HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials

HellCat ransomware hits 4 companies by exploiting Jira credentials stolen through infostealer malware, continuing their global attack spree...

North Korean Hackers Team Up with Play Ransomware in Global Attack

State-Sponsored Espionage Meets Ransomware!...

The ESXiArgs ransomware attack is targeting VMware ESXi servers globally

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A global ransomware attack, known as ESXiArgs, is affecting servers using VMware ESXi hypervisors version 6.x prior to 6.7 due to a vulnerability CVE-2021-21974 caused by a heap overflow issue in the Ope...

UPDATED: Kaseya hijacked, thousands attacked by REvil, fix delayed again

Malwarebytes does not use Kaseya products. Malwarebytes detects the REvil ransomware used in this attack as Sodinokibi. Latest updates July 7, 8:30 am, Kaseya VSA SaaS platform still offline, not updated as planned July 6, 3:40 pm, malspam using fake Kaseya security update July 6, 3:15 am,...

Greta Thunberg: Emotet's Person of the Year

There’s no doubt that teenage climate-change activist and Time Person of the Year Greta Thunberg inspires people around the world – and it turns out, this includes cybercriminals. More specifically, she’s inspiring as an opportunity: According to the Proofpoint Threat Insight team, a global...

Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution

UPDATE Malicious scanning activity targeting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN routers is underway, with a swell of opportunistic probes looking for vulnerable devices ramping up since Friday. According to Bad Packets Report’s honeypot data, cyberattackers are targeting a...

PewDiePie Hackers Say They Launched Second Printer Siege

UPDATE Hackers have claimed that they launched yet another attack tricking hundreds of thousands of printers globally to print pamphlets promoting YouTube celebrity “PewDiePie.” The latest incident comes on the heels of a similar hack last month. That’s when hackers claimed they commandeered 50,0...

How to Rapidly Identify Assets at Risk to WannaCry Ransomware and ETERNALBLUE Exploit

In what may be the first public weaponizing of April's Shadow Brokers dump of NSA exploits, a ransomware attack has crippled IT systems globally and disrupted operations at major organizations, including patient services at UK hospitals. About 80,000 infections have been detected in about 100...