April 11, 2024

Threat Actors Are Actively Using Pupy RAT Malware to Attack Linux Systems

A number of cyberattacks have been observed targeting Linux systems in Asian campaigns through the use of the Pupy Remote Access Trojan (RAT). The Pupy RAT’s intricate capabilities, including remote command execution, information theft, keylogging, and its ability to evade detection, make it a valuable tool for cybercriminals seeking to compromise and infiltrate systems in Asia region. In order to […]
February 29, 2024

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. CVE-2024-21893 is actively exploited. As part of the attack chain, CVE-2024-21893 is combined with a previously disclosed command injection vulnerability tracked as CVE-2024-21887 to gain unauthorized access to vulnerable devices. In […]
February 29, 2024

Black Basta ransomware attacks ZircoDATA company

ZircoDATA is the leading provider of secure document storage and records management (RIM) solutions from information governance and digital conversion to storage, language services and secure shredding since 1995.ZircoDATA has been attacked by the Black Basta Group, claiming 395 GB of data, including financial documents, personal user folders, and confidentiality agreements. There are at least 46 passport scans and 12 […]
June 9, 2023

HWL Ebsworth declare they won’t meet APLHV ransomware gang’s demands

On Friday 9th of June 2023, one of Australia’s largest law firms HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang began leaking data they claim was stolen from the company. The ALPHV ransomware gang has published 1.45 terabytes of data containing over a million documents allegedly stolen from the law firm’s […]
May 26, 2023

Attack against City of Augusta claimed by BlackByte ransomware gang

On Friday 2nd of June 2023, the city of Augusta in Georgia, U.S. confirmed that the recent IT system outage was caused by unauthorized access to its network. The city explained that it started experiencing technical difficulties on Sunday, May 21, which disrupted some of its computer systems. “Augusta’s Information Technology Department continues to work diligently to investigate the incident, to confirm […]
May 17, 2023

New MalasLocker ransomware demands charity donation after targeting Zimbra servers

This week, a new ransomware operation, dubbed MalasLocker by BleepingComputer, has been observed which is targeting Zimbra servers to steal emails and encrypt files since the end of March 2023. Although instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking. “Unlike traditional ransomware groups, we’re […]
May 17, 2023

FBI releases joint advisory against the BianLian ransomware gang

On Tuesday 16th of May 2023, the United States Federal Bureau of Investigation (FBI) released a joint TLP:CLEAR cybersecurity advisory warning organisations of the latest tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group. The advisory highlighted that BianLian is a ransomware developer, deployer, and data extortion cybercriminal group that has targeted organisations in multiple U.S. critical infrastructure sectors […]
May 17, 2023

ScanSource warns of delays following ransomware attack

On Tuesday 16th of May 2023, a US-based technology provider ScanSource disclosed that they had suffered a ransomware attack that has impacted some of its systems, business operations, and customer portals. The impact has been significant, as it is expected to cause delays in the provision of services to customers in North America and Brazil. ScanSource has stated in a press […]
May 15, 2023

Cisco Talos reveals RA Group ransomware targeting USA and South Korean organisations

On Monday 15th of May 2023, Cisco Talos revealed a new ransomware group named ‘RA Group’ that is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea. The blog post covering the group revealed that their operation started in April 2023, when they launched a data leak site on the dark web on Sunday […]
12345678910111213141516171819
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.