Geek-Guy.com

Tag: groups

Cybersecurity, Global Security News

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security

Two new extortion crews are speedrunning the Scattered Spider playbook

A pair of persistent and problematic threat groups affiliated with The Com are actively targeting organizations across multiple critical infrastructure sectors for rapid data theft and extortion attacks, according to CrowdStrike. The financially-motivated attackers, which CrowdStrike tracks as Cordial Spider and Snarky Spider, have used voice-phishing and social engineering attacks to break into victims’ identity…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Russia

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across…

Read more →

AI, china, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security

China-Linked groups target Southeast Asian government with advanced malware in 2025

China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-linked threat clusters targeted a Southeast Asian government in a complex, well-funded cyber operation. Threat actors deployed numerous malware types, including HIUPAN, PUBLOAD, EggStremeFuel/Loader, MASOL RAT, PoshRAT, TrackBak Stealer, Hypnosis Loader, and FluffyGh0st, showing…

Read more →

AI, Global Security News, Network Security, Russia

Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months

A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested in Italy and extradited to the United States where he pleaded guilty. According to prosecutors, Volkov was an initial…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, malware, Russia

FBI: Iranian hackers targeting opponents with Telegram malware

Iranian government-connected groups are deploying malware via the Telegram messaging app, taking aim at dissidents and other opponents of Tehran around the world, the FBI said in an alert Friday. The FBI said attackers linked to the Ministry of Intelligence and Security are behind the campaign, which stretches back to 2023. The bureau is escalating…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared

One of the world’s most active ransomware groups, Interlock, started exploiting a critical-rated Cisco firewall vulnerability as a zero day weeks before it was patched in early March, Amazon has revealed. The vulnerability in question is CVE-2026-20131, a remotely exploitable deserialization flaw in Cisco Secure Firewall Management Center (FMC) Software which was given a maximum…

Read more →

AI, Apps, Global Security News, Risk Management

Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI

North Korean threat groups are using artificial intelligence tools to accelerate and expand the country’s long-running scheme to get remote technical workers hired at global companies for longer durations, Microsoft Threat Intelligence said in a report Friday.  AI services are empowering North Korean operatives across the attack lifecycle. Attackers have turned AI into a “force…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

State-affiliated hackers set up for critical OT attacks that operators may not detect

Several state-linked threat groups known for breaking into operational technology (OT) networks have shifted their focus over the past year from gaining and maintaining access to actively mapping out ways to disrupt physical industrial processes. The shift poses a significant threat because fewer than one in 10 OT networks have monitoring in place to detect…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security

BYOVD Turns Trusted Drivers Against Windows Security

A growing number of great actor groups are quietly abusing legitimate Windows drivers to turn endpoint defenses against themselves.  Known as Bring Your Own Vulnerable Driver (BYOVD), the technique allows attackers to load a digitally signed but flawed driver and exploit it to gain full kernel-level access.  Attackers “… load a legitimate, digitally signed, but…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security

CrowdStrike says attackers are moving through networks in under 30 minutes

Cyberattacks reached victims faster and came from a wider range of threat groups than ever last year, CrowdStrike said in its annual global threat report released Tuesday, adding that cybercriminals and nation-states increasingly relied on predictable tactics to evade detection by exploiting trusted systems. The average breakout time — how long it took financially-motivated attackers…

Read more →

AI, Apps, Global Security News, Government & Policy, malware, Russia

Suspected Russian hackers deploy CANFAIL malware against Ukraine

A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional…

Read more →

AI, china, Global Security News, Russia

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG). The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking…

Read more →

AI, APT, china, Cybersecurity, Global Security News, Government & Policy, malware, Russia, Technology

Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycle 

A new report from Google found evidence that state-sponsored hacking groups have leveraged AI tool Gemini at nearly every stage of the cyber attack cycle. The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. John Hultquist, chief analyst…

Read more →

AI, Cybercrime, Endpoint, extortion, Global Security News, malware, Ransomware, Risk Management

0APT ransomware group rises swiftly with bluster, along with genuine threat of attack

Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded in truth backed by proven capabilities.

The post 0APT ransomware group rises swiftly with bluster, along with genuine threat of attack appeared first on CyberScoop.

Read more →