In many cases, the attackers managed to obtain highly secure auto-generated FTP credentials and used them to hijack the victim websites to redirect visitors to adult-themed content.

The Mapped I/O side-channel vulnerabilities were initially disclosed by Intel on June 14th, 2022, warning that the flaws could allow processes running in a virtual machine to access data from another virtual machine.

Southeastern Louisiana University suffered a week-long outage of its website, email, or system for submitting assignments after a “potential incident” last week caused the university to shut down its network.

The FBI and the CISA released a joint Cybersecurity Advisory to provide organizations, tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with this ransomware family.

The city’s authorities informed the public it had been targeted by a ransomware attack on February 10, 2023. It impacted all network systems except 911 dispatch, fire emergency services, and the city’s financial systems.

The Vice Society ransomware gang has published on the dark web files that it stole from Vesuvius, one month after the company announced that it had suffered a “cyber incident.”

Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company’s Fortra GoAnywhere MFT secure file-sharing platform.

The malware, besides performing defense evasion checks to determine if it’s being executed in a sandbox, establishes persistence by means of a Visual Basic script and uses transfer[.]sh for data exfiltration.

This backdoor is part of an ongoing campaign that researchers can trace back to early January 2023. Unlike most of the group’s malware, MQsTTang doesn’t seem to be based on existing families or publicly available projects.