Your cart is currently empty!
Author: Omar
Redis Servers Targeted by New Migo Malware for Cryptocurrency Mining
20 February 2024 NewsroomServer Security /Cryptojacking With the ultimate goal of mining cryptocurrency on compromised Linux hosts, a new malware campaign has been seen targeting Redis servers for initial access. In a technical report, Cado security researcher Matt Muir stated that” this particular campaign involves the use of several novel system weakening techniques against the…
Targeting preferences, the access economy, and ransomware groups
How are the targets chosen by ransomware groups? It’s a rhetorical question because they typically do n’t. The access to corporate IT environments is made possible by a sophisticated cybercrime supply chain, which is used by ransomware as-a-service ( RaaS ) platforms and affiliate ecosystems. In many cases, affiliates and ransomware groups buy targets rather…
Ransomware attack is confirmed by a critic of infrastructure software.
The cyber incident that PSI Software SE revealed last week was a ransomware attack that had an impact on its internal infrastructure, according to the German software developer for complex production and logistics processes,nbsp. With a global workforce of over 2,000 people, the company specializes in software solutions for significant energy suppliers. Additionally, it offers”…
Criminals are detained, the LockBit ransomware operation is shut down, and the decryption keys are released.
NewsroomRansomware/Data Protection, February 20, 2024 The U. K. National Crime Agency (NCA ) announced on Tuesday that Operation Cronos, a specialized task force, had obtained LockBit’s source code as well as information about its activities and affiliates. According to the organization, some of the data on LockBit’s systems belonged to victims who had paid the…
Covert Side-Loading Techniques Used to Catch New Malicious PyPI Packages
20 February 2024 Supply Chain Security / NewsroomMalware Two malicious packages were found using the DLL side-loading technique to run malicious code and avoid detection by security software on the Python Package Index ( PyPI ) repository, according to cybersecurity researchers. Before they were removed, the packages with the namesNP6HelperHttptest and NF6HeaterHTtper had each been…
LockBit ransomware users are detained by police, and the decryptor is released as part of a global crackdown.
Updated article with additional information on the operation on February 20 at 7:21 EST: . In an international crackdown operation, law enforcement detained two members of the LockBit ransomware gang in Poland and Ukraine, developed a free decryption tool, and took control of more than 200 crypto wallets. Additionally, five indictments and three international arrest warrants…
According to a recent report, North Koreanhackers are attacking defense firms all over the world.
20 February 2024 Newsroom Hacking and Cyber Espionage Threat actors from North Korea’s state have been linked to a global cyber espionage campaign that targets the defense industry. The Federal Office for the Protection of the Constitution ( BfV ) of Germany and the National Intelligence Service of South Korea stated in a joint advisory…
The NIST Cybersecurity Framework for SaaS Compliance
One of the most crucial standards for network security in the world is the US National Institute of Standards and Technology’s ( NIST ) cybersecurity framework. SaaS is just one of the many applications to which it can be used. The various settings present in each application present a challenge for those tasked with securing…
Learn How to Create a Real-Time Incident Response Playbook Against Scattered Spider.
The Hacker NewsWebinar / Incident Response, February 20, 2024 The brazen exploits of the Scattered Spider threat group in 2023 left a lasting impression on the turbulent cybersecurity landscape. One of the most significant ransomware attacks in recent memory resulted from their attacks on the nerve centers of significant financial and insurance institutions. It can…
ConnectWise ScreenConnect Software Has Been Found to Have Critic Flaws; Patch Now
20 February 2024 Network Security / Vulnerability in the newsroom A critical bug that could allow remote code execution on affected systems has been fixed in ConnectWise’s ScreenConnect remote desktop and access software. Below is a list of the vulnerabilities that do not currently have CVE identifiers. CVSS score: 10.0 for authentication bypass using a…