"BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground"

Researchers have found BunnyLoader, another Malware-as-a-Service (MaaS) threat, being sold on the cybercrime underground. According to Zscaler ThreatLabz researchers, BunnyLoader provides different functionalities such as downloading and executing a second-stage payload, stealing browser credentials, and more. Its other capabilities include running remote commands on the infected machine, a keylogger to collect keystrokes, and a clipper functionality to monitor the victim's clipboard and replace content matching cryptocurrency wallet addresses with actor-controlled addresses.

Submitted by Gregory Rigby on

"Meet LostTrust Ransomware — A Likely Rebrand of the MetaEncryptor Gang"

"Meet LostTrust Ransomware — A Likely Rebrand of the MetaEncryptor Gang"

The LostTrust ransomware campaign is believed to be a rebranding of MetaEncryptor, using nearly identical data leak sites and encryptors. LostTrust started attacking organizations in March 2023, but it did not become widely known until September when a data leak site went live. Currently, the site lists 53 victims worldwide, some of whom have already had their data leaked for not paying the demanded ransom. It is unknown whether the ransomware group only targets Windows devices or also uses a Linux encryptor.

Submitted by Gregory Rigby on

"Johnson Controls Ransomware Attack Could Impact DHS"

"Johnson Controls Ransomware Attack Could Impact DHS"

Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at government contractor Johnson Controls International.  The cybercrime group claims to have exfiltrated 27TB of sensitive data from Johnson Controls.  The company serves clients in the education, government, healthcare, hospitality, naval, and transportation sectors, including the DoD, DHS, and other government agencies in the US.

Submitted by Adam Ekwall on

"Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain"

"Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain"

An Israeli surveillanceware company used the three recently revealed Apple zero-day vulnerabilities to create an exploit chain for iPhones, and a Chrome zero-day to exploit Androids in a novel attack against Egyptian organizations. According to a recent report by Google's Threat Analysis Group (TAG), "Intellexa" used the special access it gained through the exploit chain to install its "Predator" spyware on unidentified targets in Egypt. Predator was initially developed by Cytrox, one of several spyware developers that Intellexa has absorbed in recent years.

Submitted by Gregory Rigby on

"Global Events Fuel DDoS Attack Campaigns"

"Global Events Fuel DDoS Attack Campaigns"

According to NETSCOUT, cybercriminals launched about 7.9 million Distributed Denial-of-Service (DDoS) attacks in the first half of 2023, a 31 percent increase year-over-year. Recent DDoS attack growth has been fueled by global events such as the Russia-Ukraine war and NATO bids. NETSCOUT observed a global increase of 79 percent in DDoS attacks against wireless telecommunications providers during the second half of 2022.

Submitted by Gregory Rigby on

"Royal Family Website Downed by DDoS Attack"

"Royal Family Website Downed by DDoS Attack"

The official website of the UK’s royal family on Sunday was taken offline by a distributed denial of service (DDoS) attack.  According to reports, the Royal.uk site was unavailable for around 90 minutes, starting at 10 am local time.  It was fully functional again soon after.  Notorious Russian hacktivist group Killnet has reportedly boasted on its Telegram channel of being responsible for the attack, although that has yet to be confirmed.

Submitted by Adam Ekwall on

"Using Psychology to Bolster Cybersecurity"

"Using Psychology to Bolster Cybersecurity"

Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) is a new cyberpsychology research program from the US Defense Department's Intelligence Advanced Research Projects Activity (IARPA) that focuses on how cybercriminals act and think. According to IARPA program manager Kimberly Ferguson-Walter, the ReSCIND program aims to research the cyberpsychology of cybercriminals to identify their cognitive flaws and improve cybersecurity.

Submitted by Gregory Rigby on

"Harvard Designs AI Sandbox That Enables Exploration, Interaction Without Compromising Security"

"Harvard Designs AI Sandbox That Enables Exploration, Interaction Without Compromising Security"

Generative Artificial Intelligence (AI) tools, such as OpenAI's ChatGPT, Microsoft's Bing Chat, and Google's Bard, have quickly become the most discussed topic in technology, sparking talks about their role in higher education and more. Harvard announced its initial guidelines for using generative AI tools in July, and strong community demand presented University administrators with the challenge of meeting this need while addressing the security and privacy flaws of many consumer tools.

Submitted by Gregory Rigby on

"Understanding Cyber Threats in IoT Networks"

"Understanding Cyber Threats in IoT Networks"

New research delves into how Internet of Things (IoT) devices, which are not as well protected as traditional computers regarding firewalls, antivirus, and malware protection, can represent a significant system vulnerability. In addition to potential financial loss, such threats can disrupt infrastructure and government, as well as endanger human lives, especially in healthcare facilities. A team of researchers from Tallinn University of Technology and the University at Albany developed a comparative framework for modeling the cyber threat to IoT devices and networks.

Submitted by Gregory Rigby on

"Signal Jamming Defense Not up to the Task? These Researchers Have a Solution"

"Signal Jamming Defense Not up to the Task? These Researchers Have a Solution"

As growing and maturing data services demand faster Internet speeds and operating systems call for better security, hackers and adversaries continue to interfere. For some, this involves infiltrating home and office wireless networks to steal personal or business information. These attackers often use high-powered signal jamming devices, which are wireless portable devices that impede devices' communication with each other. These jammers also serve as a defense for users trying to avoid these attacks.

Submitted by Gregory Rigby on
Subscribe to