Watch out! There are hidden dangers lurking your PDFs
Avast researchers have discovered cybercriminals using an old medium (PDFs) in a new--and dangerous--way.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Annual Ransomware Payments Surpass $1 Billion
For the first time, analysis of ransomware payments made in a single year tops $1,000,000,000. This signals a massive return to more frequent, sophisticated, and successful attacks. Each year, blockchain analysis company, Chainalysis, reports on ransomware payments based on the payments made to digital wallets known to belong to cybercriminals and cybercriminal gangs.
Emails Are Responsible for 88% of Malicious File Deliveries
Emails are still the most common delivery method for malicious files, according to Check Point’s Cyber Security Report for 2024. “Email-based attacks continue to be the dominant initial infection vector,” the report says.
The Billion Dollar Cost of Cybercrime: Lessons from the LockBit Takedown
The recent LockBit group take down has shown the world at large the cost of cybercrime. Initially it was reported that just over $100 million had been gathered through the nefarious acts of this particular group but, as I suspected, that initial figure was just a drop in the ocean. It turns out that the real figure was in excess of $1 billion dollars over the last four years, and I still suspect this may be more.
Unveiling Phemedrone Stealer: Threat Analysis and Detections
Recently, the cybersecurity world has been abuzz with discussions about Phemedrone, a newly emerged stealer exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. The project was most recently available on GitHub; however, the project was taken down, and the associated account was removed. Active development still occurs via Telegram.
The 443 Podcast - Episode 281 - Locking Up LockBit
This week on the podcast, we cover an international law enforcement takedown of the LokBit ransomware group's infrastructure. After that, we cover a novel malware delivery vector involving an IoT "toy." We end the podcast by covering the latest White House Executive Order addressing cybersecurity in critical infrastructure. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
A Beginner's Guide to Ransomware: How to Recover from Ransomware Attacks - Part 11
This Beginner’s Guide to Ransomware is a comprehensive multi-part series that will empower you with the knowledge and tools to navigate the ever-evolving landscape of ransomware threats.
Cyber Security Decoded: Sherrod DeGrippo on AI
#AI = Accelerated Intelligence? Sherrod DeGrippo from Microsoft details how we should reframe our perspective of AI and think of it as a tool that will make cyber recovery faster and more efficient. Be sure to tune in and subscribe to Cyber Security Decoded on Spotify! #CyberSecurity #CyberResilience #Shorts
Face off: New Banking Trojan steals biometrics to access victims' bank accounts
Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.
Still Alive: Updates for Well-Known Latin America eCrime Malware Identified in 2023
Latin America (LATAM) is a growing market, and threat actors have used numerous eCrime malware variants to target users in this region. Over the past few years, many researchers have characterized the tactics, techniques and procedures (TTPs) of widespread Latin America malware families, including but not limited to Mispadu, Grandoreiro, Mekotio, Casbaneiro, Metamorfo and Astaroth.