attacks
-
Blog
FBI warns of Luna Moth extortion attacks targeting law firms
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks. Also known as Luna Moth, Chatty Spider, and UNC3753, this threat group has been active since 2022 and was also behind BazarCall campaigns that provided initial access to corporate…
Read More » -
Blog
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. As Trend Micro recently discovered, the threat actors behind this TikTok social engineering campaign are using videos likely generated using AI that ask viewers to run commands claiming to activate Windows and Microsoft Office, as well as premium features in various legitimate…
Read More » -
Blog
US indicts leader of Qakbot botnet linked to ransomware attacks
The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks. As per court documents, Gallyamov started to develop Qakbot (also known as Qbot and Pinkslipbot) in 2008 and deployed it to create a network of thousands of infected computers. Over time, a team…
Read More » -
Blog
Wifi network attacks: The risk to businesses
Attacks designed to exploit weaknesses in Wi-Fi networks are on the rise, with hackers increasingly targeting vulnerabilities in Wi-Fi infrastructure to gain unauthorized access, intercept sensitive data and launch further attacks. The main area of concern is the deauthentication attack; a form of denial of service (DoS) attack that takes advantage of a basic flaw in the 802.11 Wi-FI protocol…
Read More » -
Blog
Why DragonForce is growing in prominence – with retailer attacks boosting its reputation
The criminal group DragonForce has exploded onto the cybersecurity scene in recent weeks, taking credit for the recent ransomware attacks on UK retail giants M&S and the Co-op. DragonForce is a ransomware as a service platform which provides malware and attack infrastructure to affiliate groups that are unable to launch large-scale attacks on their own. Known to support double extortion…
Read More » -
Blog
The UK’s science funding agency is being bombarded with cyber attacks
UK Research and Innovation (UKRI), the UK’s national funding agency for science and research, has been hit by 5.4 million cyber attacks this year, six times as many as last year. According to freedom of information requests from the Daily Express, 236,400 of these were phishing attacks designed to trick staff into handing over sensitive information. Another 11,200 were malware…
Read More » -
Blog
Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete control of websites. Developed by StylemixThemes, Motors is one of the top-selling automotive themes for the WordPress platform. It is very popular among automotive businesses such as car dealerships, rental services, and used vehicle listing…
Read More » -
Blog
Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers. SAP released emergency patches on April 24 to address this NetWeaver Visual Composer unauthenticated file upload security flaw (CVE-2025-31324), days after it was first tagged by cybersecurity company ReliaQuest as targeted in the wild. Successful exploitation…
Read More » -
Blog
Hackers behind UK retail attacks now targeting US companies
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. “The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider,” John Hultquist, Chief Analyst at Google Threat Intelligence Group, told…
Read More » -
Blog
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. “Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability,” the company said. “When chained together, successful exploitation could lead to unauthenticated remote code execution. We are aware…
Read More »