Security News

Meet Interlock — The new ransomware targeting FreeBSD servers
2024-11-03 21:09

A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. [...]

LA housing authority confirms breach claimed by Cactus ransomware
2024-11-01 20:30

The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach...

North Korean hackers pave the way for Play ransomware
2024-10-31 10:42

North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware...

North Korean govt hackers linked to Play ransomware attack
2024-10-30 15:55

The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. [...]

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
2024-10-30 15:44

Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between...

Ransomware hits web hosting servers via vulnerable CyberPanel instances
2024-10-30 14:19

A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX...

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
2024-10-29 19:15

Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. [...]

Fog ransomware targets SonicWall VPNs to breach corporate networks
2024-10-27 14:17

Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature...

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions
2024-10-26 08:34

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have...

Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
2024-10-25 20:55

The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. [...]