Ransomware Review February 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
News
Nitrogen Shelling Malware From Hacked Sites
Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its...
Malicious Ads For Restricted Messaging Applications Target Chinese Users
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram...
2024 State Of Ransomware In Education 92 Spike In K 12 Attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Ransomware In 2023 Recap 5 Key Takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Hackers Exploit Ivanti Ssrf Flaw To Deploy New Dslog Backdoor
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy...
Ransomware Attack Forces 21 Romanian Hospitals To Go Offline
At least 21 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. The...
Fcc Orders Telecom Carriers To Report Pii Data Breaches Within 30 Days
Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by...
Free Rhysida Ransomware Decryptor For Windows Exploits Rng Flaw
South Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows...
Fbi Seizes Warzone Rat Infrastructure Arrests Malware Vendor
The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. Daniel...
Expressvpn Bug Has Been Leaking Some Dns Requests For Years
ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed...
Bank Of America Warns Customers Of Data Breach After Vendor Hack
Bank of America is warning customers of a data breach exposing their personal information after one of its service providers...
Cisa Roundcube Email Server Bug Now Exploited In Attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks....
Ongoing Microsoft Azure Account Hijacking Campaign Targets Executives
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments,...
US Consumers Lose a Record $10bn+ to Fraud Last Year
US adults lost over $10bn to fraud in 2023, with investment scams the biggest earner for threat actors, according to...
US Offers $10m Reward for Hive Ransomware Leaders
The US government has offered a reward of up to $10m for information leading to the identification and/or location of...
US Dismantles Warzone RAT Malware Operation
An international policing operation led by the US has enabled the dismantling of a nefarious malware operation dubbed “Warzone,” according...
Sophisticated Cyber-Attack Hits Islamic Charity in Saudi Arabia
An Islamic charitable non-profit organization based in Saudi Arabia has been the target of a prolonged cyber-espionage campaign. The campaign...
China Targets US Hacking Ops in Media Offensive
China has escalated its media campaign alleging US hacking operations, following condemnation from the US, UK and EU in July...
US-CERT Vulnerability Summary for the Week of February 5, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Rhysida Ransomware Cracked, Free Decryption Tool Released
Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked...
CISA and OpenSSF Release Framework for Package Repository Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing...
4 Ways Hackers use Social Engineering to Bypass MFA
When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being...
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that...
