Qbot malware now uses Windows MSDT zero-day in phishing attacks

A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. Proofpoint first reported Monday that the same zero-day Read More …

New SVCReady malware loads from Word doc properties

A previously unknown malware loader named SVCReady has been discovered in phishing attacks, featuring an unusual way of loading the malware from Word documents onto compromised machines. More specifically, it uses VBA macro code to execute shellcode stored in the Read More …

Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

The DeadBolt ransomware kicked off 2022 with a slew of attacks that targeted internet-facing Network-Attached Storage (NAS) devices. It was first seen targeting QNAP Systems, Inc. in January 2022. According to a report from attack surface solutions provider Censys.io, as Read More …

The Hacker Gold Rush That’s Poised to Eclipse Ransomware

Ransomware attacks, including those of the massively disruptive and dangerous variety, have proved difficult to combat comprehensively. Hospitals, government agencies, schools, and even critical infrastructure companies continue to face debilitating attacks and large ransom demands from hackers. But as governments Read More …

Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134)

On June 2, Volexity reported that over Memorial Day weekend, they identified suspicious activity on two internet-facing servers running Atlassian’s Confluence Server application. After analysis of the compromise, Volexity determined the initial foothold was the result of a remote code Read More …

Novartis says no sensitive data was compromised in cyberattack

Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the Read More …