Lucene search
K

18 matches found

Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.3 views

ROFBS$Α$: Real Time Backup System Decoupled from ML Based Ransomware Detection

This study introduces ROFBS$α$, a new defense architecture that addresses delays in detection in ransomware detectors based on machine learning. It builds on our earlier Real Time Open File Backup System, ROFBS, by adopting an asynchronous design that separates backup operations from detection...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/14 12:40 p.m.13 views

In-Depth Analysis of AvosLocker Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AvosLocker also known as Avos, is a ransomware-as-a-service that targets critical infrastructure organizations, primarily in the US, and has expanded to target both Windows and Linux systems. Its...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/13 10:25 a.m.49 views

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency CISA and...

7.2AI score
Exploits0
CISA
CISA
added 2023/10/11 12:0 p.m.6 views

FBI and CISA Release Update on AvosLocker Advisory

Today, the Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA released a joint Cybersecurity Advisory CSA, StopRansomware: AvosLocker Ransomware Update to disseminate known indicators of compromise IOCs, tactics, techniques, and procedures TTPs, and...

7.2AI score
Exploits0References3
Talos Blog
Talos Blog
added 2022/06/21 4:59 a.m.16 views

Avos ransomware group expands with new attack arsenal

By Flavio Costa, Chris Neal and Guilherme Venere. In a recent customer engagement, we observed a month-long AvosLocker campaign. The attackers utilized several different tools, including Cobalt Strike, Sliver and multiple commercial network scanners. The initial ingress point in this incident...

3.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/14 12:43 p.m.207 views

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that "multiple adversaries and nation-state actors" are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background...

7.5CVSS10AI score0.99999EPSS
Exploits75
The Hacker News
The Hacker News
added 2022/05/24 10:25 a.m.30 views

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down its attack infrastructure in favor of migrating their malicious cyber activities to other ancillary operations, including Karakurt and BlackByte. "From the...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/03 5:50 a.m.613 views

AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection

Cybersecurity researchers have disclosed a new variant of the AvosLocker ransomware that disables antivirus solutions to evade detection after breaching target networks by taking advantage of unpatched security flaws. "This is the first sample we observed from the U.S. with the capability to...

10CVSS0.5AI score0.99999EPSS
Exploits358
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/05/02 12:0 a.m.7 views

AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell

We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions...

4.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/05/02 12:0 a.m.10 views

AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell

We found an AvosLocker ransomware variant using a legitimate anti-virus component to disable detection and blocking solutions...

3.5AI score
Exploits0
hivepro
hivepro
added 2022/03/29 1:56 p.m.169 views

Weekly Threat Digest: 21 – 27 March 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 340 10 5 53 24 84 The fourth week of March 2022 witnessed the discovery of 340 vulnerabilities out of which 10...

10CVSS0.99999EPSS
Exploits90
hivepro
hivepro
added 2022/03/24 6:30 a.m.130 views

AvosLocker Ransomware group has targeted 50+ Organizations Worldwide

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Federal Bureau of Investigation and Cybersecurity and Infrastructure Security Agency released threat advisories on AvosLocker Ransomware. It is a Ransomware as a Service RaaS affiliate-based group that has targeted 50+...

10CVSS1.5AI score0.99999EPSS
Exploits79
CISA
CISA
added 2022/03/22 12:0 a.m.20 views

FBI and FinCEN Release Advisory on AvosLocker Ransomware

The Federal Bureau of Investigation FBI and the Department of the Treasury’s Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based...

2.5AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2022/03/21 9:9 p.m.345 views

AvosLocker ransomware uses Microsoft Exchange Server vulnerabilities, says FBI

The FBI has issued an advisory about the AvosLocker ransomware. Notably the FBI has noticed that several victims have reported Microsoft Exchange Server vulnerabilities as the intrusion vector. AvosLocker is a Ransomware as a Service RaaS affiliate-based group that has targeted victims across...

10CVSS10AI score0.99999EPSS
Exploits79
Qualys Blog
Qualys Blog
added 2022/03/07 5:18 a.m.1060 views

AvosLocker Ransomware Behavior Examined on Windows & Linux

AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines. Now a new variant of AvosLocker malware is also targeting Linux environments. In this blog, we examine the behavior of these two AvosLocker Ransomware in detail. AvosLocker is a relatively new...

10CVSS8.9AI score0.99999EPSS
Exploits18
ThreatPost
ThreatPost
added 2021/10/21 5:33 p.m.36 views

Gigabyte Allegedly Hit by AvosLocker Ransomware

The AvosLocker ransomware gang is claiming that it breached tech giant Gigabyte and has leaked a sample of what it claims are files stolen from the Taiwanese company’s network. It’s offering to sell the rest. On Wednesday, the gang posted a “press release” announcing that it had purportedly gutte...

6.7AI score
Exploits0References14
The Hacker News
The Hacker News
added 2021/08/24 11:6 a.m.36 views

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more...

1.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/23 11:0 p.m.526 views

AvosLocker enters the ransomware scene, asks for partners

This blog post was authored by Hasherezade In mid-July we responded to an incident that involved an attack on a Microsoft Exchange server. The threat actor used this entry point to get into a Domain Controller and then leveraged it as a springboard to deploy ransomware. While examining the...

7.2AI score
Exploits0
Rows per page
Query Builder