This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators
A Remote Access Trojan (RAT) on sale in underground forums has evolved to abuse Tor when maintaining persistence on infected machines. On Thursday, Sophos...
Tagged: Operators
njRAT Trojan operators are now using Pastebin as alternative to central command server
Operators of the njRAT Remote Access Trojan (RAT) are leveraging Pastebin C2 tunnels to avoid scrutiny by cybersecurity researchers. On Wednesday, Palo Alto Networks’...
Recent WebLogic Vulnerability Likely Exploited by Ransomware Operators
At least one ransomware operator appears to have added to their arsenal an exploit for a recently patched vulnerability in Oracle WebLogic. Tracked as...
QQAAZZ Group Charged for Helping Banking Trojan Operators Launder Money
Law enforcement agencies in 16 countries worked together to dismantle a criminal network involved in the laundering of money from high-level cybercriminals. The crime...
Ransomware operators now outsource network access exploits to speed up attacks
Ransomware operators are now turning to network access sellers in their droves to cut out a difficult step in the infection process. On Monday,...
Emotet Botnet Operators Switching to a New Template Named ‘Red Dawn’ – E Hacking News
Emotet malware has been continually evolving to the levels of technically sophisticated malware that has a major role in the expansion of the cybercrime...
Cybercrime / Incident Response / Malware / Management & Strategy / NEWS & INDUSTRY / Virus & Threats
University of Utah Pays $457,000 to Ransomware Operators
The University of Utah on Thursday revealed that it paid approximately $457,000 to ransomware operators after servers in its College of Social and Behavioral...
Cyberwarfare / Management & Strategy / NEWS & INDUSTRY / Risk Management / SCADA / ICS / Security Infrastructure / Virus & Threats / Vulnerabilities
NSA, CISA Urge Critical Infrastructure Operators to Secure OT Assets
The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure...
Cloud Company Blackbaud Pays Ransomware Operators to Avoid Data Leak
Cloud software provider Blackbaud has admitted that it paid cybercriminals to regain control of data following a ransomware attack in May 2020. The company,...
Mac users trying to trade cryptocurrencies targeted by Gmera Trojan operators
Apple macOS users are being targeted in a fresh campaign aiming to pilfer cryptocurrency from their wallets. Trojanized cryptocurrency trading software and applications designed...