July 14, 2024

4TB of internaal date allegedly leaked in Austrailan medical research breach

The Medusa ransomware group has claimed responsibility for stealing over four terabytes of data from the Harry Perkins Institute of Medical Research in Western Australia. The group posted on its dark web leak site, stating that 4.6TB of internal building camera recordings had been uploaded. Medusa is demanding a ransom of US$500,000, though it is also willing to sell the […]
July 4, 2024

Attack Cases Against HTTP File Server (HFS) (CVE-2024-23692)

Researchers have discovered ongoing exploitation of a critical vulnerability in the HTTP File Server (HFS) that is being used to deploy cryptocurrency mining malware, Remote Access Trojans (RATs), backdoors, and infostealers.This vulnerability, identified as CVE-2024-23692, impacts the Rejetto HTTP File Server (HFS), a software that enables file sharing through a web browser using only an executable file, bypassing the need […]
June 25, 2024

DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks

Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have transitioned from using AutoIt scripts to an AutoHotkey mechanism for the final stages of the attack, highlighting the threat actors’ ongoing efforts to evade detection.These updates were observed in DarkGate version 6, released in March 2024 by its developer, RastaFarEye, who has been offering the program on a subscription basis to […]
June 20, 2024

Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools

Ransomware activity increased in 2023 compared to 2022, according to Google-owned Mandiant.This is despite broadscale law enforcement operations against prominent ransomware groups, including ALPHV/BlackCat. In 2023, Mandiant noted a rise in ransomware activity, reflected by more posts on data leak sites and a moderate increase in ransomware investigations. Around a third of new ransomware families were variants of existing ones. […]
June 12, 2024

361 million stolen accounts leaked on Telegram added to HIBP

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.Cybersecurity researchers collected these credentials from numerous Telegram cybercrime channels, where the stolen data is commonly leaked […]
June 5, 2024

AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform

Hugging Face, an AI company, revealed on Friday that its Spaces platform experienced unauthorized access earlier this week. We suspect that some Spaces’ secrets may have been accessed without permission, the company shared in an advisory. Spaces is a platform where users can build, host, and share AI and machine learning apps, as well as explore creations by others. Following […]
May 25, 2024

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Google has announced that it patched its 10th zero-day exploit of 2024. The vulnerability, tagged as CVE-2024-7965, was found in Google Chrome and is linked to an issue in V8, Chrome’s JavaScript engine. This flaw, present in versions before 128.0.6613.84, could allow attackers to exploit heap corruption using a crafted HTML page. The problem, described as an “inappropriate implementation in […]
May 19, 2024

Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor 

There is a critical vulnerability (CVE-2024-31497) in certain versions of Citrix’s Hypervisor virtualization platform that has been disclosed in a security bulletin from Citrix. An issue that stems from XenCenter, the management console for Citrix Hypervisors, has been identified, containing a vulnerable version of PuTTY SSH.Previous versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Release (LTSR) included […]
May 12, 2024

IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access

The notorious and somewhat high-profile hacker going by the pseudonym “IntelBroker” has claimed to have successfully breached one of the largest cybersecurity companies in the world.The hacker, believed to be from Serbia, has a reputation for targeting major organizations across industries like government, telecommunications, automotive, and tech. Known as the operator of the Endurance ransomware, IntelBroker has taken credit for […]
Prev page
123456789101112131415161718192021222324252627282930313233343536373839404142
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.