Security News

Hackers infiltrated Collabera, siphoned off at least some employees' personal information, and infected the US-based IT consultancy giant's systems with ransomware. Collabera identified malware in its network system consistent with a ransomware attack.

A new ransomware family packs multiple unique features, including to improve performance and give its operators the option to only target networked SMB shares, VMware-owned Carbon Black reveals. Dubbed Conti, the malware improves performance through the use of "Up to 32 simultaneous encryption efforts," and is likely directly controlled by its operators, which means that it can target network-based resources and skip local files, similarly with what the Sodinokibi ransomware can do.

G Data security researchers have identified a new ransomware family that attempts to spread using infected USB drives. Dubbed Try2Cry, the new piece of ransomware borrows functionality from Spora, which first emerged three years ago.

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's a good reminder to get your software from trustworthy sources, like developers whose code is "Signed" by Apple to prove its legitimacy, or from Apple's App Store itself.

How do I select a SIEM solution for my business?To select an appropriate SIEM solution for your business, you need to think about a variety of factors. New EvilQuest macOS ransomware is a smokescreen for other threatsA new piece of ransomware dubbed EvilQuest is being delivered bundled up with pirated versions of popular macOS software, researchers warned.

Recent samples of the Snake ransomware were observed isolating the infected systems to ensure that nothing interferes with the file encryption process, security researchers warn. Initially detailed in January this year, Snake has emerged as a prevalent threat to industrial control systems, due to the targeting of processes specific to these environments.

The threat actor behind the Sodinokibi ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGate's security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware. The same web page reveals information about the attackers, clearly mentioning the name Sodinokibi, and attempts to persuade the victim to pay the ransom by promising full decryption of the affected data.

Researchers have discovered a new Mac malware that encrypts files on compromised systems like a piece of ransomware, but also allows its operators to steal data and take full control of an infected device. Initially named EvilQuest, the malware was later renamed ThiefQuest to avoid confusion as EvilQuest is the name of a video game.

We've seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Currently, more than a dozen ransomware crime gangs have erected their own blogs to publish sensitive data from victims.

Cybercriminals claim they have hacked the systems of U.S. printing giant Xerox and they are threatening to leak files stolen from the company unless they get paid. The threat actor operating the ransomware known as Maze has published several screenshots on its website in an effort to demonstrate that it has gained access to Xerox systems.