Beyond the kill chain: What cybercriminals do with their money (Part 1)
Sophos X-Ops investigates what financially motivated threat actors invest their ill-gotten profits in, once the dust has settled
Similar Posts
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Bys sFirefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights necessary to operate Firefox. This includes processing…
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Bys sA new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. “Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined…
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
Bys sA China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. “The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding,…
Lawsuit: Pharmacist used spyware on UMMS computers to watch women, gain personal information
Bys sFor your reminder of the insider threat for this week, Tolly Taylor reports: A Maryland pharmacist is accused of installing spyware on 400 computers over eight years to watch women at the hospital or in their homes, a lawsuit alleges. Six women filed a civil lawsuit on Thursday against the University of Maryland Medical System,…
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures
Bys sGabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
Bys sThe China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023. “The threat actor mainly targets the SQL injection vulnerabilities discovered on web applications to access the SQL servers of…