September 1, 2024

Linux version of new Cicada ransomware targets VMware ESXi servers

A new ransomware-as-a-service (RaaS) operation is falsely associating itself with the legitimate Cicada 3301 organization and has already listed 19 victims on its extortion portal, targeting companies globally at an alarming pace.This cybercrime operation adopts both the name and logo of the enigmatic 2012-2014 Cicada 3301 online and real-world game, which was known for its complex cryptographic puzzles.However, there is […]
August 26, 2024

Publisher arrested on suspicion of DDoS attack Use of overseas services, discovered in international investigation

The National Police Agency announced on the 6th that a 25-year-old plumber from Oita City was arrested on suspicion of business obstruction through the damage of an electronic computer, following a cyberattack involving a Distributed Denial of Service (DDoS) attack. This type of attack overwhelms a corporate server with excessive data, rendering its website inaccessible.DDoS attacks are a common issue […]
August 9, 2024

Hacker wipes 13,000 devices after breaching classroom management platform

A hacker has breached Mobile Guardian, a global digital classroom management platform, and remotely wiped data from at least 13,000 students’ iPads and Chromebooks. Mobile Guardian, a Google for Education partner, provides device management, parental controls, secure web filtering, and classroom communication tools for K-12 schools across Android, Windows, iOS, ChromeOS, and macOS platforms. On August 4, 2024, the platform […]
August 1, 2024

Possible APT28-linked hackers target Ukraine’s scientific institutions

A recent cyber-espionage campaign targeting Ukraine’s scientific and research institutions has been linked to APT28, a Kremlin-backed group associated with Russia’s military intelligence (GRU). Researchers from CERT-UA identified the involvement of the UAC-0063 group, which used malware strains Hatvibe and Cherryspy in July attacks. Hatvibe enables the execution of additional files on infected devices, while Cherryspy allows attackers to run […]
July 24, 2024

CrowdStrike impact update: More than 5,000 flights cancelled

Software update has caused significant global IT disruptions, leading to canceled flights, interruptions in healthcare services, and potential payroll issues. The company responsible has issued an apology, but industry experts caution that resolving issues such as “blue screens of death” and endless loops may take weeks.One of the most severely affected sectors is aviation. According to updated figures from the […]
July 19, 2024

North Korea likely behind takedown of Indian crypto exchange WazirX

Indian cryptocurrency exchange WazirX has disclosed the loss of virtual assets worth over $230 million due to a cyberattack that has been linked to North Korea. In a statement shared late Thursday on its Xeet platform, WazirX reported that the attack targeted one of its multi-signature wallets—a type of digital asset storage that provides enhanced security by requiring multiple private […]
July 14, 2024

4TB of internaal date allegedly leaked in Austrailan medical research breach

The Medusa ransomware group has claimed responsibility for stealing over four terabytes of data from the Harry Perkins Institute of Medical Research in Western Australia. The group posted on its dark web leak site, stating that 4.6TB of internal building camera recordings had been uploaded. Medusa is demanding a ransom of US$500,000, though it is also willing to sell the […]
July 4, 2024

Attack Cases Against HTTP File Server (HFS) (CVE-2024-23692)

Researchers have discovered ongoing exploitation of a critical vulnerability in the HTTP File Server (HFS) that is being used to deploy cryptocurrency mining malware, Remote Access Trojans (RATs), backdoors, and infostealers.This vulnerability, identified as CVE-2024-23692, impacts the Rejetto HTTP File Server (HFS), a software that enables file sharing through a web browser using only an executable file, bypassing the need […]
June 25, 2024

DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks

Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have transitioned from using AutoIt scripts to an AutoHotkey mechanism for the final stages of the attack, highlighting the threat actors’ ongoing efforts to evade detection.These updates were observed in DarkGate version 6, released in March 2024 by its developer, RastaFarEye, who has been offering the program on a subscription basis to […]
Prev page
1234567891011121314151617181920212223242526272829303132
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.