Browsing tag
According to researchers, threat actors including Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers. In late August 2021, it was reported that threat actors are targeting unpatched Microsoft Exchange Servers by exploiting ProxyShell exploits. Now, according to independent findings of researchers at Sophos Labs and […]
Reportedly, the REvil ransomware gang is using DDoS attacks to make huge ransom demands from victim companies VoIP Unlimited and Voipfone. Two Internet and Telephony Service Providers (ITSP) in the United Kingdom, the South Coast-based VoIP Unlimited and London-based Voipfone, got their services disrupted for several days after suffering a series of Massive DDoS attacks. […]
Revil ransomware gang is claiming to have downloaded databases and other important data belonging to the MasMovil group. Spain’s 4th largest telecom operator MasMovil Ibercom or MasMovil is the latest victim of the infamous Revil ransomware gang (aka Sodinokibi) On its official blog accessible via Tor browser, as seen by Hackread.com, the ransomware operator claims […]
Kaseya was informed about the vulnerabilities back in April 2021 but it failed to address the issue in time. The remote management and monitoring solutions provider, Kaseya VSA, has released patches for three critical vulnerabilities exploited by the REvil ransomware gang to launch a devastating ransomware attack earlier in July 2021. In April 2021, the […]
As if we didn’t have enough threats on our plate to deal with. Did you know in 2018, ransomware attacks worldwide grew by 380%? There are several reasons why there has been such a whopping increase, for instance, Social distancing may be affecting how we work, but it also might be creating an increase in […]
The newly discovered DarkRadiation ransomware chain is unlike any other ransomware family. Trend Micro cybersecurity researchers have shared findings of a newly identified ransomware strain dubbed DarkRadiation. The ransomware strain is entirely written in Bash, and this aspect makes it difficult for most security software to detect it as a threat. SEE: Revil ransomware gang hits US […]
The original DarkSide ransomware gang had quit its operation last month after the attack on Colonial Pipeline. In May 2021, the DarkSide ransomware group targeted Colonial Pipeline, the largest fuel pipeline in the United States. The attack was so severe that it shut down 5,500 miles of pipeline along the East Coast. As a repercussion, […]
The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. Two of the dark web portals, including the gang’s Happy Blog data leak site and its payment/negotiation site, have resurfaced online, with the most recent victim added […]
A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies’ networks as part of an insider threat scheme. “The sender tells the employee that if they’re able to deploy ransomware on a company computer or Windows server, then […]
Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to threat actors behind the infamous TrickBot syndicate. The latest findings from IBM X-Force show that the ransomware sample shares similarities to other malware that has been attributed to the cybercrime gang, thus establishing […]
The U.S. is presently combating two pandemics–coronavirus and ransomware attacks. Both have partially shut down parts of the economy. However, in the case of cybersecurity, lax security measures allow hackers to have an easy way to rake in millions. It’s pretty simple for hackers to gain financially, using malicious software to access and encrypt data […]
Networking equipment maker SonicWall is alerting customers of an “imminent” ransomware campaign targeting its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware. The warning comes more than a month after reports emerged that remote access vulnerabilities in SonicWall SRA 4600 VPN appliances (CVE-2019-7481) are being […]
REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web, leading to speculations that the criminal enterprise may have been taken down. Multiple darknet and clearnet sites maintained by the Russia-linked cybercrime syndicate, including the data leak, extortion, and payment portals, remained inaccessible, […]
Florida-based software vendor Kaseya on Sunday rolled out urgent updates to address critical security vulnerabilities in its Virtual System Administrator (VSA) solution that was used as a jumping off point to target as many as 1,500 businesses across the globe as part of a widespread supply-chain ransomware attack. Following the incident, the company had urged […]
U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to distribute malware. While initial reports raised speculations that REvil, the ransomware gang behind the attack, might have gained access to Kaseya’s backend infrastructure and abused […]
Threat actors behind the infamous TrickBot malware have been linked to a new ransomware strain named “Diavol,” according to the latest research. Diavol and Conti ransomware payloads were deployed on different systems in a case of an unsuccessful attack targeting one of its customers earlier this month, researchers from Fortinet’s FortiGuard Labs said last week. […]
Amidst the massive supply-chain ransomware attack that triggered an infection chain compromising thousands of businesses on Friday, new details have emerged about how the notorious Russia-linked REvil cybercrime gang may have pulled off the unprecedented hack. The Dutch Institute for Vulnerability Disclosure (DIVD) on Sunday revealed it had alerted Kaseya to a number of zero-day […]
Organizations today already have an overwhelming number of dangers and threats to look out for, from spam to phishing attempts to new infiltration and ransomware tactics. There is no chance to rest, since attack groups are constantly looking for more effective means of infiltrating and infecting systems. Today, there are hundreds of groups devoted to […]
There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it’s making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action. The FBI IC3 report of 2020 classified Ransomware as […]
Cybersecurity researchers are sounding the alarm bell over a new ransomware strain called “DarkRadiation” that’s implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications. “The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions,” researchers from Trend Micro […]
Hackers are increasingly using ransomware as an effective tool to disrupt businesses and fund malicious activities. A recent analysis by cybersecurity company Group-IB revealed ransomware attacks doubled in 2020, while Cybersecurity Ventures predicts that a ransomware attack will occur every 11 seconds in 2021. Businesses must prepare for the possibility of a ransomware attack affecting […]