brangberg – Page 588

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month.
The activity, observed by GreyNoise on May 8, 2025, involved as many as 251 malicious IP addresses that are all geolocated to Japan and hosted by Amazon.
“These IPs triggered 75 distinct behaviors, including CVE exploits,

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone.
The company said the App Store is confronted by a wide range of threats that seek to defraud users in various ways, ranging from “deceptive apps designed to steal personal information to fraudulent payment schemes that attempt to exploit

DragonForce ransomware abuses MSP’s SimpleHelp RMM to encrypt customers

The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers’ systems. […]

DragonForce ransomware abuses SimpleHelp in MSP supply chain attack

Zscaler to Acquire MDR Specialist Red Canary

Zscaler signals a big push into the security-operations market with the announcement of plans to buy Denver-based Red Canary.

The post Zscaler to Acquire MDR Specialist Red Canary appeared first on SecurityWeek.

Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years

An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S. cities and organizations in an attempt to extort millions of dollars over a five-year span. […]

Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack

Sina Gholinejad pleaded guilty to computer-fraud and wire-fraud-conspiracy charges linked to the Robbinhood ransomware hit on Baltimore.

The post Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack appeared first on SecurityWeek.

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.
The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.
Kaspersky said it observed an unidentified threat

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider.

The post DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities appeared first on SecurityWeek.

Russian Government Hackers Caught Buying Passwords from Cybercriminals

Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks.

The post Russian Government Hackers Caught Buying Passwords from Cybercriminals appeared first on SecurityWeek.

Author: brangberg