Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for...

Threat Roundup for April 7 to April 14

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between April 7 and April 14. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for March 24 to March 31

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between March 24 and March 31. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for March 17 to March 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 17 and March 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Threat Round up for February 10 to February 17

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Feb. 10 and Feb. 17. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Round up for December 9 to December 16

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Dec. 9 and Dec. 16. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API

The plugin does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users PoC When the "Block access to users' data via REST API" settings is enabled...

Threat Roundup for July 29 to August 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 29 and Aug. 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Creaky Old WannaCry, GandCrab Top the Ransomware Scene

What’s old in ransomware is new again. Or, more accurately, never really went away. New analysis shows that for a years-old malware, WannaCry is still a viciously active pest. The self-propagating ransomware cryptoworm that’s been parasitizing victims since 2017 was the top most detected ransomwa...

The Top Ransomware Threats Aren’t Who You Think

While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service RaaS actors dominate the entire ecosystem of encryption-attack threats. In fact, just three ransomware families, none of them household names, make up 64 percent of all threats detected...

Ransomware Volumes Hit Record Highs as 2021 Wears On

Ransomware has seen a significant uptick so far in 2021, with global attack volume increasing by 151 percent for the first six months of the year as compared with the year-ago half. Meanwhile, the FBI has warned that there are now 100 different strains circulating around the world. From a...

Threat Roundup for January 31 to February 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 31 and Feb. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for November 29 to December 6

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 29 and Dec. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for September 20 to September 27

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 20 and Sept. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Threat Roundup for July 12 to July 19

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 12 and July 19. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

WordPress Cerber Security Multiple Bypass Vulnerabilities

Multiple security bypass vulnerabilities exist in WordPress Cerber Security. A remote attacker can exploit these vulnerabilities by sending a specially crafted HTTP request packet. Successful exploitation of these vulnerabilities would allow remote attackers to bypass security test on the affecte...

Threat Roundup for April 5 to April 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 05 and April 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

WordPress Cerber 8.0 Bypass

Exploit Title: WordPress Cerber Security, Antispam & Malware Scan - Security Bypass Vulnerabilities Type: WordPress Plugin Date: 2019-02-28 Active installs: 100,000+ Version: 8.0 Software Link: https://wordpress.org/plugins/wp-cerber/ Exploit Author: ed0x21son Category: WebApps, WordPress Tested...

New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

GandCrab Ransomware Crooks Take Agile Development Approach

Earlier this month, command-and-control servers tied to the fast-growing GandCrab ransomware campaigns were seized by Romanian Police and Europol. But, criminals behind GandCrab don’t appear phased by the setback and have already tweaked the malware to keep ransomware payment coming in. According...