Cybersecurity Attacks Archives

ViperSoftX campaign steals cryptocurrency and targets password managers

Cybersecurity Attacks, Malware, Password Management / By Frank Crast / May 1, 2023 / C&C, Command and Control, Cryptocurrency, passwords, ViperSoftX

Security experts have discovered a new version of ViperSoftX, a malware that steals cryptocurrency and targets password managers, such as KeePass and 1Password.

LockBit 3.0 Ransomware: An evolving threat that challenges network defenses and mitigations

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / March 21, 2023 / ALPHV, BlackCat, BlackMatter, LockBit, LockBit Black, malware, RaaS, Ransomware

The FBI, CISA, and MS-ISAC have released a joint cybersecurity advisory regarding LockBit 3.0 ransomware as identified through FBI investigations as recently as this month.

Royal Ransomware uses a unique “partial encryption approach” to evade detection

Cybersecurity Attacks, Malware, Phishing, Ransomware / By Frank Crast / March 3, 2023 / CISA, Cobalt Strike, encryption, FBI, Ransomware, RMM, Royal, SysInternals, Zeon

CISA and FBI have published a joint cybersecurity alert on Royal ransomware used in recent cyberattacks as recently as January 2023. The ransomware uses a unique “partial encryption approach” to evade detection.

Threat actors abuse Windows debugger tool to disguise PlugX trojan attacks

Cybersecurity Attacks, Malware / By Frank Crast / February 27, 2023 / debugger, malware, PlugX, RAT, Windows, x32dbg.exe

Researchers have discovered threat actors abusing legitimate open-source debugger tool for Windows to disguise PlugX trojan attacks.

CISA Adds IBM and Mitel Vulnerabilities To Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / February 22, 2023 / Aspera, CVE-2022-40765, CVE-2022-41223, CVE-2022-47986, Faspex, IBM, Mitel, MiVoice

The Cybersecurity and Infrastructure Security Agency (CISA) has added IBM and Mitel vulnerabilities to its Known Exploited Vulnerabilities Catalog.

CISA Adds Intel, Oracle and 3 other Vulnerabilities To Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / February 10, 2023 / CVE-2022-21587, Forta, Intel, Oracle, SugarCRM, TerraMaster

The Cybersecurity and Infrastructure Security Agency (CISA) has added Intel, Oracle, TerraMaster, Forta, and SugarCRM vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Clop: New Linux ransomware variant threat

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / February 7, 2023 / Cl0p, Clop, Linux, Ransomware

Researchers from SentinelLabs have spotted the first Linux variant of Cl0p (aka “Clop”) ransomware, targeting Linux systems on December 26, 2022.

Attackers exploit VMware ESXi RCE vulnerability to deliver ESXiArgs ransomware

Cybersecurity Attacks, Ransomware / By Frank Crast / February 7, 2023 / CERT-FR, CVE-2021-21974, Cyberattack, ESXi, ESXiArgs, OpenSLP, VMware

French authorities and security researchers warn attackers have been exploiting two-year old VMware ESXi remote code execution (RCE) vulnerability (CVE-2021-21974) to deliver ESXiArgs ransomware.

Microsoft: RaaS attacks continue to evolve and expand

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / February 2, 2023 / Batloader, BlackCat, LockBit, Microsoft, RaaS, Ransomware

Microsoft has been tracking over 100 threat actors using 50 unique active ransomware families in attacks around the globe.

Vice Society ransomware gang targets manufacturing firms

Cybersecurity Articles, Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / February 1, 2023 / FiveHands, Hello Kitty, PrintNightmare, Ransomware, Vice Society, Zeppelin

Vice Society ransomware gang has been targeting manufacturing firms in Brazil, Argentina, Switzerland, and Israel, with their own custom-built ransomware.