-
Microsoft: Clop and LockBit ransomware behind PaperCut server hacks
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data.
- April 26, 2023
- 07:28 PM
0
-
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks.
- April 19, 2023
- 06:00 AM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Vice Society ransomware uses new PowerShell data theft tool in attacks
The Vice Society ransomware gang is deploying a new, rather sophisticated PowerShell script to automate data theft from compromised networks.
- April 14, 2023
- 03:46 PM
- 0
-
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
- March 08, 2023
- 12:37 PM
- 0
-
SCARLETEEL hackers use advanced cloud skills to steal source code, data
An advanced hacking operation dubbed 'SCARLETEEL' targets public-facing web apps running in containers to infiltrate cloud services and steal sensitive data.
- February 28, 2023
- 11:00 AM
- 0
-
North Korean hackers stole research data in two-month-long breach
A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction.
- February 02, 2023
- 12:56 PM
- 0
-
Malicious ‘SentinelOne’ PyPI package steals data from developers
Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client for the trusted American cybersecurity firm but, in reality, steals data from developers.
- December 19, 2022
- 12:00 PM
- 0
-
Air-gapped PCs vulnerable to data theft via power supply radiation
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems isolated from the internet over a distance of at least two meters (6.5 ft), where its captured by a receiver.
- December 10, 2022
- 10:06 AM
- 7
-
Phishing drops IceXLoader malware on thousands of home, corporate devices
A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware.
- November 10, 2022
- 05:58 PM
- 0
-
Medibank now says hackers accessed all its customers’ personal data
Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack.
- October 26, 2022
- 10:30 AM
- 0
-
TommyLeaks and SchoolBoys: Two sides of the same ransomware gang
Two new extortion gangs named 'TommyLeaks' and 'SchoolBoys' are targeting companies worldwide. However, there is a catch — they are both the same ransomware gang.
- October 22, 2022
- 11:12 AM
- 0
-
BlackByte ransomware uses new data theft tool for double-extortion
A BlackByte ransomware affiliate is using a new custom data stealing tool called 'ExByte' to steal data from compromised Windows devices quickly.
- October 21, 2022
- 06:00 AM
- 0
-
Hackers use new stealthy PowerShell backdoor to target 60+ victims
A previously undetected and undocumented PowerShell backdoor is being actively used by a threat actor who has targeted at least 69 entities.
- October 19, 2022
- 12:29 PM
- 0
-
The Week in Ransomware - September 30th 2022 - Emerging from the Shadows
This week's news primarily revolves around LockBit, BlackMatter, and the rising enterprise-targeting Royal ransomware operation.
- September 30, 2022
- 04:48 PM
- 0
-
New Royal Ransomware emerges in multi-million dollar attacks
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million.
- September 29, 2022
- 10:32 AM
- 0
-
BlackCat ransomware’s data exfiltration tool gets an upgrade
The BlackCat ransomware (aka ALPHV) isn't showing any signs of slowing down, and the latest example of its evolution is a new version of the gang's data exfiltration tool used for double-extortion attacks.
- September 22, 2022
- 06:00 AM
- 0
-
GIFShell attack creates reverse shell using Microsoft Teams GIFs
A new attack technique called 'GIFShell' allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs.
- September 08, 2022
- 03:28 PM
- 4
-
New 'Donut Leaks' extortion gang linked to recent ransomware attacks
A new data extortion group named 'Donut Leaks' is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando.
- August 23, 2022
- 11:06 AM
- 0
-
ETHERLED: Air-gapped systems leak data via network card LEDs
Israeli researcher Mordechai Guri has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards. Dubbed 'ETHERLED', the method turns the blinking lights into Morse code signals that can be decoded by an attacker.
- August 23, 2022
- 07:28 AM
- 8
-
LockBit claims ransomware attack on security giant Entrust, leaks data
The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.
- August 18, 2022
- 07:06 PM
- 0
