Security News

Black Basta-Linked Attackers Target Users with SystemBC Malware
2024-08-14 17:13

An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and...

Black Basta ransomware switches to more evasive custom malware
2024-07-30 18:55

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. Black Basta is a ransomware operator who has been active since April 2022 and is responsible for over 500 successful attacks on companies worldwide.

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
2024-06-12 11:11

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new...

Black Basta ransomware gang linked to Windows zero-day attacks
2024-06-12 10:00

The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability as a zero-day before a fix was made available. A report by Symantec says that CVE-2024-26169 has been actively exploited by the Cardinal cybercrime group, the operators of the Black Basta gang, noting that there's a good chance it was leveraged as a zero-day.

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
2024-05-19 08:00

How a GRC consultant passed the CISSP exam in six weeksAsk any IT security professional which certification they would consider to be the "Gold standard" in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. BLint: Open-source tool to check the security properties of your executablesBLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations. OWASP dep-scan: Open-source security and risk audit toolOWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.

Black Basta Ransomware Struck More Than 500 Organizations Worldwide
2024-05-17 13:00

A joint cybersecurity advisory from the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human services and Multi-State Information Sharing and Analysis Center was recently released to provide more information about the Black Basta ransomware. According to cybersecurity company SentinelOne, Black Basta is highly likely tied to FIN7, a threat actor also known as "Carbanak," active since 2012 and affiliated with several ransomware operations.

Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware
2024-05-16 23:30

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Windows Quick Assist abused in Black Basta ransomware attacks
2024-05-15 17:06

Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. During this voice phishing attack, the attackers trick the victims into granting them access to their Windows devices by launching the Quick Assist built-in remote control and screen-sharing tool.

Uncle Sam urges action after Black Basta ransomware infects Ascension
2024-05-13 18:30

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Black Basta target orgs with new social engineering campaign
2024-05-13 12:39

The advisory lists indicators of compromise associated with Black Basta ransomware attacks and offers advice for organizations. Rapid7 analysts have also shared the latest social engineering trick by the Black Basta operators: they spam targets' inbox with junk email, then phone them posing as a member of their organization's IT team, and offer assistance.