The ransomware industry has certainly come a long way, from the early days of the AIDS Trojan to the modern, very business-like Ransomware-as-a-Service model preying on businesses of all sizes.
Some of the reasons why we should be serious about space cybersecurity are obvious, such as keeping ground-based systems running and addressing national defense concerns.
The malicious updates delivered through NoxPlayer’s compromised update mechanism included an unknown malware with monitoring capabilities and the extensively used Gh0st remote access trojan (RAT).
After the Google TAG report about attacks on security researchers, Microsoft has disclosed a similar attempt by another North Korean actor to steal vulnerabilities from the experts.
Palo Alto is alerting organizations about new updates in Rocke Group’s new version of malware that was used throughout 2018 and 2019 to illegally mine Monero from infected Linux machines.
After a takedown attempt in 2020 by the global law enforcement, that somehow wasn’t that successful, a new TrickBot version has arrived.
North Korea-backed threat actors are impersonating security experts to launch attacks on the security community possibly to obtain details of undisclosed vulnerabilities that can be exploited later.
The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. This shutdown could cause members to join other ransomware affiliate programs.
Researchers have identified an updated malware variant used by the cybercrime gang Rocke Group that targets cloud infrastructures with crypto-jacking attacks. The malware is called Pro-Ocean, which was first discovered in 2019.
Researchers at GRIMM have discovered multiple vulnerabilities within the NITRO open-source library that the Department of Defense and federal intelligence community use to exchange, store and transmit digital images collected by satellites.