Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities
Report North Korean Hacking Group Adds Ransomware to Traditional PlaybookA ScarCruft subgroup dubbed "ChinopuNK" has launched a disruptive ransomware campaign across South Korea, using phishing lures, AutoIt loaders and microphone-capturing malware - marking a major change in the North Korean hacking group's traditionally espionage-focused cyber tactics.
Both Ransomware Operations Remain Active and Pose a Threat, Experts WarnRansomware business moves: Attacks tied to BlackLock have been surging, likely bolstered by the group's custom-built malware, while the long-running Black Basta operation remains a threat, even as it looks set to disband due to core members facing "fatigue," report cybercrime experts.
Numerous Impediments Remain, Should Administrators Attempt to Reboot OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report. Even so, experts say it's unlikely the group would be able to successfully reboot.
Numerous Impediments Remain, Should Administrators Attempt to Reboot OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report. Even so, experts say it's unlikely the group would be able to successfully reboot.
Crypto-Malware Trackers Report a Surge in Known Ransomware Victims at End of 2023Ransomware-wielding attackers show no signs of stopping, and experts report December 2023 was the second-worst month on record for known victims. Lately, Akira-wielding attackers have been hitting Finland hard, and Medusa has been behind a rising number of attacks.
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts
Operators stay ahead of defenders with new access methods and C2 infrastructure The Qbot malware operation – which started more than a decade ago as banking trojan only to evolve into a backdoor and a delivery system for ransomware and other threats – continues to deftly adapt its techniques to stay ahead of security pros, according to a new report.…
Attackers primarily target on-premises IT infrastructures.
A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple macOS systems
The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks
Be ready for a rebound, and protect yourself with patching and segmentation SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.…
Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report.
Cybersecurity researchers have disclosed details of the latest version of the Chaos ransomware line, dubbed Yashma
Public and private sector both under attack as malware evolution accelerates SonicWall's annual cyber-threat report shows ransomware-spreading miscreants are making hay and getting quicker at doing so.…