New Ransomware Exploits Malicious Driver to Remove Cybersecurity Protections
GodDamn ransomware uses remote desktop application to secretly move around networks and drop the malicious PoisonX kernel driver
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
GodDamn ransomware uses remote desktop application to secretly move around networks and drop the malicious PoisonX kernel driver
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics
Trend Micro highlighted a sophisticated post-compromise attack chain to deploy the Warlock ransomware in unpatched SharePoint on-prem environments
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool
Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits
Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023
Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks
61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024
Ransomware groups are targeting weekends and holidays to exploit understaffed security teams in order to get the best chance of a pay day
The attacks exploit CVE-2023-22518, a critical flaw in Atlassian Confluence Data Center and Server
Russian gang operates comprehensive set of attack tools
The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US
Ransomware group tries to demonize carriers in negotiations
Trend Micro’s latest research paper analyzed ways in which ransomware groups could evolve to stay on top of strengthened cyber-protection measures
DEV-0270 leverages exploits for newly disclosed vulnerabilities to gain access to devices
The attackers modified the Blast Secure Gateway component of the application using PowerShell code
The findings uncovered 475 web pages of elaborate ransomware products and services
The primary objective of the attack was reportedly to get back at the Indian Government