GOLD SALEM tradecraft for deploying Warlock ransomware
Analysis of the tradecraft evolution across 6 months and 11 incidents
Similar Posts
A Brief Reminder About the Florida Information Protection Act
Bys sJoseph Lazzarotti of JacksonLewis writes: According to one survey, Florida is fourth on the list of states with the most reported data breaches. No doubt, data breaches continue to be a significant risk for all business, large and small, across the U.S., including the Sunshine State. Perhaps more troubling is that class action litigation is more…
Thai hospital fined 1.2 million baht for data breach via snack bags
Bys sBright Choomanee reports: A significant private hospital in Thailand has been penalised with a fine of 1.2 million baht after patient paper records were discovered being repurposed as snack bags, as reported by the nation’s data protection authority. This incident was one of five major cases announced on August 1 by the Personal Data Protection Committee (PDPC), which also included penalties for data law…
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Bys sCybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. “Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest
RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains
Bys sMicrosoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024. “Using a court order granted by the Southern…
Discord Confirms 70,000 Government IDs Exposed in Third-Party Breach
Bys sDivya reports: The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for age verification. Threat actors claim to have exfiltrated 1.5 terabytes of sensitive information, including over 2.1 million government-issued identification photos. However, Discord disputes these figures, stating that……
Several Chrome Extensions Compromised in Supply Chain Attack
Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users. The post Several Chrome Extensions Compromised in Supply Chain Attack appeared first on SecurityWeek.