More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread.
The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from Veriti Research revealed.
Read more…
Source: SC Media
Related:
- Ascom affected by cyber attack
March 17, 2025
On 16 March 2025, a cyber-attack compromised Ascom’s technical ticketing system. Other IT systems and customer systems remain unaffected, and our business is fully operational as usual. Investigations against such criminal offenses were initiated immediately and are ongoing. Ascom is working closely with the relevant authorities. A group calling itself the “Hellcat ransomware gang” announced on ...
- #StopRansomware: Medusa Ransomware
March 12, 2025
Medusa is a ransomware-as-a-service (RaaS) variant first identified in June 2021. As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing. The Medusa ransomware variant is unrelated to the MedusaLocker variant and the Medusa mobile ...
- Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal
March 3, 2025
The Trend Micro Managed XDR and Incident Response (IR) teams recently analyzed incidents where threat actors deploying Black Basta and Cactus ransomware used the same BackConnect malware to strengthen their foothold on compromised machines. The BackConnect malware is a tool that cybercriminals use to establish and maintain persistent control over compromised systems. Once infiltrated, it grants ...
- UK: Cyber-attack sparks security fears over NHS provider’s data
February 28, 2025
The private healthcare group that will soon take charge of Swindon community care services has been hit by a cyber-attack. HCRG Care Group recently won the contract to provide care-at-home services in the Swindon area, which was previously managed by the trust in charge of Great Western Hospital, as well as other parts of Wiltshire. The company ...
- Global hacker arrested in Thailand in joint operation of Singapore and Thai police
February 27, 2025
The Singapore Police Force (‘SPF’) collaborated with the Royal Thai Police (‘RTP’) on a cross-border operation against a hacker believed to be responsible for a series of international data breaches, leading to the arrest of a 39-year-old man on 26 February 2025 in Thailand. Investigations into the data breaches began in 2020, following reports filed by ...
- #StopRansomware: Ghost (Cring) Ransomware
February 19, 2025
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early 2021, Ghost actors began attacking victims whose internet facing ...