Catalin Cimpanu reports: MagBo, a shadowy online marketplace where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018. Two years later, the MagBo portal has grown more than 14 times in…
Category: Commentaries and Analyses
New Ramsay malware can steal sensitive documents from air-gapped networks
Catalin Cimpanu reports: Researchers from cyber-security firm ESET announced today that they discovered a never-before-seen malware framework with advanced capabilities that are rarely seen today. Named Ramsay, ESET says this malware toolkit appears to have been designed to infect air-gapped computers, collect Word and other sensitive documents in a hidden storage container, and then wait…
Maze Team under the spotlight
Maze has seemingly done such a good job getting media attention that we’re also seeing more analyses of their methods. This week, check out this report from FireEye: Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents and this report from Sophos: Maze ransomware: extorting victims for 1 year and counting In…
Managed Service Providers Face Threats From Hackers and Clients
James Rundle reports: With wide-ranging client bases and trusted access to their computer systems, managed service providers are attractive targets for hackers seeking to ransom data or steal information. But they also face threats from their clients, who may have had patchy security in place for years. It only took a few months for Clear…
Attorney General James Secures New Protections, Security Safeguards for All Zoom Users
New York State’s Attorney General has dropped her suit against Zoom after securing an agreement to implement security and privacy controls that address concerns that became apparent after the increased use of Zoom for distance learning and working from home. For all their flaws or vulnerabilities, you have to be somewhat impressed how quickly the…
Shiny Hunters’ bursts onto dark web scene following breaches, Microsoft data theft claims
Bradley Barth reports: A malicious actor known as Shiny Hunters has emerged as a serious dark web player following a spate of high-profile breaches, and now the hacker or hackers is claiming to have stolen data from Microsoft’s private GitHub repositories and is threatening to release the code for free. According to researchers from ZeroFOX Alpha Team,…