Security News

Black Basta operators phish employees via Microsoft Teams
2024-10-28 16:36

Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS...

Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
2024-10-25 20:55

The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. [...]

Black Basta poses as IT support on Microsoft Teams to breach networks
2024-10-25 20:55

The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. [...]

Black Basta-Linked Attackers Target Users with SystemBC Malware
2024-08-14 17:13

An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and...

Black Basta ransomware switches to more evasive custom malware
2024-07-30 18:55

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. Black Basta is a ransomware operator who has been active since April 2022 and is responsible for over 500 successful attacks on companies worldwide.

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
2024-06-12 11:11

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new...

Black Basta ransomware gang linked to Windows zero-day attacks
2024-06-12 10:00

The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability as a zero-day before a fix was made available. A report by Symantec says that CVE-2024-26169 has been actively exploited by the Cardinal cybercrime group, the operators of the Black Basta gang, noting that there's a good chance it was leveraged as a zero-day.

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
2024-05-19 08:00

How a GRC consultant passed the CISSP exam in six weeksAsk any IT security professional which certification they would consider to be the "Gold standard" in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. BLint: Open-source tool to check the security properties of your executablesBLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations. OWASP dep-scan: Open-source security and risk audit toolOWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.

Black Basta Ransomware Struck More Than 500 Organizations Worldwide
2024-05-17 13:00

A joint cybersecurity advisory from the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human services and Multi-State Information Sharing and Analysis Center was recently released to provide more information about the Black Basta ransomware. According to cybersecurity company SentinelOne, Black Basta is highly likely tied to FIN7, a threat actor also known as "Carbanak," active since 2012 and affiliated with several ransomware operations.

Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware
2024-05-16 23:30

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.