Category: Cybercrime

HomeCybercrime

The Silent Heist: Cybercriminals Use Information Stealer Malware to Compromise Corporate Networks Advisory

The use of info stealers by cybercriminals presents a threat to the security and wellbeing of Australian organisations. Info stealer infections commonly present as precursor activity to major cyber security incidents, as cybercriminals use them to gather user credentials. These...

Continue Reading  

Most Dangerous Software Vulnerabilities – 2023 CWE

The spectre of cybercrime is spreading fast and has engulfed scores of businesses across industries and geography. The statistics are worrisome. In 2023 alone, about 33 billion accounts are expected to be breached. It means 97 cybercrime victims per hour...

Continue Reading  

Breaching Networks Using Data on Resold Corporate Routers

In an era when everything is supposedly connected digitally, can threat actors in the form of cybercriminals be far away? Remember, no digital device is useless for hackers, as they can pry it open to unearth data. Similar is the...

Continue Reading  

Log4j vulnerability: what should boards be asking?

Background The Log4Shell critical vulnerability in the widely used logging tool Log4j has caused concern beyond the cyber security community. This is because Log4j - rather than being a single piece of software - is a software component that’s used by millions of computers worldwide running online services....

Continue Reading  

Apache Log4j Vulnerability Guidance

Background Apache Log4j2 is a ubiquitous library used by millions for Java applications; the library is part of the Apache Software Foundation’s Apache Logging Services project. The vulnerability CVE-2021-44228, disclosed on December 9, 2021, allows for remote code execution against...

Continue Reading  

Alert (AA21-291A) BlackMatter Ransomware : The Dark Side Returns

Background BlackMatter is a new ransomware threat discovered at the end of July 2021. BlackMatter is ransomware-as-a-service (Raas) tool that allows  the ransomware's developers to profit from cybercriminal affiliates (i.e., BlackMatter actors) who deploy it against victims. This malware started...

Continue Reading  

FoggyWeb: SolarWinds Hackers Access Microsoft AD Servers

Background The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. Nobelium, which operates from Russia, is the name given to the threat actor behind...

Continue Reading  

Kaseya Ransomware Attack- 2

In the previous installation, we delved into the history of the primary victim, Kaseya and the bad actors, REvil. From previous exploits to the final and most devastating one, REvil is and will continue to be a force to reckon...

Continue Reading  

Kaseya Ransomware Attack – 1

In 2019, Cybernetic Global Intelligence had warned about REvil. Refer to our previous blog on GandCrab ransomware: Is it back under a new REvil guise? The fourth of July celebrations in America this year were slightly different for around 1500 organizations...

Continue Reading  

Infamous Ransom Hacker Gang REvil/Sodin Claim Responsibility for Cyber Attack Against UnitingCare.

Hackers declaring culpability for a cyber-attack on care provider UnitingCare Queensland have been confirmed as one of the largest and far-reaching cyber ransom groups in the world. Hospitals in Australia and New Zealand have fallen victim to a huge cyber...

Continue Reading