Microsoft reports two Iranian hacking groups exploiting PaperCut flaw
The two groups exploiting the vulnerability are Mango Sandstorm and Mint Sandstorm. Both are linked to the Iranian government and intelligence agencies.
Goldoson Android Malware Found in 60 Apps with 100M Downloads
The malware was identified by cybersecurity researchers at McAfee.
BlackCat (ALPHV) Gang Claims Ransomware Attack on NCR Data Center
BlackCat ransomware initially claimed responsibility for the ransomware attack on its dark web blog but later removed its post, indicating negotiations between the two parties.
LockBit Ransomware Expands Attack Spectrum to Mac Devices
The new ransomware was spotted by MalwareHunterTeam, which is capable of encrypting macOS devices.
Android App Trojans Sold on Dark Web for $25-$20,000
A Kaspersky study reveals security threats to the Google Play app store and how they have been exposing Android users to malware threats.
Microsoft and Fortra to Take Down Malicious Cobalt Strike Infrastructure
Cobalt Strike is a legitimate post-exploitation tool designed by Raphael Mudge of Fortra for adversary simulation but it has also been abused by cybercriminals.
New Dark Web Market Styx: Focuses on Money Laundering, Identity Theft
Styx has quickly gained traction as a hub for various illicit activities, following the recent seizure of the Genesis dark web market.
New Strain of Rorschach Ransomware Targeting US- Firms
Rorschach ransomware boasts advanced encryption technology and can spread automatically on the machine if executed on a domain controller.
Beware of new YouTube phishing scam using authentic email address
Watch out for a new YouTube phishing scam and ignore any email from YouTube that claims to provide details about “Changes in YouTube rules and policies | Check the Description.”
WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android
The findings about WiFi flaws are to be presented at the Usenix Security Symposium.