The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September.
U.S. and Canada charge Ottawa man for ransomware attacks, signaling that North America is no cybercriminal haven.
E-commerce’s proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale.
The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said.
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases.
Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned.
DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike’s arsenal.
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances.
The flaws, which could enable attackers to disable security and gain kernel-level privileges, affect Amazon WorkSpaces and other cloud services that use USB over Ethernet.
The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets.