Advertisement
Kyber Ransomware Targets Windows, ESXi with Post-Quantum Encryption
Kyber ransomware is encrypting Windows and VMware ESXi systems, with one variant leveraging Kyber1024 post-quantum encryption, posing new decryption challenges.
BlackCat Ransomware Negotiator Scheme: Insider Threat Implications
A ransomware negotiator's guilty plea in a BlackCat scheme highlights critical insider threat risks and the importance of stringent controls in ransom payment processes.
Security Expert Aids BlackCat Ransomware, Exposing IR Risks
A US security expert pleaded guilty to collaborating with the BlackCat ransomware group, leveraging his negotiation role. This highlights critical insider threat risks
SystemBC C2 Analysis: 1,570 Victims of The Gentlemen Ransomware
Analysis of a SystemBC C2 server linked to The Gentlemen ransomware reveals over 1,570 victims and the use of SOCKS5 tunnels for persistent access.
Insider Threat: Former Negotiator Pleaded Guilty to BlackCat Attacks
A former cybersecurity negotiator at DigitalMint has pleaded guilty to conducting BlackCat (ALPHV) ransomware attacks against U.S. organizations.
CVE-2023-46604: Apache ActiveMQ RCE Exploited by HelloKitty - Patch Now
Over 6,400 Apache ActiveMQ servers are exposed to RCE via CVE-2023-46604. Threat actors like HelloKitty are actively exploiting this high-severity flaw.
Beyond Backups: Essential BCDR for Ransomware & Operational Resilience
Learn why traditional data backups are insufficient for business continuity. This analysis highlights the critical role of BCDR in mitigating ransomware and outage
Payouts King Ransomware Deploys QEMU VMs to Evade EDR Solutions
Payouts King ransomware leverages QEMU virtualization and reverse SSH tunnels to bypass endpoint security and encrypt MSSQL servers on corporate networks.
CVE-2023-46604: Apache ActiveMQ RCE Exploited in the Wild
CISA warns of active exploitation for CVE-2023-46604, a critical RCE flaw in Apache ActiveMQ used by ransomware groups. Update to version 5.18.3 or later.
Germany Ransomware Surge: How SafePay and Qilin Target Mittelstand
Germany sees a 92% surge in data leaks as ransomware actors like SafePay and Qilin pivot toward the Mittelstand and professional services sectors.
Storm-1175: High-Velocity Medusa Ransomware Campaigns
Runtime Rebel reports on Storm-1175's rapid Medusa ransomware campaigns, exploiting N-day and zero-day vulnerabilities for financial gain.
German Authorities Identify GandCrab and REvil Ransomware Leaders
German and US authorities identify Russian nationals behind GandCrab and REvil ransomware operations, marking a major step in ransomware attribution.