NullMixer Dropper Delivers a Multimalware Code Bomb
It's only after a user clicks a malicious link, downloads the malware, and then launches it that NullMixer is deployed. But once the dropper infects a victim's system, it...
US Government Issues Warning on Kimsuky APT Group
The joint alert, from CISA, the FBI, and others, describes activities from the North Korean advanced persistent threat group.The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of...
Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems
Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries seeking...
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks.The Biden administration Thursday officially blamed Russia's Foreign Intelligence Service,...
5 Russia-Linked Groups Target Ukraine in Cyberwar
Over the past eight months, at least five Russian state-sponsored or cybercriminal groups have targeted Ukrainian government agencies and private companies in dozens of operations that aimed to disrupt...
Black Basta Ransomware Targets ESXi Servers in Active Campaign
The Black Basta ransomware emerged last month to target Windows-based systems only, but now the latest ransomware binary is going after VMware virtual machines (VMs).
The latest variant looks to encrypt VMs...
Cyberattackers Spoof Google Translate in Unique Phishing Tactic
Attackers are spoofing Google Translate in an ongoing phishing campaign that uses a common JavaScript coding technique to bypass email security scanners. Leveraging trust in Google Translate is a...
Businesses Struggle with Cloud Availability as Attackers Take Aim
Researchers find organizations struggle with availability for cloud applications as government officials warn of cloud-focused cyberattacks.The majority of organizations have separate tools for networking and security, researchers report in...
Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware
A critical zero-day security vulnerability in QNAP's network-attached storage (NAS) devices has been actively exploited in the wild to deliver the DeadBolt ransomware variant.
The vendor warned that the...
US Charges Ukrainian National for Kaseya Ransomware Attack
The US Department of Justice has charged
a Ukrainian national for his alleged role in a July 2 cyberattack on Kaseya that
resulted in the REvil ransomware sample being deployed on...