Information technology professionals—beware of SharpRhino—a malware variant attributed to threat actor cybercriminals associated with Hunters International. It is being reported that Hunters International is the “10th most active ransomware group in 2024.” Hunters International has “claimed responsibility for 134 attacks in the first seven months of 2024.” It has been linked to the defunct
malware
NYAG Settles with Personal Touch for $350,000 over Phishing Incident
According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021 when a Personal Touch employee “opened a malware-infected file attached to a phishing email that allowed…
AI and Cybersecurity
There is a lot of chatter out there around the uses of artificial intelligence (AI) for cybersecurity. For example, Applied Sciences published a paper on how AI can be used for mobile malware detection, and Gartner has published on AI Security Management.
According to an article published in Forbes, entitled “A Primer on Artificial Intelligence…
Hackers Experimenting with Deploying Destructive Malware
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money.
The newest trend for hackers is to develop and launch cyber-attacks that deploy destructive malware. This means that when a threat actor infiltrates a business’…
Privacy Tip #338 – Be Aware of Apps Infected with Malware
Like all technology, mobile apps can be infected with malicious code, or malware, which is intended to gain access to your mobile phone when you download the app. Although app stores try their best to not allow malicious apps to get into the store, monitor apps once they are included in the store, and delete…
Cloaked Ursa Using Trusted Online Storage Services to Evade Detection
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20, Nobelium, or Cozy Bear), “demonstrate[s] sophistication and the ability to rapidly integrate popular cloud storage services to avoid detection.” Cloaked Ursa is believed to be affiliated with the Russian government.
Unit 42 found that…
State Department Offers $10M Reward for Information on Russian Officers Involved in Malicious Cyber Activities
The U.S. Department of State has announced a $10 million reward for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”…
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of destructive malware that is being used to target organizations in Ukraine, with the ongoing warnings of increased cyber-attacks against U.S. organizations.
The malware, WhisperGate and HermeticWiper, is used to “destroy computer systems and render them inoperable.”…
Apple + Microsoft Release Patches for Identified Vulnerabilities
This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad, you may want to plug your phone or iPad in and apply the newest iOS 15.0.2, which is what I just did as I…
New Russian Based Ransomware Group Targeting Large Companies and Hospitals
Threat intelligence firm Mandiant released findings about a new Russian based hacking group dubbed FIN12, which is targeting the health care industry and companies with revenue over $300 million. Mandiant said that FIN12 is “very aggressive and brazen in who they target.”
According to Mandiant, FIN12 uses different hacking techniques and tools to infiltrate targets,…