TRU Security

The Quantum and BlackCat ransomware gangs are now using the Emotet botnet to deploy their payloads. Emotet was first deployed as a banking trojan in 2014, and has since evolved into a network of compromised computers.

Researchers have identified new cyber-espionage activity focusing on government entities, state-owned aerospace and defense firms, telecom companies, and IT organizations in multiple Asian countries.

A new phishing campaign has seen attackers impersonate Microsoft in order to bait recipients into inadvertently exposing their account credentials. Victims are invited to add a message of condolence on an online memorial board "in memory of Her Majesty Queen Elizabeth II."

The backdoor known as SideWalk, or StageClient, has been observed in various attacks over the last year, mainly against academic targets in East and Southeast Asia. These attacks were mainly against Windows systems, but a new variant targeting Linux systems has been discovered with similar functionality.

Leading hospitality company InterContinental Hotels Group PLC (also known as IHG Hotels & Resorts) has been impacted by a cyberattack. The hotel group's APIs are down and showing 502 and 503 HTTP errors, while customers are unable to log into their accounts.

A new Instagram phishing campaign has been discovered, attempting to scam users of the popular social media platform by luring them with the offer of a coveted "blue badge" — official verification of the user's profile. As part of the alleged verification process, users are asked to reveal their password and other sensitive information, all of which is sent directly to the attacker.

Damart, a French clothing company with over 130 stores across the world, has been hit by the Hive ransomware gang. The attackers demand a ransom of $2 million but have opted to keep negotiations private for now.