Breach Archives - Page 4 of 5

Trigona ransomware spotted in increasing attacks worldwide

Trigona has been active for some time, with samples seen at the beginning of the year

30 November

The Evolution of Business Email Compromise

The simplicity and profitability of these attacks continue to appeal to threat actors a decade later

30 November

Microsoft data breach exposes customers’ contact info, emails

10/20/2022
Cyber News
Breach, Business, Exploit, Hacking, Security

Threat actors who accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels

20 October

Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

10/15/2022
Cyber News
Breach, Exploit, Hacking, Malware, Phishing

The evolution of email-based phishing threats into a service-based economy means that adversaries who aim to conduct phishing attacks can now simply purchase such resources and infrastructure without having to work on it themselves

15 October

Callback phishing attacks evolve their social engineering tactics

10/08/2022
Cyber News
Breach, Exploit, Hacking, Malware, Phishing, PrivEsc

The majority of these recent campaigns are pushing a ClickOnce executable named 'support.Client.exe,' that, when launched, installs the ScreenConnect remote access tool

8 October

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

10/08/2022
Cyber News
Breach, Exploit, Hacking, Hardening, Malware, Patching, PrivEsc, Ransomware, RCE, Security

An analysis of the ransomware sample has uncovered multiple similarities between the EDR bypass implementation and that of a C-based open-source tool called EDRSandblast, designed to abuse vulnerable signed drivers to evade detection.

8 October

New Royal Ransomware emerges in multi-million dollar attacks

10/01/2022
Cyber News
Breach, Exploit, Hacking, Malware, Phishing, PrivEsc, Ransomware, Security

Unlike most active ransomware operations, Royal does not operate as a Ransomware-as-a-Service but is instead a private group without affiliates.

1 October

CISA: Hackers exploit critical Bitbucket Server flaw in attacks

10/01/2022
Cyber News
0day, Breach, Exploit, Hacking, Malware, Patching, RCE

The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.

1 October

New malware backdoors VMware ESXi servers to hijack virtual machines

10/01/2022
Cyber News
Breach, C2, Exploit, Hacking, Malware, Patching

With the help of malicious vSphere Installation Bundles, the attacker could install on the bare-metal hypervisor two backdoors

1 October

Microsoft 365 phishing attacks impersonate U.S. govt agencies

09/21/2022
Cyber News
Breach, Exploit, Hacking, Malware, Phishing, PrivEsc

The lure in these phishing emails is a request for bids for lucrative government projects, taking them to phishing pages that are clones of legitimate federal agency portals

21 September

Breach Archives - Page 4 of 5 - CyberConvoy Blog