City of Oakland systems offline after ransomware attack

The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, Read More …

PayPal and Twitter abused in Turkey relief donation scams

Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. This week, high magnitude earthquakes claimed more than 15,000 lives, caused extensive infrastructural damage and disrupted Read More …

UK government “left council to deal with ransomware attack” that cost £11m

The government left Redcar and Cleveland Borough Council to fight a massive ransomware attack alone for a week, with minimal support or correspondence, the council’s leader has said. Mary Lanigan told MPs yesterday that while police and cybercrime officers were Read More …

UK cracks down on ransomware actors

Seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally Read More …

‘Real arms race’ on defending Irish health system against cyber attacks

There is a “real arms race” between cyber attackers and efforts to defend Irish health systems, a committee has heard. The Public Accounts Committee also heard that 32,000 letters had been issued in recent weeks to patients, clients and staff Read More …

Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs

Trend Micro researchers recently found an active campaign that uses a fake employment pretext targeting Eastern Europeans in the cryptocurrency industry to install an information stealer. In this campaign, the suspected Russian threat actors use several highly obfuscated and under-development Read More …

Beyond the basics: Implementing an active defense

Having an active defense posture, where the defenders actively use threat intelligence and their own environment telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can Read More …

New ESXiArgs ransomware version prevents VMware ESXi recovery

New ESXiArgs ransomware attacks are now encrypting more extensive amounts of data, making it much harder, if not impossible, to recover encrypted VMware ESXi virtual machines. Last Friday, a massive and widespread automated ransomware attack encrypted over 3,000 Internet-exposed VMware Read More …

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in unpatched Read More …