Security News

Short-Lived Certificates Coming to Let’s Encrypt
2024-12-16 12:06

Starting next year: Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived...

WhatsApp now encrypts contact databases for privacy-preserving synching
2024-10-23 18:52

The WhatsApp messenger platform has introduced Identity Proof Linked Storage (IPLS), a new privacy-preserving encrypted storage system designed for contact management. [...]

New ShrinkLocker ransomware uses BitLocker to encrypt your files
2024-05-24 14:59

A new ransomware strain called ShrinkLocker creates a new boot partition to encrypt corporate systems using Windows BitLocker. Ransomware using BitLocker to encrypt computers is not new.

Hackers actively exploiting Openfire flaw to encrypt servers
2023-09-26 14:20

Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Although Openfire fixed the issue with versions 4.6.8, 4.7.5, and 4.8.0, released in May 2023, VulnCheck reported that by mid-August 2023, over 3,000 Openfire servers were still running a vulnerable version.

BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
2023-07-07 10:20

Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft's Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes' terrifying velocity and damaging nature.

Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
2023-05-11 18:04

An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware ESXi servers. "There is a noticeable trend that actors increasingly use the Babuk builder to develop ESXi and Linux ransomware," said SentinelLabs threat researcher Alex Delamotte.

New Cactus ransomware encrypts itself to evade antivirus
2023-05-07 16:25

A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "Large commercial entities." What sets Cactus apart from other operations is the use of encryption to protect the ransomware binary.

IceFire ransomware now encrypts both Linux and Windows systems
2023-03-09 14:00

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. IceFire operators exploit a deserialization vulnerability in the IBM Aspera Faspex file-sharing software to hack into targets' vulnerable systems and deploy their ransomware payloads.

Let’s Encrypt issued over 3 billion certificates, securing 309M sites for free
2022-11-29 22:03

Internet Security Research Group (ISRG), the nonprofit behind Let's Encrypt, says the open certificate authority (CA) has issued its three billionth certificate this year. [...]

New ransomware encrypts files, then steals your Discord account
2022-11-20 15:07

The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer.