https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/ All about electronics and circuit design Wed, 22 Apr 2026 08:40:06 +0000 hourly 1 http://wordpress.org/?v=3.9.14 https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-8/#comment-1802252 Fri, 05 May 2023 07:01:21 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802252 Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html
“A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity.”

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-8/#comment-1802048 Tue, 02 May 2023 12:09:55 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802048 Rapture, a Ransomware Family With Similarities to Paradise https://www.trendmicro.com/en_us/research/23/d/rapture-a-ransomware-family-with-similarities-to-paradise.html
In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attack

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802047 Tue, 02 May 2023 12:09:35 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802047 The Week in Ransomware – April 28th 2023 – Clop at it again https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-28th-2023-clop-at-it-again/
It has been a very quiet week for ransomware news, with only a few reports released and not much info about cyberattacks. However, an item of interest was Microsoft linking the recent PaperCut server attacks on the Clop and LockBit ransomware operation. Clop claims to have started exploiting PaperCut servers on April 13th, the same day Microsoft began seeing active exploitation of the vulnerabilities

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802046 Tue, 02 May 2023 12:09:09 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802046 Mac malware-for-hire steals passwords and cryptocoins, sends crime logs via Telegram https://nakedsecurity.sophos.com/2023/04/30/mac-malware-for-hire-steals-passwords-and-cryptocoins-sends-crime-logs-via-telegram/
Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this service (and in this context, we dont mean that word in any sort of positive sense!) is that it was specifically built to help would-be cyber criminals target Mac users. The malware peddlers’ focus on Apple fans was clearly reflected in the name they gave their “product”:
Atomic macOS Stealer, or AMOS for short

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802040 Tue, 02 May 2023 12:04:53 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802040 APT groups working together to expand operations, target more industries https://www.scmagazine.com/news/threat-intelligence/apt-groups-working-together-to-expand-operations-target-more-industries
“Long-established threat groups appear to be cozying up to each other as a means of expanding their operations in the face of fresh competition from new APT players. [Kaspersky] says APT actors, old and new, have been busy updating their toolsets and expanding their attack vectors, both in terms of geographical location and target industries.” Source:
https://securelist.com/apt-trends-report-q1-2023/109581/

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802039 Tue, 02 May 2023 12:04:30 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802039 The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed https://www.wired.com/story/solarwinds-hack-public-disclosure/
“In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.”

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802038 Tue, 02 May 2023 12:00:56 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802038 Major UK banks including Lloyds, Halifax, TSB hit by outages https://www.bleepingcomputer.com/news/technology/major-uk-banks-including-lloyds-halifax-tsb-hit-by-outages/
“Websites and mobile apps of Lloyds Bank, Halifax, TSB Bank, and Bank of Scotland have experienced web and mobile app outages today leaving customers unable to access their account balances and information.
Lloyds Banking Group is the parent company behind household names including Lloyds Bank, Halifax, Bank of Scotland, and has former links to TSB. As such, it wouldn’t be surprising if the information systems of these banks relied on much of the same server infrastructure, as evident from visual and operational similarities between these websites.”

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802033 Tue, 02 May 2023 11:53:16 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802033 Many Public Salesforce Sites are Leaking Private Data https://krebsonsecurity.com/2023/04/many-public-salesforce-sites-are-leaking-private-data/
A shocking number of organizations including banks and healthcare providers are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802032 Tue, 02 May 2023 11:52:56 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802032 Google wins court order to force ISPs to filter botnet traffic https://nakedsecurity.sophos.com/2023/04/28/google-wins-court-order-to-force-isps-to-filter-botnet-traffic/
A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Google said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and “decelerate” its growth

]]> https://www.epanorama.net/blog/2023/04/01/cyber-security-news-april-2023/comment-page-7/#comment-1802031 Tue, 02 May 2023 11:52:00 +0000 http://www.epanorama.net/newepa/?p=193610#comment-1802031 Magecart threat actor rolls out convincing modal forms https://www.malwarebytes.com/blog/threat-intelligence/2023/04/kritec-art
To ensnare new victims, criminals will often devise schemes that attempt to look as realistic as possible. Having said that, it is not every day that we see the fraudulent copy exceed the original piece.
While following up on an ongoing Magecart credit card skimmer campaign, we were almost fooled by a payment form that looked so well done we thought it was real. The threat actor used original logos from the compromised store and customized a web element known as a modal to perfectly hijack the checkout page. While the technique to insert frames or layers is not new, the remarkable thing here is that the skimmer looks more authentic than the original payment page. We were able to observe several more compromised sites with the same pattern of using a custom-made and fraudulent modal

]]>