After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks. The criminals are currently using …
Babuk ransomware is back, uses new version on corporate networks Read More »
FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet. Diavol and Conti ransomware payloads were deployed on different systems in a ransomware …
Trickbot cybercrime group linked to new Diavol ransomware Read More »
Russian state hackers compromised Denmark’s central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. The breach was part of the SolarWinds …
Russian hackers had months-long access to Denmark’s central bank Read More »
The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. With the enterprise moving to virtual machines for easier backups, device management, and efficient use of resources, …
REvil ransomware’s new Linux encryptor targets ESXi virtual machines Read More »
Ever since two prominent Russian-speaking cybercrime forums banned ransomware-related topics [1, 2], criminal operations have been forced to promote their service through alternative methods. At least two ransomware gangs in need of hackers to run …
Ransomware gangs now creating websites to recruit affiliates Read More »
Hackers are scanning for and actively exploiting a vulnerability in Cisco ASA devices after a PoC exploit was published on Twitter. This Cisco ASA vulnerability is cross-site scripting (XSS) vulnerability that is tracked as CVE-2020-3580. Cisco …
Cisco ASA vulnerability actively exploited after exploit released Read More »
An open-source application called WhyNotWin11 acts as a better drop-in replacement for Microsoft’s PC Health Check app to determine if your hardware is compatible with Windows 11. This week, Microsoft announced that the next version of Windows …
WhyNotWin11 is a better replacement for Windows 11’s PC Health Check Read More »
Microsoft says they have discovered new attacks conducted by the Russian state-sponsored Nobelium hacking group, including a hacked Microsoft support agent’s computer that exposed customer’s subscription information. Nobelium is Microsoft’s name for a state-sponsored hacking …
Nobelium hackers accessed Microsoft customer support tools Read More »
Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called “Netfilter,” is in fact a rootkit that was observed communicating with Chinese command-and-control (C2) IPs. G Data malware analyst Karsten Hahn first took …
Microsoft admits to signing rootkit malware in supply-chain fiasco Read More »
Mercedes-Benz USA has just disclosed a data breach impacting some of its customers. The company assessed 1.6 million customer records which included customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the …
Mercedes-Benz data breach exposes SSNs, credit card numbers Read More »
Bleeping Computer Western Digital My Book NAS owners worldwide found that their devices have been mysteriously factory reset and all of their files deleted. WD My Book is a network-attached storage device that looks like …
WD My Book NAS devices are being remotely wiped clean worldwide Read More »
Bleeping Computer South Korea’s ‘Korea Atomic Energy Research Institute’ disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability. The Korea Atomic Energy Research Institute, or KAERI, is …
South Korea’s Nuclear Research agency breached using VPN flaw Read More »