Beyond the kill chain: What cybercriminals do with their money (Part 3)
In the third of our five-part series, Sophos X-Ops explores the more legally and ethically dubious business interests of financially motivated threat actors
Similar Posts
Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft
Bys sCybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login…
Four-Faith Industrial Router Vulnerability Exploited in Attacks
Threat actors are exploiting a command injection vulnerability in Four-Faith industrial routers to deploy a reverse shell. The post Four-Faith Industrial Router Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
Bys sA threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has…
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Bys sCybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace. The malware, disguised as a “PDF Update” to a document viewer app, has been caught serving a deceptive overlay when users attempt to access…
The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services
Bys sIntroduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance requirements. At the same time, clients want better protection without managing cybersecurity themselves. Service providers must balance these growing demands with the
$285 Million Drift Protocol Exploit Shows Signs of North Korea-Linked Hackers
Bys sAbdelaziz Fathi reports: Blockchain analytics firm Elliptic said the $285 million exploit of Solana-based Drift Protocol shows multiple indicators associated with North Korea’s state-sponsored hacking groups. The firm’s assessment is based on onchain behavior, laundering patterns, and network-level signals that align with previous incidents attributed to DPRK-linked actors. The attack is the largest crypto exploit……