Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected. Conti ransomware gang exploits Log4Shell bug in its operationsSecurity Affairs
Tag: Security Affairs
Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns, crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past. Phorpiex botnet is back, in 2021 it […]
Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. PseudoManuscrypt, a mysterious massive cyber espionage campaignSecurity Affairs
Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Some of the groups exploiting the vulnerability are China-linked Hafnium and Iran-linked Phosphorus, the former group is using the flaw to attack virtualization infrastructure, the latter to deploy ransomware. Multiple Nation-State actors are exploiting […]
Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. Volvo Cars suffers a data breach. Is it a ransomware attack?Security Affairs
The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. Australian ACSC warns of Conti ransomware attacks against local orgsSecurity Affairs
Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language BlackCat ransomware, a very sophisticated malware written in RustSecurity Affairs
The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. NSO Group spyware used to compromise iPhones of 9 US officials
A mysterious threat actor, tracked as KAX17, has run thousands of malicious Tor relay servers since 2017 in an attempt to deanonymize Tor users. KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relaysSecurity Affairs
Threat actors this week have hacked the decentralized finance platform BadgerDAO and have stolen $120.3 million in crypto funds, blockchain security firm PeckShield reported. Most of the stolen funds, over $117 million, were Bitcoin, while the rest of the stolen assets were stored in the form of interest-bearing Bitcoin, a form of tokenised Bitcoin, and […]
Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. Watch out for Omicron COVID-19-themed phishing messages!Security Affairs
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issuesSecurity Affairs