-
Fake Company Sheds Light on Ransomware Group Tactics
Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. This followed reports that Russia may or may not be cracking down on ransomware groups, which followed […]
-
Becoming a Cybercriminal Keeps Getting Easier
Zero-day vulnerabilities are no longer exclusively for elite hackers. There are now automated scripts available on GitHub so even novice hackers can explore these previously unknown security flaws. That was one of the insights in the HP Wolf Security Threat Insights Report released today. The report noted that the average time for a business to […]
-
New Python-based Ransomware Encrypts Virtual Machines Quickly
Sophos cybersecurity researchers have discovered a Python-based ransomware operation that escalated from a compromised corporate network to encrypted virtual machines in just three hours. VMware ESXi datastores rarely have endpoint protection, the researchers noted, and they host virtual machines (VMs) that likely run critical services for the business, making them a very attractive target for […]
-
How Ransomware Uses Encryption – And Evolves
Ransomware attacks are a huge concern these days, especially for corporate networks. Successful assaults can lead to locked up data and systems, as well as stolen and leaked data, bringing chaos to the targeted companies. Indeed, when the ransomware reaches its target, it’s practically game over. The malware encrypts files and spreads to the entire […]
-
Hackers Alter Cobalt Strike Beacon to Target Linux Environments
A significant part of hacking consists of diverting the function of existing systems and software, and hackers often use legitimate security tools to perform cyber attacks. Pentesting tool Cobalt Strike has been one such target, but what happened recently with a Red Hat Linux version of the Cobalt Strike Beacon is worthy of note. According […]
-
OWASP Names a New Top Vulnerability for First Time in Years
OWASP security researchers have updated the organization’s list of the ten most dangerous vulnerabilities – and the list has a new number one threat for the first time since 2007. The last update was in November 2017, and the latest draft is available for peer review until the end of the year. The Open Web […]
