PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates
Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers. The detected campaings “Microsoft is attributing the recently r.....»»
Binarly Transparency Platform 2.5 identifies critical vulnerabilities before they can be exploited
Binarly announced Binarly Transparency Platform 2.5 with several features designed to enhance software vulnerability management and improve security posture across enterprise environments. The key highlight of this release is the innovative Reachabil.....»»
Zyxel warns of vulnerabilities in a wide range of its products
Most serious vulnerabilities carry severity ratings of 9.8 and 8.1 out of a possible 10. Enlarge (credit: Getty Images) Networking hardware-maker Zyxel is warning of nearly a dozen vulnerabilities in a wide array of its.....»»
The number of active ransomware groups is on the rise, research finds
The number of active groups has risen 56% since 2023......»»
Ransomware attacks escalate as critical sectors struggle to keep up
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. Th.....»»
Qilin ransomware targets Google Chrome credentials
Sophos X-Ops reveals a new strategy that harvests credentials from compromised networks, raising significant cybersecurity concerns for organizations......»»
How ransomware tactics are shifting, and what it means for your business
In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting str.....»»
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sendin.....»»
US Authorities Issue RansomHub Ransomware Alert
RansomHub spun out of the now defunct ALPHV......»»
New ransomware group is hitting VMware ESXi systems hard
Researchers spot a new ransomware actor called Cicada3301, but it's not linked to the game of the same name......»»
City of Columbus sues man after he discloses severity of ransomware attack
Mayor said data was unusable to criminals; researcher proved otherwise. Enlarge (credit: Getty Images) A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a.....»»
How RansomHub went from zero to 210 victims in six months
RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare ins.....»»
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to bre.....»»
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites
Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and J.....»»
Why ransomware attackers target Active Directory
Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosof.....»»
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates
A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomwar.....»»
Expel partners with Wiz to enhance security for cloud environments
Expel announced a new strategic partnership with Wiz, a cloud-native application protection platform (CNAPP). The partnership provides an integration offering MDR for Wiz toxic risk combinations (including vulnerabilities, secrets, malware, and threa.....»»
BlackByte affiliates use new encryptor and new TTPs
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypte.....»»
There’s a scary new way to undo Windows security patches
A security researcher has released a new tool that can unpatch your Windows computer and expose it to old vulnerabilities......»»
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or editing files, and 14% were unmasked by behavior that didn’t fit with kn.....»»
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. In.....»»