July 4, 2024

Attack Cases Against HTTP File Server (HFS) (CVE-2024-23692)

Researchers have discovered ongoing exploitation of a critical vulnerability in the HTTP File Server (HFS) that is being used to deploy cryptocurrency mining malware, Remote Access Trojans (RATs), backdoors, and infostealers.This vulnerability, identified as CVE-2024-23692, impacts the Rejetto HTTP File Server (HFS), a software that enables file sharing through a web browser using only an executable file, bypassing the need […]
June 20, 2024

Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools

Ransomware activity increased in 2023 compared to 2022, according to Google-owned Mandiant.This is despite broadscale law enforcement operations against prominent ransomware groups, including ALPHV/BlackCat. In 2023, Mandiant noted a rise in ransomware activity, reflected by more posts on data leak sites and a moderate increase in ransomware investigations. Around a third of new ransomware families were variants of existing ones. […]
June 12, 2024

361 million stolen accounts leaked on Telegram added to HIBP

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.Cybersecurity researchers collected these credentials from numerous Telegram cybercrime channels, where the stolen data is commonly leaked […]
May 12, 2024

IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access

The notorious and somewhat high-profile hacker going by the pseudonym “IntelBroker” has claimed to have successfully breached one of the largest cybersecurity companies in the world.The hacker, believed to be from Serbia, has a reputation for targeting major organizations across industries like government, telecommunications, automotive, and tech. Known as the operator of the Endurance ransomware, IntelBroker has taken credit for […]
April 11, 2024

Threat Actors Are Actively Using Pupy RAT Malware to Attack Linux Systems

A number of cyberattacks have been observed targeting Linux systems in Asian campaigns through the use of the Pupy Remote Access Trojan (RAT). The Pupy RAT’s intricate capabilities, including remote command execution, information theft, keylogging, and its ability to evade detection, make it a valuable tool for cybercriminals seeking to compromise and infiltrate systems in Asia region. In order to […]
February 29, 2024

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. CVE-2024-21893 is actively exploited. As part of the attack chain, CVE-2024-21893 is combined with a previously disclosed command injection vulnerability tracked as CVE-2024-21887 to gain unauthorized access to vulnerable devices. In […]
February 29, 2024

Black Basta ransomware attacks ZircoDATA company

ZircoDATA is the leading provider of secure document storage and records management (RIM) solutions from information governance and digital conversion to storage, language services and secure shredding since 1995.ZircoDATA has been attacked by the Black Basta Group, claiming 395 GB of data, including financial documents, personal user folders, and confidentiality agreements. There are at least 46 passport scans and 12 […]
June 9, 2023

HWL Ebsworth declare they won’t meet APLHV ransomware gang’s demands

On Friday 9th of June 2023, one of Australia’s largest law firms HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang began leaking data they claim was stolen from the company. The ALPHV ransomware gang has published 1.45 terabytes of data containing over a million documents allegedly stolen from the law firm’s […]
May 26, 2023

Attack against City of Augusta claimed by BlackByte ransomware gang

On Friday 2nd of June 2023, the city of Augusta in Georgia, U.S. confirmed that the recent IT system outage was caused by unauthorized access to its network. The city explained that it started experiencing technical difficulties on Sunday, May 21, which disrupted some of its computer systems. “Augusta’s Information Technology Department continues to work diligently to investigate the incident, to confirm […]
Prev page
1234567891011121314151617181920
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.