New RA Group ransomware gang is the latest group using leaked Babuk source code

A previously unknown ransomware group known as RA Group is targeting companies in U.S. and South Korea with leaked Babuk source code. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and […]

The post New RA Group ransomware gang is the latest group using leaked Babuk source code appeared first on Security Affairs.

May 15, 2023
Read More >>

Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023. This comprehensive report delves into the alarming rise of ransomware attacks […]

The post Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware appeared first on Security Affairs.

May 15, 2023
Read More >>

Micro-Star International Signing Key Stolen

Micro-Star International—aka MSI—had its UEFI signing key stolen last month.

This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware makers do. Consequently, MSI doesn’t provide the same kind of key revocation capabilities.

Delivering a signed payload isn’t as easy as all that. “Gaining the kind of control required to compromise a software build system is generally a non-trivial event that requires a great deal of skill and possibly some luck.” But it just got a whole lot easier…

May 15, 2023
Read More >>

Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi

The leak of the source code of the Babuk ransomware allowed 9 ransomware gangs to create their own ransomware targeting VMware ESXi systems. SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of the Babuk ransomware that was leaked in 2021. The experts pointed out that these ransomware […]

The post Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi appeared first on Security Affairs.

May 12, 2023
Read More >>