Advertisement
Insider Threat: Former Negotiator Pleaded Guilty to BlackCat Attacks
A former cybersecurity negotiator at DigitalMint has pleaded guilty to conducting BlackCat (ALPHV) ransomware attacks against U.S. organizations.
CVE-2023-46604: Apache ActiveMQ RCE Exploited by HelloKitty - Patch Now
Over 6,400 Apache ActiveMQ servers are exposed to RCE via CVE-2023-46604. Threat actors like HelloKitty are actively exploiting this high-severity flaw.
Beyond Backups: Essential BCDR for Ransomware & Operational Resilience
Learn why traditional data backups are insufficient for business continuity. This analysis highlights the critical role of BCDR in mitigating ransomware and outage
Payouts King Ransomware Deploys QEMU VMs to Evade EDR Solutions
Payouts King ransomware leverages QEMU virtualization and reverse SSH tunnels to bypass endpoint security and encrypt MSSQL servers on corporate networks.
CVE-2023-46604: Apache ActiveMQ RCE Exploited in the Wild
CISA warns of active exploitation for CVE-2023-46604, a critical RCE flaw in Apache ActiveMQ used by ransomware groups. Update to version 5.18.3 or later.
Germany Ransomware Surge: How SafePay and Qilin Target Mittelstand
Germany sees a 92% surge in data leaks as ransomware actors like SafePay and Qilin pivot toward the Mittelstand and professional services sectors.

Storm-1175: High-Velocity Medusa Ransomware Campaigns
Runtime Rebel reports on Storm-1175's rapid Medusa ransomware campaigns, exploiting N-day and zero-day vulnerabilities for financial gain.
German Authorities Identify GandCrab and REvil Ransomware Leaders
German and US authorities identify Russian nationals behind GandCrab and REvil ransomware operations, marking a major step in ransomware attribution.

Qilin and Warlock Ransomware Bypass 300+ EDR Tools via BYOVD
Threat actors Qilin and Warlock use Bring Your Own Vulnerable Driver (BYOVD) tactics and msimg32.dll to disable security software on compromised endpoints.

BKA Unmasks REvil Leadership Behind 130 German Ransomware Attacks
Germany's BKA unmasks the leadership of the REvil (Sodinokibi) ransomware group, including the representative UNKN, following a major threat intel investigation.
Germany Doxes UNKN: Identity of REvil and GandCrab Leader Revealed
German authorities identify Daniil Maksimovich Shchukin as UNKN, the lead operator behind the notorious GandCrab and REvil ransomware operations.
Multi-Extortion Ransomware Tactics: A Deeper Dive
Analyze the evolution of multi-extortion ransomware, its reliance on data leaks, and strategies for mitigating the impact of exfiltrated data.