malware attack

Subscribe to malware attack via RSS

Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been linked to Darkside, BlackMatter, and BlackCat/ALPHV ransomware variants.

The WithSecure investigators believe that the attacks may be part of a larger campaign

According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20, Nobelium, or Cozy Bear), “demonstrate[s] sophistication and the ability to rapidly integrate popular cloud storage services to avoid detection.” Cloaked Ursa is believed to be affiliated with the Russian government.

Unit 42 found that

Last Friday (November 20, 2015), Starwood Hotels announced that it was hit with a payment card malware attack affecting 50 of its North American hotels.

The president of Starwood  Hotels Americas stated in a letter to customers dated Friday, “Based on the investigation, we discovered that the point of sale systems at certain Starwood Hotels