Lucene search
K

8 matches found

Microsoft Secure
Microsoft Secure
added 2023/07/11 5:30 p.m.51 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

8AI score0.99083EPSS
Exploits3
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/11 5:30 p.m.74 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

6.8CVSS8AI score0.99083EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/12/02 7:0 a.m.25 views

CISA and the FBI issue alert about Cuba ransomware

In the latest StopRansomware effort of publicizing ransomware information for network defenders, the Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have issued a joint Cybersecurity Advisory CSA on the ransomware known as "Cuba." Though named...

1.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/02 6:4 a.m.73 views

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities

The threat actors behind Cuba aka COLDDRAW ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of...

10CVSS1.1AI score0.99512EPSS
Exploits77
CISA
CISA
added 2022/12/01 12:0 a.m.15 views

#StopRansomware: Cuba Ransomware 

Today, the Federal Bureau of Investigation FBI and CISA released a joint Cybersecurity Advisory CSA StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated with Cuba ransomware. FBI investigations identifie...

2.2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2022/11/03 9:20 a.m.93 views

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine an...

7.1AI score
Exploits0
hivepro
hivepro
added 2022/08/10 7:8 a.m.17 views

Industrial Spy trades stolen data on dark web Marketplace

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Since March 2022, Industrial Spy ransomware, a new menace in the threat environment, has been stealing and selling data on the dark web marketplace and conducting double extortion attacks, combining data theft...

2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/26 1:2 p.m.13 views

Hospitals taken offline after cyberattack

The GHT Coeur Grand Est has become a victim of a cyberattack on the hospital centers of Vitry-le-François and Saint-Dizier. The hospital’s administration has warned French that data have been exfiltrated and might be used for phishing in the future. As a consequence, the GHT Cœur Grand Est has cu...

0.3AI score
Exploits0
Rows per page
Query Builder