More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread.
The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from Veriti Research revealed.
Read more…
Source: SC Media
Related:
- Critical Veeam Backup & Replication Vulnerability Under Active Exploitation
October 11, 2024
Security researchers have reported CVE-2024-40711 is under active exploitation by ransomware groups. These groups are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new local Administrator accounts to facilitate further objectives on compromised networks. Reports warn of exploitation attempts since shortly after official disclosure by Veeam. Enterprise backup and disaster recovery applications are valuable ...
- Lynx Ransomware: A Rebranding of INC Ransomware
October 10, 2024
In July 2024, researchers from Palo Alto Networks discovered a successor to INC ransomware named Lynx. Since its emergence, the group behind this ransomware has actively targeted organizations in various sectors such as retail, real estate, architecture, and financial and environmental services in the U.S. and UK. Lynx ransomware shares a significant portion of its source ...
- British Columbia: Clients of Indigenous health authority react to ransomware attack
October 9, 2024
The First Nations Health Authority (FNHA) in British Columbia says it has concluded its investigation into a ransomware attack in May, but some clients remain concerned about the theft of their medical and personal information. The FNHA said it “uncovered evidence that health insurance plan billing data, procurement contracts, business contracts, FNHA budgets, cheques, information on ...
- Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections
October 8, 2024
Despite growing awareness and widespread acknowledgment of the impact of cyber threats facing the healthcare industry, many within it are still struggling to keep them at bay. The third annual Ponemon Institute Report, commissioned by Proofpoint, found that 92% of US healthcare organizations surveyed experienced at least one cyber attack in the past 12 month, with ...
- DHS: Cyber Cops Stopped 500 Ransomware Hacks Since 2021
October 4, 2024
A cybercrime-focused division of the US Department of Homeland Security says it has disrupted more than 500 ransomware attacks and seized billions of dollars in cryptocurrency since 2021. The ongoing effort from Homeland Security Investigations, which investigates cybercrime and illicit transnational activity, involves proactively notifying government agencies, companies and other potential victims that an extortion event ...
- Key Group: another ransomware group using leaked builders
October 1, 2024
Key Group, or keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group is known for negotiating with victims on Telegram and using the Chaos ransomware builder. The first public report on Key Group’s activity was released in 2023 by BI.ZONE, a cybersecurity solutions vendor: the attackers drew attention when they left an ...