Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption – but they could be bumping up against the limits of how fast they can go, said security researchers from Sophos.
The attack occurred on August 18, and since then, efforts have been made to restore the data, but it has proved difficult. CloudNordic has stated that it will not pay the ransom demanded by the hackers.
Undocumented threat cluster Carderbee was observed targeting organizations in Hong Kong and other Asian regions via a trojanized version of the legitimate software EsafeNet Cobra DocGuard Client to deliver the PlugX backdoor and gain access to victim networks. Strengthening supply chain security through thorough vendor assessments and continuous monitoring is essential.
On May 15th, the Cybernews research team discovered an open Kibana instance containing sensitive information regarding Belcan, their employees, and internal infrastructure.
Threat actors are reportedly exploiting APK files that employ unknown or unsupported compression methods to bypass malware analysis, warned cybersecurity firm Zimperium. The approach hinders decompilation efforts while still enabling installation on Android devices running OS versions above Android 9 Pie. Zimperium found 3,300 instances of this tactic in the wild, with 71 of them […]
Clop was responsible for one-third of all ransomware attacks in July, positioning the financially-motivated threat actor to become the most prolific ransomware threat actor this summer, according to multiple threat intelligence reports.
A fresh player in the realm of cyber threats has emerged under the moniker EVLF DEV, operating as a Malware-as-a-Service (MaaS) provider. Hailing from Syria and active for over eight years, this actor has developed the CypherRAT and CraxsRAT malware strains. To counteract such campaigns by malicious actors, individuals should practice caution while downloading applications, […]
The 2nd Judicial Circuit announced Monday that law enforcement is investigating a data breach involving Gadsden County court records. In a news release, the circuit said that initial assessments show some of the records contained PII.
There’s mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
The group claims to have stolen military contracts, internal call signs, and personal data, amounting to 1.6 TB. If the attack gets confirmed, the disclosure of confidential information poses a serious risk to organizations involved in the contracts.