Qilin ransomware now steals credentials from Chrome browsers
The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in…
Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking…
Russian indicted for selling access to US corporate networks
A 31-year-old Russian national named Evgeniy Doroshenko has been indicted for wire and computer fraud in the United States for…
UnitedHealth Congressional Testimony Reveals Rampant Security Fails
The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for…
Malicious PowerShell script pushing malware looks AI-written
A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system…
Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes…
Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks
Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into…
Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks
Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with…
FBI: Dual ransomware attack victims now get hit within 48 hours
The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt…
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families…