AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
AWS Researchers Find an Interlock Server Laden With ToolsRansomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe.
An attack on the company’s AWS platform may have exposed customers' names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.…
In this blog entry, Trend™ Research explores how ransomware actors are shifting their focus to cloud-based assets, including the tactics used to compromise business-critical data in AWS environments.
Also, Australian Police Arrest 55 in New Round of Anom App StingThis week: UPenn hit by email breach, Australian police arrested 55, 'SesameOp' backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo, Ukrainian national extradited to United States for role in Conti ransomware and a supply chain risk in advanced installer tool.
Threat Actor 'Codefinger' Targets Cloud EnvironmentsA ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS’s server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. [...]
'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it.…
AWS Security Incident Response will help security teams defend organizations from security threats such as account takeovers, breaches, and ransomware attacks.
This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.
How to reduce the risk and impact of ransomware attacks on AWS data and applications Webinar Ransomware has a longer history than you might imagine. The very first recognized attack was at the World Health Organization in 1989 when the AIDS Trojan was distributed to 20,000 attendees via floppy disc.…