Daily Cyber Brief
The Evilnium APT has returned, a new version of the Raccoon Stealer malware is circulating on cybercrime forums, and APTs are targeting ICS with ShadowPad malware...
Cybersecurity
Canada’s electronic intelligence agency says it’s waging a “long-term” campaign aimed at degrading cyber criminals’ abilities to target Canadian individuals and institutions. The Communications Security Establishment (CSE) has been warning for some time that…
The Group of Seven leaders agreed on Tuesday to strengthen their countries' defences against foreign disinformation and cyber attacks, including threats posed by Russia. "We also commit to further strengthening our internal security in light of transnational threats including those…
The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. The Raccoon Stealer operation shut down in March 2022 when its operators…
Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments. Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP (Voice over Internet Protocol) application and using it as a…
The Evilnum hacking group is showing renewed signs of malicious activity, targeting European organizations that are involved in international migration. Evilnum is an APT (advanced persistent threat) that has been active since at least 2018 and had its campaign and tools…
A social-engineering campaign bent on stealing Facebook account credentials and victim phone numbers is targeting business pages via a savvy campaign that incorporates Facebook's Messenger chatbot feature. That's according to an analysis from Trustwave SpiderLabs…
Semiconductor giant AMD says they are investigating a cyberattack after the RansomHouse gang claimed to have stolen 450 GB of data from the company last year. RansomHouse is a data extortion group that breaches corporate networks, steals data, and then demands a…
A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks. The malware "grants the actor the ability…
The Federal Bureau of Investigation (FBI) warns of increasing complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions. Deepfakes (digital content like images, video, or audio) are…
Entities located in Afghanistan, Malaysia, and Pakistan are in the crosshairs of an attack campaign that targets unpatched Microsoft Exchange Servers as an initial access vector to deploy the ShadowPad malware. Russian cybersecurity firm Kaspersky, which first detected…