Google obtained a temporary court order against CryptBot distributors

Google obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot information stealer.

Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information …

Researchers found the first Linux variant of the RTM locker

RTM ransomware-as-a-service (RaaS) started offering locker ransomware that targets Linux, NAS, and ESXi systems.

The Uptycs threat research team discovered the first ransomware binary attributed to the RTM ransomware-as-a-service (RaaS) provider. The new variant of the encryptor targets Linux, NAS, …

Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware

Microsoft revealed that recent attacks against PaperCut servers aimed at distributing Cl0p and LockBit ransomware.

Microsoft linked the recent attacks against PaperCut servers to a financially motivated threat actor tracked as Lace Tempest (formerly DEV-0950). The group is known to …

CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance

CyberNews analyzed a classic cryptocurrency romance scam, also known as CryptoRom, explaining how scammers hid the money

CryptoRom scammers hid the money with several layers of obfuscation, but the Cybernews research team discovered that the stolen funds ended up in

A new Mirai botnet variant targets TP-Link Archer A21

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451) in TP-Link Archer A21 in recent attacks.

Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8) …

AuKill tool uses BYOVD attack to disable EDR software

Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack.

Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response …

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums.

Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is …

Health insurer Point32Health suffered a ransomware attack

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident.

Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. The insurer …

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

文 » A