CyberSecurityBoard
Sponsor Register Login

Gorgon Group

Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in the United Kingdom, Spain, Russia, and the United States.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to Gorgon Group

Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 month ago Securelist.com
Gorgon Group - Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in ...
11 months ago Attack.mitre.org
security and privacy in Facebook groups - Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by ...
10 months ago Securityboulevard.com
NCC Group records the most ransomware victims ever in 2023 - While coordinated law enforcement action and government initiatives helped in the fight against ransomware last year, NCC Group still recorded an 84% increase in attacks during 2023. The report included data from NCC Group's Cyber Incident Response ...
9 months ago Techtarget.com
Imperva Detects Undocumented 8220 Gang Activities - Imperva Threat Research has detected previously undocumented activity from the 8220 gang, which is known for the mass deployment of malware using a variety of continuously evolving TTPs. This threat actor has been known to target both Windows and ...
11 months ago Imperva.com
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
10 months ago Go.theregister.com
Russia hacking: 'FSB in years-long cyber attacks on UK', says government - The UK is accusing Russia's Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life. The government said one group stole data through cyber-attacks, which was later made public, including ...
11 months ago Bbc.com
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
10 months ago Theregister.com
Cypher Queries in BloodHound Enterprise - Our first use case is identifying Domain Trusts that exist within an environment. Our specific query here, Map Domain Trusts can be selected which automatically populates the search window with the built-in query. Selecting Search will then return a ...
10 months ago Securityboulevard.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
1 year ago Csoonline.com
CVE-2024-26773 - In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to ...
7 months ago Tenable.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
11 months ago Darkreading.com
CVE-2022-21677 - Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's ...
2 years ago
CVE-2024-35807 - In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 ...
6 months ago Tenable.com
Ransomed.vc shuts after apparent failure to sell operation The Register - Vc claims to have shut down for good after a number of suspected arrests. The announcement comes just weeks after the group announced it planned to sell the operation to "Someone that can be verified or is already verified as a trusted person." Two ...
11 months ago Theregister.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
11 months ago Securityboulevard.com
Cobalt Group - Cobalt Group is a financially motivated threat group that has primarily targeted financial institutions since at least 2016. The group has conducted intrusions to steal money via targeting ATM systems, card processing, payment systems and SWIFT ...
11 months ago Attack.mitre.org
Best of 2023: Watching a Crypto Investment Scam WhatsApp Group - As we close out 2023, we at Security Boulevard wanted to highlight the most popular articles of the year. Following is the latest in our series of the Best of 2023. This week, I started getting added to WhatsApp Crypto Investment Scams. I thought I'd ...
10 months ago Securityboulevard.com
Feds Disrupt Botnet Used by Russian APT28 Hackers - Federal law enforcement kicked Russian state hackers off a botnet comprising at least hundreds of home office and small office routers that had been pulled together by a cybercriminal group and co-opted by the state-sponsored spies. APT28, an ...
9 months ago Securityboulevard.com
Europol shutters ransomware operation with kingpin arrests The Register - International law enforcement investigators have made a number of high-profile arrests after tracking a major cybercrime group for more than four years. A joint investigation team, spearheaded by French authorities, formed in 2019 to bring down a ...
11 months ago Theregister.com
Ransomware Mastermind Uncovered After Oversharing on Dark Web - When researchers responded to an ad to join up with a ransomware-as-a-service operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five ...
11 months ago Darkreading.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
10 months ago Securityboulevard.com
E80 Group secures its AGVs with Cisco industrial solutions and Italtel system integration - These are the conditions for which E80 Group, an Italian multinational, based in Viano, Italy, builds its autonomous and laser guided vehicles that can move around a facility, transport materials, and interact with other machines and systems in ...
5 months ago Feedpress.me
CVE-2021-21411 - OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the ...
3 years ago
Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
11 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)