CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Aug 20, 2024Ravie LakshmananVulnerability / Ransomware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following...
Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign
Aug 16, 2024Ravie LakshmananCloud Security / Application Security
A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated...
Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
Aug 16, 2024Ravie LakshmananCloud Security / Application Security
A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated...
RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks
Aug 15, 2024Ravie LakshmananRansomware / Cybercrime
A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response (EDR)...
Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges
A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to...
Black Basta-Linked Attackers Target Users with SystemBC Malware
Aug 14, 2024Ravie LakshmananMalware / Network Security
An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the...
FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar).
The effort saw the dismantling...
FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million
Aug 08, 2024Ravie LakshmananCritical Infrastructure / Malware
The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual ransom demand hitting...
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware.
The attacks involve the exploitation...
