CISO2CISO.COM & CYBER SECURITY GROUP

CISO2CISO Cyber Security Malware & Ransomware Notepad Series

grahamcluley.com
Smashing Security podcast #325: Rick Astley and the little birdie scam – Source: grahamcluley.com
Smashing Security podcast #325: Rick Astley and the little birdie scam – Source: grahamcluley.com
grahamcluley.com
Cl0p gang tells MOVEit hack victims to contact it before June 14, or else… – Source: grahamcluley.com
Cl0p gang tells MOVEit hack victims to contact it before June 14, or else… –...
Dark Reading Security
Minecraft Malware Spreading Through Mods, Plug-ins – Source: www.darkreading.com
Minecraft Malware Spreading Through Mods, Plug-ins – Source: www.darkreading.com
The Register Security
Clop ransomware crew sets June extortion deadline for MOVEit victims – Source: go.theregister.com
Clop ransomware crew sets June extortion deadline for MOVEit victims – Source: go.theregister.com
Security TechRepublic
New zero-click threat targets iPhones and iPads – Source: www.techrepublic.com
New zero-click threat targets iPhones and iPads – Source: www.techrepublic.com
securityweek.com
Hackers Issue ‘Ultimatum’ Over Payroll Data Breach – Source: www.securityweek.com
SecurityAffairs.com
Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug –...
SecurityAffairs.com
June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware –...
SecurityAffairs.com
New PowerDrop malware targets U.S. aerospace defense industry – Source: securityaffairs.com
SecurityAffairs.com
+60,000 Android apps spotted hiding adware for past six months – Source: securityaffairs.com
Data Breach Today
Clop Ransomware Gang Asserts It Hacked MOVEit Instances – Source: www.databreachtoday.com
CSO - Online
Traditional malware increasingly takes advantage of ChatGPT for attacks – Source: www.csoonline.com
govinfosecurity.com
Clop Ransomware Gang Asserts It Hacked MOVEit Instances – Source: www.govinfosecurity.com
securelist.com
IT threat evolution Q1 2023 – Source: securelist.com
securelist.com
IT threat evolution Q1 2023. Mobile statistics – Source: securelist.com
securelist.com
IT threat evolution in Q1 2023. Non-mobile statistics – Source: securelist.com
The Hacker News
Winning the Mind Game: The Role of the Ransomware Negotiator – Source:thehackernews.com
The Hacker News
New PowerDrop Malware Targeting U.S. Aerospace Industry – Source:thehackernews.com

CISO2CISO Cyber Security Malware & Ransomware Notepad Series

grahamcluley.com
Academics, media, and think tanks warned of North Korean hacking campaign – Source: www.bitdefender.com
Security TechRepublic
Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America – Source: www.techrepublic.com
The Hacker News
New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency – Source:thehackernews.com
New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency – Source:thehackernews.com
securityweek.com
Several Major Organizations Confirm Being Impacted by MOVEit Attack – Source: www.securityweek.com
securityweek.com
Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges – Source: www.securityweek.com
SecurityAffairs.com
Cyclops Ransomware group offers a multiplatform Info Stealer – Source: securityaffairs.com
Cyclops Ransomware group offers a multiplatform Info Stealer – Source: securityaffairs.com
The Hacker News
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals – Source:thehackernews.com
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals – Source:thehackernews.com
Infosecurity Magazine
BEC Volumes and Ransomware Costs Double in a Year – Source: www.infosecurity-magazine.com
BEC Volumes and Ransomware Costs Double in a Year – Source: www.infosecurity-magazine.com
grahamcluley.com
BBC staffers warned of payroll data breach. Other firms also affected by MOVEit vulnerability – Source: grahamcluley.com
BBC staffers warned of payroll data breach. Other firms also affected by MOVEit vulnerability –...
The Register Security
Qbot malware adapts to live another day … and another … – Source: go.theregister.com
Infosecurity Magazine
Satacom Malware Campaign Steals Crypto Via Stealthy Browser Extension – Source: www.infosecurity-magazine.com
CVE-2023-34362
MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do… – Source: nakedsecurity.sophos.com
MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to...
securityweek.com
Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations – Source: www.securityweek.com
Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations – Source: www.securityweek.com
CSO - Online
Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data – Source: www.csoonline.com
Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data – Source: www.csoonline.com
Security Boulevard
Chrome Extensions Warning — Millions of Users Infected – Source: securityboulevard.com
Chrome Extensions Warning — Millions of Users Infected – Source: securityboulevard.com
Security Boulevard
FireTail Report Finds API Security Breaches are few but Lethal – Source: securityboulevard.com
FireTail Report Finds API Security Breaches are few but Lethal – Source: securityboulevard.com
Security Boulevard
Red Sift Taps GPT-4 to Better Identify Cybersecurity Threats – Source: securityboulevard.com
Red Sift Taps GPT-4 to Better Identify Cybersecurity Threats – Source: securityboulevard.com
SecurityAffairs.com
Experts warn of a surge of TrueBot activity in May 2023 – Source: securityaffairs.com
Experts warn of a surge of TrueBot activity in May 2023 – Source: securityaffairs.com

CISO2CISO Cyber Security Malware & Ransomware Notepad Series

SecurityAffairs.com
Magecart campaign abuses legitimate sites to host web skimmers and act as C2 – Source: securityaffairs.com
Magecart campaign abuses legitimate sites to host web skimmers and act as C2 – Source:...
SecurityAffairs.com
Spanish bank Globalcaja confirms Play ransomware attack – Source: securityaffairs.com
Spanish bank Globalcaja confirms Play ransomware attack – Source: securityaffairs.com
SecurityAffairs.com
Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition – Source: securityaffairs.com
Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition – Source: securityaffairs.com
securelist.com
Satacom delivers browser extension that steals cryptocurrency – Source: securelist.com
Satacom delivers browser extension that steals cryptocurrency – Source: securelist.com
SecurityAffairs.com
New Linux Ransomware BlackSuit is similar to Royal ransomware – Source: securityaffairs.com
New Linux Ransomware BlackSuit is similar to Royal ransomware – Source: securityaffairs.com
SecurityAffairs.com
New botnet Horabot targets Latin America – Source: securityaffairs.com
New botnet Horabot targets Latin America – Source: securityaffairs.com
SecurityAffairs.com
Point32Health ransomware attack exposed info of 2.5M people – Source: securityaffairs.com
Point32Health ransomware attack exposed info of 2.5M people – Source: securityaffairs.com
The Hacker News
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal – Source:thehackernews.com
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal – Source:thehackernews.com
Cyber Talk
How top CISOs drive unparalleled operational resilience – Source: www.cybertalk.org
How top CISOs drive unparalleled operational resilience – Source: www.cybertalk.org
Infosecurity Magazine
Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised – Source: www.infosecurity-magazine.com
Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised – Source: www.infosecurity-magazine.com
securityweek.com
Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer – Source: www.securityweek.com
Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer – Source: www.securityweek.com
securityweek.com
Idaho Hospitals Working to Resume Full Operations After Cyberattack – Source: www.securityweek.com
Idaho Hospitals Working to Resume Full Operations After Cyberattack – Source: www.securityweek.com
securityweek.com
Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals – Source: www.securityweek.com
Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals – Source: www.securityweek.com
Security Boulevard
Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research – Source: securityboulevard.com
Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research – Source:...
Security Boulevard
Dark Web Threats Target Energy Industry as Cybercrime Tactics Shift – Source: securityboulevard.com
Dark Web Threats Target Energy Industry as Cybercrime Tactics Shift – Source: securityboulevard.com
Security Boulevard
Two Years After Colonial Pipeline, What Have We Learned? – Source: securityboulevard.com
Two Years After Colonial Pipeline, What Have We Learned? – Source: securityboulevard.com
Security Boulevard
A New Ransomware Scam: Fraud by the Incident Responders – Source: securityboulevard.com
A New Ransomware Scam: Fraud by the Incident Responders – Source: securityboulevard.com
SecurityAffairs.com
MOVEit Transfer software zero-day actively exploited in the wild – Source: securityaffairs.com
MOVEit Transfer software zero-day actively exploited in the wild – Source: securityaffairs.com

CISO2CISO Cyber Security Malware & Ransomware Notepad Series

SecurityAffairs.com
Operation Triangulation: previously undetected malware targets iOS devices – Source: securityaffairs.com
Operation Triangulation: previously undetected malware targets iOS devices – Source: securityaffairs.com
SecurityAffairs.com
Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware – Source: securityaffairs.com
Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware...
The Hacker News
New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America – Source:thehackernews.com
New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America – Source:thehackernews.com
Dark Reading Security
Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection – Source: www.darkreading.com
Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection – Source: www.darkreading.com
bust
S3 Ep137: 16th century crypto skullduggery – Source: nakedsecurity.sophos.com
S3 Ep137: 16th century crypto skullduggery – Source: nakedsecurity.sophos.com
The Hacker News
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks – Source:thehackernews.com
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks – Source:thehackernews.com
govinfosecurity.com
Lab Testing Firm Says Ransomware Breach Affects 2.5 Million – Source: www.govinfosecurity.com
Lab Testing Firm Says Ransomware Breach Affects 2.5 Million – Source: www.govinfosecurity.com
Security Boulevard
Cyberinsurance Prices Moderate as Premium Hikes Slow – Source: securityboulevard.com
Cyberinsurance Prices Moderate as Premium Hikes Slow – Source: securityboulevard.com
Dark Reading Security
Top macOS Malware Threats: Here Are 6 to Watch – Source: www.darkreading.com
Top macOS Malware Threats: Here Are 6 to Watch – Source: www.darkreading.com
SecurityAffairs.com
BlackCat claims the hack of the Casepoint legal technology platform used by US agencies – Source: securityaffairs.com
BlackCat claims the hack of the Casepoint legal technology platform used by US agencies –...
SecurityAffairs.com
Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022 – Source: securityaffairs.com
Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022 – Source: securityaffairs.com
CSO - Online
AI-automated malware campaigns coming soon, says Mikko Hyppönen – Source: www.csoonline.com
AI-automated malware campaigns coming soon, says Mikko Hyppönen – Source: www.csoonline.com
securityweek.com
Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack – Source: www.securityweek.com
Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack – Source: www.securityweek.com
Infosecurity Magazine
DogeRAT Malware Impersonates BFSI, Entertainment, E-commerce Apps – Source: www.infosecurity-magazine.com
DogeRAT Malware Impersonates BFSI, Entertainment, E-commerce Apps – Source: www.infosecurity-magazine.com
socprime.com
Detect SmokeLoader Malware: UAC-0006 Strikes Again to Target Ukraine in a Series of Phishing Attacks – Source: socprime.com
Detect SmokeLoader Malware: UAC-0006 Strikes Again to Target Ukraine in a Series of Phishing Attacks...
Security Boulevard
‘Predator’ — Nasty Android Spyware Revealed – Source: securityboulevard.com
‘Predator’ — Nasty Android Spyware Revealed – Source: securityboulevard.com
Security Boulevard
Ransomware: A Predictable Response to Market Forces – Source: securityboulevard.com
Ransomware: A Predictable Response to Market Forces – Source: securityboulevard.com
Security Boulevard
Failure to Pay Ransom: Negligence? – Source: securityboulevard.com
Failure to Pay Ransom: Negligence? – Source: securityboulevard.com

CISO2CISO Cyber Security Malware & Ransomware Notepad Series

Security Boulevard
Understanding the Progression of a Ransomware Attack – Source: securityboulevard.com
Understanding the Progression of a Ransomware Attack – Source: securityboulevard.com
Infosecurity Magazine
Ransomware Gangs Adopting Business-like Practices to Boost Profits – Source: www.infosecurity-magazine.com
Ransomware Gangs Adopting Business-like Practices to Boost Profits – Source: www.infosecurity-magazine.com
SecurityAffairs.com
Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals – Source: securityaffairs.com
Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals – Source: securityaffairs.com
SecurityAffairs.com
New Go-written GobRAT RAT targets Linux Routers in Japan – Source: securityaffairs.com
New Go-written GobRAT RAT targets Linux Routers in Japan – Source: securityaffairs.com
SecurityAffairs.com
Researchers analyzed the PREDATOR spyware and its loader Alien – Source: securityaffairs.com
Researchers analyzed the PREDATOR spyware and its loader Alien – Source: securityaffairs.com
Cyber Talk
Prevention-first: Protecting cities from ransomware – Source: www.cybertalk.org
Prevention-first: Protecting cities from ransomware – Source: www.cybertalk.org
SecurityAffairs.com
Industrial automation giant ABB disclosed data breach after ransomware attack – Source: securityaffairs.com
Industrial automation giant ABB disclosed data breach after ransomware attack – Source: securityaffairs.com
SecurityAffairs.com
New Bandit Stealer targets web browsers and cryptocurrency wallets – Source: securityaffairs.com
New Bandit Stealer targets web browsers and cryptocurrency wallets – Source: securityaffairs.com
The Hacker News
Data Stealing Malware Discovered in Popular Android Screen Recorder App – Source:thehackernews.com
Data Stealing Malware Discovered in Popular Android Screen Recorder App – Source:thehackernews.com
The Hacker News
Legion Malware Upgraded to Target SSH Servers and AWS Credentials – Source:thehackernews.com
Legion Malware Upgraded to Target SSH Servers and AWS Credentials – Source:thehackernews.com
The Hacker News
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East – Source:thehackernews.com
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East – Source:thehackernews.com
The Register Security
BlackByte ransomware crew lists city of Augusta after cyber ‘incident’ – Source: go.theregister.com
BlackByte ransomware crew lists city of Augusta after cyber ‘incident’ – Source: go.theregister.com
threatpost
Watering Hole Attacks Push ScanBox Keylogger – Source: threatpost.com
Watering Hole Attacks Push ScanBox Keylogger – Source: threatpost.com
threatpost
Ransomware Attacks are on the Rise – Source: threatpost.com
Ransomware Attacks are on the Rise – Source: threatpost.com
threatpost
Fake Reservation Links Prey on Weary Travelers – Source: threatpost.com
Fake Reservation Links Prey on Weary Travelers – Source: threatpost.com
The Hacker News
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids – Source:thehackernews.com
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids – Source:thehackernews.com
The Hacker News
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code – Source:thehackernews.com
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code – Source:thehackernews.com
SecurityAffairs.com
Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition – Source: securityaffairs.com
Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition – Source: securityaffairs.com