Ransomware: casos recientes de extorsión y filtración de datos
Los grupos de ransomware añadieron la exfiltración de datos al juego del cifrado en torno a 2020. Rastreamos los leak site activos, las familias que atacan a pymes suizas y europeas, y la checklist de respuesta a incidentes que Mythos ejecuta contra los nuevos indicadores divulgados.
Cybercriminals are exploiting trust in video conferencing platforms by sending fake Zoom invitations that prompt victims to download a supposed "required update." In reality, the installer delivers...
Kaspersky researchers have uncovered dozens of malicious wallpapers circulating on Steam Workshop, distributed via the popular Wallpaper Engine app. Attackers, mainly targeting gamers in China and...
A phishing email carrying an attachment that looks like a PDF actually drops a malicious Chrome extension designed to steal browser session cookies and take over your logged-in accounts — even those...
Operation Endgame dismantled the SocGholish (FakeUpdates) framework, which hijacked ~15,000 legitimate WordPress sites to serve convincing fake browser and software update prompts to everyday...
Summary : Cybercriminals are sending fake voicemail notifications by email, spoofing Microsoft branding to either harvest Office 365 / Outlook login credentials on phishing pages or trick victims...
Researchers have discovered a publicly exposed database containing roughly 24 billion stolen credential records, gathered from 36 sources including infostealer logs, Telegram channels, and prior...
Attackers are disguising Windows malware as legitimate retro-console homebrew plugins on GitHub, preying on the trust built inside modding communities. A fake project called EQVita mimicked a real PS...
The Canadian Anti-Fraud Centre (CAFC) maintains a navigational catalog of fraud types that commonly target individuals across Canada. The list spans dozens of categories — from phishing, romance...
Job seekers are increasingly being targeted by cybercriminals who exploit the urgency and emotional vulnerability of a job hunt. Attackers use phishing emails, classic advance-fee scams, and...
The FTC is warning about a phishing scam disguised as a familiar CAPTCHA verification popup. Real CAPTCHAs ask you to type distorted letters or pick images of traffic lights and fire hydrants. Fake...
Fake Banking App Updates Hide NFCShare Malware A new wave of NFCShare Android malware is being distributed through repositories on GitHub that impersonate updates for legitimate banking apps....
SMEs increasingly targeted by phishing, ransomware and social engineering Cyber attacks are no longer a problem exclusive to large corporations. Small and medium-sized enterprises (SMEs) are now...
The Canadian Anti-Fraud Centre publishes a comprehensive A-Z index cataloguing the fraud patterns currently affecting Canadian consumers, businesses and seniors. It groups scams by family such as...
Data breach alert scams: how to spot fake notification emails With billions of breach notifications sent every year, scammers now exploit the noise by sending fake breach alerts to panic victims into...
The Canadian Anti-Fraud Centre has published a navigational index of the most common fraud categories targeting businesses and organizations. The list spans threats such as business executive spoofs...
Threat actor DriveSurge has compromised thousands of legitimate, high-reputation websites and is silently redirecting visitors to malware payloads via two well-known social-engineering lures:...
After ransomware encrypts an SMB's systems, a 'negotiator' contacts the company claiming they can reduce ransom 60-80% and handle BTC payment. Takes upfront 'service fee' + the ransom into their...
After ransomware encryption, attackers post sample of stolen records on dark-web leak site (LockBit, Akira, Black Basta, Hunters International) and email victims of the breach demanding...