Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices
Nov 05, 2024Ravie LakshmananVulnerability / Data Security
Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code...
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Oct 30, 2024Ravie LakshmananRansomware / Threat Intelligence
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial...
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions
Oct 26, 2024Ravie LakshmananCybercrime / Malware
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances...
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected...
Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA
Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them.
When...
New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
Oct 24, 2024Ravie LakshmananRansomware / Cybercrime
Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection.
The new variant is being tracked...
Ransomware Gangs Use LockBit’s Fame to Intimidate Victims in Latest Attacks
Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3...
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
Oct 19, 2024Ravie LakshmananNetwork Security / Data Breach
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government...
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
Oct 18, 2024Ravie LakshmananInsider Threat / Cyber Espionage
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but...
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
Oct 17, 2024Ravie LakshmananRansomware / Network Security
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on...
