DRM Report Q2 2023 – Ransomware threat landscape

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into the very fabric of our lives, the dark underbelly of the digital realm continues to pose an ever-growing threat. Ransomware, a menace […]

Continue Reading

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. The phishing attacks were aimed at senior executives across various industries, primarily […]

Continue Reading

Cybersecurity preparedness pays big dividends for businesses

Businesses are taking cybersecurity more seriously by boosting resources and preparedness, according to GetApp. US businesses on the whole are gaining ground against cybercriminals after several years of increasingly severe threats, but the Las Vegas cyberattacks are a stark reminder of the cost of a breach. GetApp’s report reveals that the ransomware rate remains alarmingly […]

Continue Reading

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The BunnyLoader malware loader is written in C/C++ and is sold on various forums for $250 for […]

Continue Reading

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary We investigated a recent LockBit extortion incident that occurred in Q3 2023, which involved an unusual FTP server located in Moscow. The hostname of this server was identified as matching many hostnames […]

Continue Reading

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups that have also targeted Italian entities and businesses, are back in the news; they are LockBit 3.0 Black and BlackCat/AlphV, which had already been reported by the media in the first decade of […]

Continue Reading

Ransomware attack on Johnson Controls may have exposed sensitive DHS data

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), […]

Continue Reading

Protecting against FraudGPT, ChatGPT’s evil twin

FraudGPT is the evil counterpart to ChatGPT. Criminals use it to target businesses with phishing emails and scams with speed and accuracy like never before. The AI can be prompted to create the most realistic phishing emails, perfected down to a business’ tone and artistic style, and encourage victims to hand over sensitive information, such […]

Continue Reading