Cybercrime & Digital Threats

Trickbot's password-grabbing module has been upgraded again, this time appearing to target OpenSSH and OpenVPN data.

A new botnet is being spread among Linux-based servers running the system configuration tool Webmin.

The official Monero site was found compromised after discovering a coin stealer malware in the CLI wallet that is available for download in the site. Evidence showed that the downloadable wallets were tampered with to contain the malware.

The AnteFrigus ransomware is delivered via a malvertising campaign to lure victims to the RIG exploit kit server, while the PureLocker ransomware, has been observed to launch targeted attacks against enterprise production servers.

YouTube videos were being used in a scam to deliver an information-stealing Trojan called Predator the Thief.

Another company has disclosed that that they were hit by a ransomware attack, this time involving the encryption of the customer data of SmarterASP.net, a popular hosting service provider for ASP.NET.

An Android bug allows threat actors to transfer a malicious application to a nearby Near Field Communication (NFC)-enabled device via the Android Beam.

Ransomware made headlines again, starting with a campaign that hit companies in Spain, including Cadena SER, the country’s largest radio network. In another part of the globe, threat actors managed to infect government systems in Nunavut.

Almost 4,000 domains and 62 phishing kit variants used to target Microsoft users were uncovered within an observation window of 262 days, according to new report.