Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks but there's a notable uptick in exploiting vulnerabilities.
Russia's banking and financial services company Sberbank is being targeted in a wave of unprecedented hacker attacks. Earlier this month, the bank fought off the largest distributed denial-of-service (DDoS) attack in its history.
Advanced Intel's Yelisey Boguslavskiy told BleepingComputer that instead of rebranding as another large ransomware operation, the Conti leadership has instead partnered with other smaller ransomware gangs to conduct attacks.
"Nikkei Group Asia immediately shut down the affected server and took other measures to minimize the impact." Nikkei says it's currently investigating if the attackers accessed any of the customer data that was likely stored on the impacted servers.
Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers.
The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers.
The Spanish police have announced the arrest of 13 people and the launch of investigations on another seven for their participation in a phishing ring that stole online bank credentials.
At its peak, the 3ve ad fraud campaign, also known as Eve, infected over 1.7 million devices with the Kovter botnet, a click-fraud malware that would quietly run in the background while connecting to sites to consume advertisements.
"The Bank of Zambia wishes to inform members of the public that it experienced a partial disruption to some of its Information Technology (IT) applications on Monday 9th May 2022," disclosed the bank in a press release.
The Space Pirates APT group has been seen targeting government agencies and enterprises involved in IT services, aerospace, and electric power industries located in Russia, Georgia, and Mongolia.
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.