Lucene search
K

16 matches found

HackRead
HackRead
added 2025/04/17 2:13 p.m.5 views

Mass Ransomware Campaign Hits S3 Buckets Using Stolen AWS Keys

Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn…...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/12/04 3:45 p.m.19 views

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

Executive Summary Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social engineering campaign back in May, 2024,...

8.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/12/04 3:45 p.m.8 views

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

Executive Summary Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social engineering campaign back in May, 2024,...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/06/10 6:5 p.m.81 views

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

10CVSS8AI score0.99999EPSS
Exploits442
Securelist
Securelist
added 2023/06/28 10:0 a.m.23 views

Andariel’s silly mistakes and a new malware family

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware...

7.1AI score
Exploits0
CISA
CISA
added 2023/02/08 12:0 a.m.77 views

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in...

1.7AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2022/10/14 7:0 p.m.10 views

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

0.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/14 7:0 p.m.43 views

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

0.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/14 7:0 p.m.12 views

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/15 2:30 p.m.255 views

SonicWall warns users of “imminent ransomware campaign”

This post has been updated with a statement from SonicWall below SonicWall has issued an urgent security notice warning users of unpatched End-Of-Life EOL SRA & SMA 8.X remote access devices that they have been made aware of an imminent ransomware campaign using stolen credentials. The exploitati...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/30 7:52 p.m.69 views

Task Force delivers strategic plan to address global ransomware problem

The Ransomware Task Force RTF, a think tank composed of more than 60 volunteer experts who represent organizations encompassing industries and governments, has recently pushed out a comprehensive and strategic plan for tackling the increasing threat and evolution of ransomware. The report, entitl...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/01/21 3:2 p.m.75 views

FTCODE Ransomware Now Steals Chrome, Firefox Credentials

FTCODE, a PowerShell-based ransomware that targets Italian-language users, has added new capabilities, including the ability to swipe saved web browser and email client credentials from victims. Samples of the ransomware, which has been around since 2013, were recently observed in September 2019...

1.4AI score
Exploits0References10
CISA
CISA
added 2019/09/25 12:0 a.m.13 views

Canadian Centre for Cyber Security Releases Advisory on New Ransomware Campaign

The Canadian Centre for Cyber Security CCCS has released an advisory on a new ransomware campaign. The malware, named TFlower, may infect users via exposed, unpatched Remote Desktop Protocol RDP services. The Cybersecurity and Infrastructure Security Agency CISA encourages administrators to revie...

6.8AI score
Exploits0References2
Talos Blog
Talos Blog
added 2017/10/24 1:51 p.m.59 views

Threat Spotlight: Follow the Bad Rabbit

Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.Update 2017-10-26 16:10 EDT: added additional information regarding the links between Nyetya and BadRabbitUpdate 2017-10-26 09:20...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2017/06/21 2:0 p.m.27 views

Player 1 Limps Back Into the Ring - Hello again, Locky!

This post was authored by Alex Chiu, Warren Mercer, and Jaeson Schultz. Sean Baird and Matthew Molyett contributed to this post.Back in May, the Necurs spam botnet jettisoned Locky ransomware in favor of the new Jaff ransomware variant. However, earlier this month Kaspersky discovered a...

7.3AI score
Exploits0
FireEye
FireEye
added 2016/06/24 1:30 p.m.13 views

Locky is Back Asking for Unpaid Debts

On June 21, 2016, FireEye’s Dynamic Threat Intelligence DTI identified an increase in JavaScript contained within spam emails. FireEye analysts determined the increase was the result of a new Locky ransomware spam campaign. As shown in Figure 1, Locky spam activity was uninterrupted until June 1,...

7.2AI score
Exploits0
Rows per page
Query Builder