CSO
FBI warns Black Basta ransomware impacted over 500 organizations worldwide
CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting.
CSO
CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting.
Ars Technica
Threat group has targeted 500 organizations. One is currently struggling to cope.
SecurityWeek
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
The Cyber Express
The Medusa ransomware group has demanded $3.5 million from the Chemring Group on their leak site, along with a looming
Security Affairs
MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence.
SecurityWeek
MITRE has shared more details on the recent hack, including the new malware and a timeline of the attacker’s activities.
CSO
Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers.
Cyber Security News
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Cyber Security News
Cybersecurity communities are on high alert as threat actors have begun selling RDP access on various underground hacker forums.
SC Magazine
UnitedHealth Group’s CEO Andrew Witty set to testify before Congress tomorrow – security pros say there’s more to the story and it will take several more months of investigation before we know the full kill chain.
The DFIR Report
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
The Cyber Express
The infamous Everest ransomware group has struck again, this time targeting Les Miroirs St-Antoine Inc., a longstanding company based in
Cyber Security News
Hackers primarily use ransomware to gain financially from their victims, by blackmailing them for payments to recover their encrypted files
Bleeping Computer
A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan.
DarkReading
The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months.
Security Affairs
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments.
The Cyber Express
The Akira ransomware group has been identified as the culprit behind a series of cyberattacks targeting businesses and critical infrastructure
SecurityWeek
Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments.
Infosecurity News
A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024
The Hacker News
Akira Ransomware group has already extorted roughly $42 million from over 250 victims globally. They are now targeting both Windows and Linux systems.
SC Magazine
despite a pause in the rise of ransomware, organizations are failing to take the steps necessary to adequately defend themselves against the increase in attacks to come.
Bleeping Computer
Cybersecurity firms commonly sell "dark web monitoring" packages, with firms having slighly different features. Learn from Flare about the different dark web monitoring packages and the value they bring to your organization.
SC Magazine
While a longstanding method, the scale and systematic execution of the attacks signify an escalation, security pros said.
Cyber Security News
The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.
Bleeping Computer
Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials.
Bleeping Computer
Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user.
Cyber Security News
Google has unveiled a significant upgrade to its enterprise browsing capabilities with the launch of Chrome Enterprise Premium.
Infosecurity News
Sophos reveals “unprecedented” levels of RDP compromise in ransomware attacks in 2023
SecurityWeek
Major Linux distributions have been impacted by a supply chain attack involving backdoored versions of the XZ Utils data compression library.
The Hacker News
Traditional defense tactics don't always apply to cyber warfare. With EventSentry, bolster your network's defense with prevention, detection, and ongo
The DFIR Report
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
Cyber Security News
Wireshark remains the go-to choice for both professionals and enthusiasts due to its unmatched capabilities in packet capturing and analysis.
The Hacker News
Moldovan national gets 3+ years in US prison for running E-Root Marketplace, a massive platform selling stolen login details.
SecurityWeek
Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.
Bleeping Computer
Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide.
The Cyber Express
A dark web actor is reportedly selling access to an Indonesian energy company, believed to be the same threat actor
The Cyber Express
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive
HACKRead
Network equipment giant Cisco has addressed security flaws impacting its Secure Client enterprise VPN application and endpoint security solutions.
HACKRead
In June 2023, Xplain, a Swiss IT services provider, fell victim to a cyberattack claimed by the Play ransomware group.
Infosecurity News
Sensitive data from Switzerland government departments were leaked by the Play ransomware group after an attack on Xplain, including classified documents and log in credentials
Cyber Security News
The FBI, CISA, and MS-ISAC are urging critical infrastructure organizations to be vigilant against Phobos ransomware.
Cyber Security News
Best AWS Network Access Security : 1. Perimeter 81 2. Amazon Web Services (AWS) Security 3. Palo Alto Networks 4. Fortinet 5. CheckPoint.
The Hacker News
U.S. agencies warn of Phobos ransomware attacks targeting vital sectors. Millions in ransom already paid.
Security Affairs
CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024
SecurityWeek
US government agencies warn of Backmydata, Devos, Eight, Elking, and Faust ransomware attacks connected to Phobos.
DarkReading
Threat actors using the malware have infected systems within government, healthcare, and other critical infrastructure organizations since at least 2019.
The Cyber Wire
Comprehensive guide on mitigating Phobos ransomware threats, issued by the FBI, CISA, and MS-ISAC. This advisory unpacks the tactics, techniques, and procedures (TTPs) of the Phobos ransomware, operating under a Ransomware-as-a-Service (RaaS) model, targeting critical infrastructures since May 2019. Learn about effective strategies to secure RDP ports, remediate vulnerabilities, and implement EDR solutions to safeguard against this evolving cyber threat.
Cyber Security News
Hackers poison the SEO results to manipulate search engine rankings by misdirecting users to malicious sites.
Cyber Security News
Authorities have successfully dismantled a ransomware group known as SugarLocker, which has been responsible for a series of global
The DFIR Report
Key Takeaways More information about Gootloader can be found in the following reports: The DFIR Report, GootloaderSites, Mandiant, Red Canary, & Kroll. An audio version of this report can be … Read More
The Record
The arrest announcement coincides with an international operation against the ransomware gang Lockbit, suggesting the move could be an attempt at PR by the Russian government.
The Cyber Express
In an unusual turn of events within the waters of the dark web, the Federal Bureau of Investigation (FBI) found
The Cyber Express
A group identifying themselves as RansomedVC has emerged on the dark web, claiming to possess access to an Australian women's
DarkReading
Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered.
SecurityWeek
Marsh says by adopting its recommended controls, 14% of its customers enjoyed lower cyber insurance premiums in the past year.
SecurityWeek
Romanian hospitals turn to pen and paper after ransomware attack on centralized healthcare management system.
The Cyber Express
A hacker, cloaked in anonymity, asserted that they had illicitly obtained Remote Desktop Protocol (RDP) access to a prominent Chinese
Security Affairs
US Gov offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group
Cyber Security News
A devastating ransomware attack by Lockbit recently targeted the charming city of Calvià in Majorca, Spain, which is well-known for its tourism appeal.
The DFIR Report
Key Takeaways In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol (RDP) host, leading to data exfiltration and the deployment of Trigona ransomware. On … Read More
The Hacker News
Kasseika, the latest ransomware kid on the block, is using a sneaky trick called BYOVD to disarm your defenses before encrypting your files! It even
The Cyber Express
The BianLian ransomware group has claimed three new victims, adding them to their dark web portal. The targeted organizations include
Bleeping Computer
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang.
Security Affairs
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to Known Exploited Vulnerabilities catalog
Trend Micro
The overlooked vulnerability with real impacts
Security Affairs
Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances
CSO
A few older versions of NetScaler ADC and NetScaler Gateway have bugs allowing RCE and DoS attacks.
Bleeping Computer
Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities.
The Cyber Express
Republic Shipping Consolidators, a prominent logistics company, finds itself entangled in the web of a cyberattack orchestrated by the notorious
SecurityWeek
Netscout sees over one million IPs conducting reconnaissance scanning on the web due to increase in use of cheap or free cloud servers.
Ars Technica
Organizations using Ivanti Connect Secure should take action at once.
DarkReading
A second, easy-to-exploit critical security vulnerability in Microsoft's first 2024 Patch Tuesday allows RCE within Hyper-Virtualization.
The Hacker News
Explore how Zero Trust Security can minimize your attack surface and safeguard against sophisticated attacks.
Security Affairs
A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500.
Cyber Security News
Here we are elaborating the tactics, techniques, and procedures (TTPs) attackers are leveraging to compromise active directory and guidance
Cyber Security News
Top 10 Notorious Ransomware Gangs of 2023. LockBit. Alphv/Black. Cat. Clop. Royal. Black Byte. Black Basta. Ragnar Locker. Vice Society.
The Cyber Express
In a recent development on an underground forum, a user is actively promoting the sale of Zeppelin2 ransomware, offering both
The Cyber Express
The notorious BianLian ransomware group has targeted MOOver, claiming to have gained access to a staggering 1.1 terabytes of the
Cyber Security News
Hackers use weaponized LNK files to exploit vulnerabilities in Windows operating systems. These files often contain malicious code.
Cyber Security News
Peach Sandstorm, an Iranian Hackers group, targets diverse sectors globally, and this group is linked to APT33, Elfin, Refined Kitten.
Bleeping Computer
Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide.
The Cyber Express
The notorious BianLian ransomware group has expanded its list of victims, adding the name of Air Sino-Euro Associates (ASA Holidays).
Cyber Security News
The Play ransomware group, also going by the name Playcrypt, has been affecting several kinds of enterprises as well as vital infrastructure.
Infosecurity News
A joint advisory by US and Australian government agencies urges organizations to protect themselves against Play group’s tactics
SecurityWeek
US and Australian government agencies warn organizations of the Play ransomware group’s double-extortion tactics.
Cyber Security News
The Cyber-Extortion Trinity—the BianLian, White Rabbit, and Mario ransomware gangs—was observed by researchers working together to launch a joint extortion campaign against publicly traded financial services companies.
Infosecurity News
The group was second behind only LockBit in attacks targeting North America and Europe between January 2022 and October 2023
Infosecurity News
RDP is singled out as insurer Coalition records 17 million cyber-attacks per day in the UK in 2023
The Cyber Express
Infamous Medusa ransomware group has allegedly targeted and breached the data of a Florida, US based national specialty pharmacy chain
Bleeping Computer
The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion.
Cyber Security News
Cybersecurity researchers at Zerofox recently discovered OLVX (olvx[.]cc) found to be advertising a wide variety of hacking tools for illicit activities.
Security Affairs
French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang.
Cyber Security News
Hackers target 7ZIP due to its widespread use and popularity, making it a lucrative vector for spreading malware.
The Hacker News
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
The Cyber Express
In a recent turn of events, the dark web has once again become a hub of speculation, with alleged unauthorized
The Record
Hackers are using malware distributed through online advertisements to infect victims with Cactus ransomware, according to new research.
Security Affairs
Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware....
The Hacker News
Microsoft Warns of New CACTUS Ransomware Threat. Malvertising used to deploy DanaBot as initial access. Learn more about this evolving cyber threat.
Bleeping Computer
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.
CyberNews
Hacktivism and its lesser-known impacts on mental health
Loading more articles....