Chinese hackers use DNS-over-HTTPS for Linux malware communication, a new Golang-based Skuld malware strand steals Discord and browser data from Windows PCs, and a massive phishing campaign uses 6,000 sites to impersonate brands.
Classifying new and unknown (zero-day) malware has always been a challenge in the security industry as new variants are discovered in the wild at an overwhelming rate.
The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack. We’ve all heard of a “Man-in-the-Middle” (MitM) attack – also more recently called a “Manipulator-in-the-Middle” attack.
Cybercrime has become a dominant concern for many businesses, as well as individuals. Cybercriminals will target any business, and any individual if they can realize a profit from their minimal efforts. One of the ways that criminals achieve their goals is through the use of malware that garners a fast profit, such as ransomware. More enterprising criminals will use more persistent malware, which enables them to return to the target for further victimization.
In a recent development, Russian hackers have declared their intention to launch cyberattacks on the European financial system within the next 48 hours. The announcement was made late on Wednesday, June 14 and came through a video threat posted on the Mash Telegram channel, a very popular channel for Russian news. This operation appears to be a collaborative effort between the hacking groups KillNet, REvil, and Anonymous Sudan.
On June 14th, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC) along with its international cybersecurity partners released an advisory calling out the various indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the LockBit ransomware operation over the past 3 years.
