cybersecurity news daily
-
Ransomware
Conti ransomware group’s pulse stops, but did it fake its own death?
The leak site essential to the operation of Conti ransomware has disappeared, but everything may not be as it appears.…
-
Threats
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Threat Research Blog Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise June 16, 2021 | by Tyler McLellan, Robert…
-
Threats
The UNC2529 Triple Double: A Trifecta Phishing Campaign
In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks…
-
Ransomware
ALPHV squeezes victim with dedicated leak site for employees and customers
ALPHV, also known as BlackCat, created a leak site on the regular web, betting it can squeeze money out of…
-
Ransomware
BlackBasta is the latest ransomware to target ESXi virtual machines on Linux
BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that…
-
Breaches
Attacks Erase Western Digital Network-Attached Storage Drives
The company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends…
-
Malware Analysis
How the Trickbot C2 uses rDNS to disguise as a legitimate Australian government service
By Gabor Szathmari One interesting offshoot of researching .gov.au websites running outside Australia was an odd service running from Russia. How the Service…
-
Threats
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being…
-
Threats
Abusing Replication: Stealing AD FS Secrets Over the Network
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching…
-
Ransomware
Ransomware Task Force priorities see progress in first year
The Ransomware Task Force’s five priority recommendations, issued last year, have all seen encouraging progress from governments. This blog is…