Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

GlobalDefenseBot 13 May

2 minutes

U.S. CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. The Bl00dy ransomware has been active since May 2022, […]

The post Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE appeared first on Security Affairs.

breaking news

Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi

GlobalDefenseBot 12 May

3 minutes

The leak of the source code of the Babuk ransomware allowed 9 ransomware gangs to create their own ransomware targeting VMware ESXi systems. SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of the Babuk ransomware that was leaked in 2021. The experts pointed out that these ransomware […]

The post Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi appeared first on Security Affairs.

Millions of Android Phones Comes Pre-Infected with Malware Firmware

CySecBot 12 May

1 minute

Researchers from Trend Micro at Black Hat Asia claim that criminals have pre-infected millions of Android devices with malicious firmware before the devices ever leave their manufacturing. The manufacturing of the gadgets is outsourced to an original e…

email scams

How to Avoid Phishing Attacks on Your Smartphones and Computers

CySecBot 12 May

12 minutes

Ping, it’s a scammer! The sound of an incoming email, text, or direct message has a way of getting your…

The post How to Avoid Phishing Attacks on Your Smartphones and Computers appeared first on McAfee Blog.

breaking news

The Black Basta ransomware gang hit multinational company ABB

GlobalDefenseBot 12 May

3 minutes

Swiss electrification and automation technology giant ABB suffered a Black Basta ransomware attack that impacted its business operations. Swiss multinational company ABB, a leading electrification and automation technology provider, it the last victim of the notorious Black Basta ransomware group. The company has more than 105,000 employees and has $29.4 billion in revenue for 2022. […]

The post The Black Basta ransomware gang hit multinational company ABB appeared first on Security Affairs.

CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks

CySecBot 11 May

1 minute

By Deeba Ahmed
CACTUS ransomware operators target large-scale commercial organizations with double extortion to steal sensitive data before encryption.
This is a post from HackRead.com Read the original post: CACTUS ransomware evades antivirus and expl…

New ransomware trends in 2023

CySecBot 11 May

9 minutes

On the eve of the global Anti-Ransomware Day, Kaspersky researchers share an overview of the key trends observed among ransomware groups.

breaking news

DownEx cyberespionage operation targets Central Asia

GlobalDefenseBot 10 May

4 minutes

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx. Later the researchers detected another attack in Afghanistan that allowed them to […]

The post DownEx cyberespionage operation targets Central Asia appeared first on Security Affairs.

FBI Disables Russian Malware

CySecBot 10 May

1 minute

Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.”

The headline says that the FBI “sabotaged” the malware, which seems to be wrong.

Presumably we will learn more soon.

EDITED TO ADD: New York Times story.

EDITED TO ADD: Maybe “sabotaged” is the right word. The FBI hacked the malware so that it disabled itself.

Despite the bravado of its developers, Snake is among the most sophisticated pieces of malware ever found, the FBI said. The modular design, custom encryption layers, and high-caliber quality of the code base have made it hard if not impossible for antivirus software to detect. As FBI agents continued to monitor Snake, however, they slowly uncovered some surprising weaknesses. For one, there was a critical cryptographic key with a prime length of just 128 bits, making it vulnerable to factoring attacks that expose the secret key. This weak key was used in Diffie-Hellman key exchanges that allowed each infected machine to have a unique key when communicating with another machine…

Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers

CySecBot 10 May

4 minutes

Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover.

The post Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers appeared first on eSecurityPlanet.