Researchers spot Helldown exploiting Zyxel VPN to breach networks The flaw was previously undisclosed The crooks mostly target SMBs in the US and Europe There appears to be a new ransomware player in town, exploiting vulnerabilities in Zyxel… Source link
Fraud Management & Cybercrime , Network Firewalls, Network Access… Source link
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with… Source link
Conclusion Attackers are increasingly leveraging cloud services and features to further their malicious activities. In this blog, we analyzed a Golang ransomware that abuses Amazon S3’s Transfer Acceleration feature to upload victim files to… Article Source https://www.trendmicro.com/en_us/research/24/j/fake-lockbit-real-damage-ransomware-samples-abuse-aws-s3-to-stea.html
Dive Brief: Remote-access tools were the primary intrusion point for ransomware attacks, accounting for 3 in 5 attacks last year, cybersecurity insurance firm At-Bay said Wednesday in a… Article Source https://www.cybersecuritydive.com/news/remote-access-tools-ransomware/716320/
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft’s Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Storage Explorer is a GUI management tool for Microsoft Azure,… Article Source https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-abuse-microsoft-azure-tool-for-data-theft/
Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966), which was… Article Source https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-17th-2023-citrix-in-the-crosshairs/
A string of attacks on VMware ESXi servers were launched by the Play ransomware group, best known for its double-extortion tactics. In a July 19 blog post, Trend Micro researchers said most of the attacks have been concentrated in the United… Source link
Ransomware groups have been exploiting both known and zero-day vulnerabilities to breach organizations more frequently in the past year. This was revealed by James Nutland from Cisco Talos, who detailed the tactics of 14 ransomware groups between 2023 and 2024. LockBit was the most active group during this period, despite recent law enforcement efforts to … Read more
Pietro Melillo reported on July 10, 2024 that the Meow gang has claimed responsibility for a cyber attack on Hewlett Packard Enterprise (HPE). The group offered access to a confidential HPE database on their Data leak site (DLS) for $199. HPE is a leading technology company that split from Hewlett-Packard Company in 2015. The authenticity … Read more