GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

/in

The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts.
“Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use,” cybersecurity firm Cybereason said in an analysis published last week.
“While some of the particulars of GootLoader payloads have

The Hacker News – ​Read More

Some Data Is ‘Breached’ During a Hacking Attack on the Alabama Education Department

/in

Alabama’s education superintendent said some data was breached during a hacking attempt at the State Department of Education.

The post Some Data Is ‘Breached’ During a Hacking Attack on the Alabama Education Department appeared first on SecurityWeek.

SecurityWeek – ​Read More

Turla: A Master of Deception

/in

The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails.

Cyware News – Latest Cyber News – ​Read More

Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware

/in

A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users’ financial data. The app has already been downloaded thousands of times.

Cyware News – Latest Cyber News – ​Read More

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

/in

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to “https://cdn.polyfill[.]io” or “https://cdn.polyfill[.]com” in their HTTP responses, the attack

The Hacker News – ​Read More

New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks

/in

Cybersecurity researchers have uncovered a new botnet called Zergeca that’s capable of conducting distributed denial-of-service (DDoS) attacks.
Written in Golang, the botnet is so named for its reference to a string named “ootheca” present in the command-and-control (C2) servers (“ootheca[.]pw” and “ootheca[.]top”).
“Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six

The Hacker News – ​Read More

Ticketmaster Breach: ShinyHunters Leak 440,000 Taylor Swift Eras Tour Tickets

/in

The ShinyHunters hacker group claims the Ticketmaster breach is far bigger than previously anticipated, stealing 193 million barcodes,…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Volcano Demon Ransomware Gang Makes Phone Calls to Victim for Ransom

/in

According to cybersecurity researchers at Halcyon AI, the new Volcano Demon ransomware gang calls its victims “very frequently,…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Cyber Insurance Premiums Are Declining Worldwide as Businesses Improve Security, Howden Insurance Broker Report Finds

/in

Rates have declined by 15% since the market peak in 2022, according to Howden Insurance Brokers.

Security | TechRepublic – ​Read More

Operation Morpheus Disrupts 593 Cobalt Strike Servers Used for Ransomware

/in

Global Operation Morpheus dismantles Cobalt Strike network: Law enforcement takes down criminal infrastructure used for ransomware and data…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More