Malware – Page 9 – Search.AI.Wiki

Rhysida Ransomware gang claims to have hacked three more US hospitals

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack.

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings …

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

…

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

The Ragnar Locker ransomware gang added Israel’s Mayanei Hayeshua hospital to the list of victims on its Tor leak site

The Ragnar Locker ransomware gang claimed responsibility for an attack on Israel’s Mayanei Hayeshua hospital. The cybercrime group claims to …

North Korea-linked threat actors target cybersecurity experts with a zero-day

North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts.

North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers.

The attacks that took place …

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks

Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect …

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks

Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect …

A malvertising campaign is delivering a new version of the macOS Atomic Stealer

Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer.

Malwarebytes researchers have observed a new malvertising campaign distributing an updated version of the popular Atomic Stealer (AMOS) for Mac.

The …

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

LockBit

…

LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)

The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM).

The LockBit ransomware group continues to be one of the most active extortion gangs in the threat landscape. This week the gang claimed to …

Talos wars of customizations of the open-source info stealer SapphireStealer

Cisco reported that multiple threat actors are customizing the SapphireStealer information stealer after the leak of its source code.

Cisco Talos researchers reported that multiple threat actors have created their own version of the SapphireStealer after that the source code …

UNRAVELING EternalBlue: inside the WannaCry’s enabler

WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you should defend against it.

What is the EternalBlue vulnerability?

EternalBlue …

UNRAVELING EternalBlue: inside the WannaCry’s enabler

WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you should defend against it.

What is the EternalBlue vulnerability?

EternalBlue …

Researchers released a free decryptor for the Key Group ransomware

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom.

Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims …

North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks

ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima.

ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the …

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel.

GCHQ’s National Cyber Security Centre and international partners reported that Russia-linked threat actors are using a new malware to target the …

Russia targets Ukraine with new Android backdoor, intel agencies say

Enlarge / Ukrainian soldiers. (credit: Getty Images)

Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on

…

Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

Experts warn of ongoing credential stuffing and brute-force attacks targeting Cisco ASA (Adaptive Security Appliance) SSL VPNs.

Cisco is aware of attacks conducted by Akira ransomware threat actors targeting Cisco ASA VPNs that are not configured for multi-factor authentication.

“Cisco …