Malicious actors leveraged a Chinese cyberespionage operation-linked tool to facilitate an RA World ransomware intrusion against an Asian software and services organization in November, Security Affairs reports.
Bulletproof hosting service Zservers/XHost had 127 of its servers confirmed to be sequestered by the Dutch police just days after the service was sanctioned by the U.S., UK, and Australian authorities over its association with the LockBit ransomware operation, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks leveraging PowerShell and Dropbox have been deployed by North Korean state-backed advanced persistent threat operation Kimsuky against South Korean government, business, and cryptocurrency firms as part of the DEEP#DRIVE campaign, which may have been ongoing since September, The Hacker News reports.
Threat cluster REF7707 has compromised a South American country's foreign ministry and a Southeast Asian university and telecommunications organization in intrusions involving the new FINALDRAFT malware, reports The Hacker News.
Hackread reports Microsoft, Gmail, Yahoo, and other authentication services' login credentials are being targeted by the newly emergent Astaroth phishing kit, which leverages an evilginx-style reverse proxy enabling man-in-the-middle attacks while evading two-factor authentication.
Operations of the Virginia Attorney General's office were reported by the Richmond Times-Dispatch to have been significantly impacted by a cyberattack this week, which took down most of its computer systems, according to The Associated Press.
Individuals traveling to Singapore, Malaysia, and the UK have been subjected to a novel phishing campaign exploiting online arrival card submissions in a bid to exfiltrate personal details, SiliconAngle reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
