The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered […]
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities. Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity […]
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past five years. South Koreaâs spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five […]
Play ransomware attacks target Exchange servers with a new exploit that bypasses Microsoftâs ProxyNotShell mitigations. Play ransomware operators target Exchange servers using a new exploit chain, dubbed OWASSRF by Crowdstrike, that bypasses Microsoftâs mitigations for ProxyNotShell vulnerabilities. The ProxyNotShell flaws are: they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them […]
American identity and access management giant Okta revealed that that its private GitHub repositories were hacked this month. Okta revealed that its private GitHub repositories were hacked this month, the news was first reported by BleepingComputer which had access to ‘confidential’ email notification sent by Okta. According to the notification threat actors have stolen the Okta’s source code. “As soon […]
CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ https://cybernews.com/security/ecco-leaks-sensitive-data-for-months/ Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Not only could anyone have modified the data, but the server misconfigurationâs severity likely left the company open to an attack that could have affected […]
German multinational industrial engineering and steel production company ThyssenKrupp AG was the target of a cyberattack. German multinational industrial engineering and steel production giant ThyssenKrupp AG announced that the Materials Services division and corporate headquarters were hit by a cyberattack. At this time the company has yet to disclose the type of attack that hit […]
Ukraineâs CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack. On December 17, 2022, the Center for Innovations and Development of Defense Technologies of the Ministry of Defense of Ukraine informed the Government Computer Emergency Response Team of Ukraine (CERT-UA) of being targeted by a malware-based attack. The spear […]
Russia-linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of Ukraine. The Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) is behind a failed attack against a large petroleum refining company in a NATO member state earlier amid the invasion of Ukraine. Gamaredon […]
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper. Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect […]