August 2024 – Page 15

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints.
The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report.
The attack, detected in July

Degraded Performance Issue Sparks Concern Among CrowdStrike Customers

CrowdStrike has addressed a cloud service issue causing degraded performance and boot times for some of its customers.

The post Degraded Performance Issue Sparks Concern Among CrowdStrike Customers appeared first on SecurityWeek.

FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit

Audit finds weaknesses in FBI’s inventory management and disposition procedures for drives containing sensitive information.

The post FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit appeared first on SecurityWeek.

Russian Member of Karakurt Cyber Extortion Gang Charged in US

Deniss Zolotarjovs was charged in a US court for extorting victims and laundering cryptocurrency as part of the Karakurt cyber extortion group.

The post Russian Member of Karakurt Cyber Extortion Gang Charged in US appeared first on SecurityWeek.

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability.

The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek.

New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data

Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system.
Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. It’s capable of

Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021.
Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to

Month: August 2024