Security News

Hackers actively exploiting Openfire flaw to encrypt servers
2023-09-26 14:20

Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Although Openfire fixed the issue with versions 4.6.8, 4.7.5, and 4.8.0, released in May 2023, VulnCheck reported that by mid-August 2023, over 3,000 Openfire servers were still running a vulnerable version.

BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
2023-07-07 10:20

Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft's Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes' terrifying velocity and damaging nature.

Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
2023-05-11 18:04

An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware ESXi servers. "There is a noticeable trend that actors increasingly use the Babuk builder to develop ESXi and Linux ransomware," said SentinelLabs threat researcher Alex Delamotte.

New Cactus ransomware encrypts itself to evade antivirus
2023-05-07 16:25

A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "Large commercial entities." What sets Cactus apart from other operations is the use of encryption to protect the ransomware binary.

IceFire ransomware now encrypts both Linux and Windows systems
2023-03-09 14:00

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. IceFire operators exploit a deserialization vulnerability in the IBM Aspera Faspex file-sharing software to hack into targets' vulnerable systems and deploy their ransomware payloads.

Let’s Encrypt issued over 3 billion certificates, securing 309M sites for free
2022-11-29 22:03

Internet Security Research Group (ISRG), the nonprofit behind Let's Encrypt, says the open certificate authority (CA) has issued its three billionth certificate this year. [...]

New ransomware encrypts files, then steals your Discord account
2022-11-20 15:07

The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer.

New AxLocker ransomware encrypts files, then steals your Discord account
2022-11-20 15:07

The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. As Discord has become the community of choice for NFT platforms and cryptocurrency groups, stealing a moderator token or other verified community member could allow threat actors to conduct scams and steal funds.

To encrypt or to destroy? Ransomware affiliates plan to try the latter
2022-09-26 13:52

Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims' data."There is no mechanism for removing files from the corruption queue, meaning that some files may be overwritten numerous times before the program terminates, while others may never have been selected," he explained.

Microsoft: Iranian hackers encrypt Windows systems using BitLocker
2022-09-08 15:30

Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems. This aligns with Microsoft's findings that DEV-0270 uses BitLocker, a data protection feature that provides full volume encryption on devices running Windows 10, Windows 11, or Windows Server 2016 and above.