Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Mar 03, 2025Ravie LakshmananRansomware / Vulnerability
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary...
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It's like having your office computer with...
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
Feb 26, 2025Ravie LakshmananNetwork Security / Threat Intelligence
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as...
Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts
More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into...
5 Active Malware Campaigns in Q1 2025
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods.
Below is an overview of...
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs...
China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
Feb 20, 2025Ravie LakshmananRansomware / Vulnerability
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the...
⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
Feb 17, 2025Ravie LakshmananCyber Threats / Cybersecurity
Welcome to this week's Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain...
RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally
The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain...
RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage...
