According to experts, companies are increasingly prioritizing system backups and restoration capabilities to avoid paying ransoms during cyber incidents. Companies must also report cyber incidents and notify affected individuals.
The CVE-2023-4966 vulnerability has been actively exploited by threat actors since late August, allowing them to hijack authenticated sessions and bypass strong authentication measures.
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, MS-ISAC, and ASD’s ACSC have released a joint advisory in response to LockBit 3.0 ransomware affiliates exploiting a vulnerability in Citrix’s NetScaler web application control.
The Information Commissioner’s Office (ICO) said that a complaint was first lodged back in June 2019, after a patient raised concerns that their records had been improperly accessed by Loretta Alborghetti, from Redditch.
Play ransomware attacks have shown little variation, suggesting that affiliates are following predefined playbooks provided with the RaaS, using identical tactics and commands.
The guide incorporates vulnerability data, known exploited vulnerabilities, and the MITRE ATT&CK framework. It covers topics such as asset management, identity management, device security, vulnerabilities, patching, and secure design principles.
A new variant of the Phobos ransomware has been discovered, which attempts to frame VX-Underground. Phobos ransomware, which emerged in 2018, operates as a ransomware-as-a-service and has seen wide distribution through affiliated threat actors.
The 8Base ransomware attackers have incorporated a new variant of the Phobos ransomware and publicly available tools for financially motivated attacks. The variant used by the 8Base group includes features that can enable attackers to establish persistence on victims’ systems, perform speedy encryption, and remove backup and shadow copies. Organizations are recommended to keep track […]
The attack prompted SIAAP to file a complaint with authorities and take immediate measures to secure their systems to prevent further spread. It has prioritized maintaining the public sanitation service and is working to ensure a return to normalcy.
Vikas Singla, the former COO of a cybersecurity company, pleaded guilty to hacking two hospitals in an attempt to boost his company’s business. Singla disrupted phone and printer services at the hospitals and stole personal information from patients.