Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
'Thousands' of US victims, including 12+ machines owned and operated by Redmond
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
'Thousands' of US victims, including 12+ machines owned and operated by Redmond
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors
Last time: Beijing-backed snoops and ransomware crims. Who's next? Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims' SharePoint servers, the US government warned.…
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations.…
A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. [...]
There's only one rule – don't attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But so far, only Windows machines have fallen victim, we're told.…
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. [...]
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. [...]
The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their post-compromise strategy
Bitdefender has released a decryptor for the 'ShrinkLocker' ransomware strain, which uses Windows' built-in BitLocker drive encryption tool to lock victim's files. [...]
Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.…
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. [...]
ShrinkLocker throws steel and vaccine makers into the hurt locker Updated Yet more ransomware is using Microsoft BitLocker to encrypt corporate files, steal the decryption key, and then extort a payment from victim organizations, according to Kaspersky.…
Spoiler alert: it's not really IT support controlling your device A cybercrime gang has been abusing Microsoft's Quick Assist application in social engineering attacks that ultimately allow the crew to infect victims with Black Basta ransomware.…
Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. [...]
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears to be using revenue from cyber
A group of financially motivated Turkish hackers targets Microsoft SQL (MSSQL) servers worldwide to encrypt the victims' files with Mimic (N3ww4v3) ransomware. [...]
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.