News • Insights • Analysis
Classified documents, allegedly from Iran, reveal secret research into how a cyber attack could be used to sink a cargo ship or blow up a fuel pump at a petrol station. The internal files, obtained by Sky News, also include Read More …
July has so far ushered in at least two new ransomware groups. Or maybe they’re old ones undergoing a rebranding. Researchers are in the process of running down several different theories. Both groups say they are aiming for big-game targets, Read More …
Technical details are now available for a vulnerability that affects Hyper-V, Microsoft’s native hypervisor for creating virtual machines on Windows systems and in the Azure cloud computing environment. Currently tracked as CVE-2021-28476, the security issue has a critical severity score Read More …
In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected Read More …
While monitoring the Microsoft Exchange Server attacks in March 2021, Unit 42 researchers identified a PlugX variant delivered as a post-exploitation remote access tool (RAT) to one of the compromised servers. The variant observed by Unit 42 is unique in Read More …
UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health is one of the nation’s best hospitals, being Read More …
A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. The LockBit ransomware operation launched in September 2019 as a ransomware-as-a-service, where threat actors are recruited Read More …
Windows internet-facing servers are being targeted by a new threat actor operating “almost completely in-memory,” according to a new report from the Sygnia Incident Response team. The report said that the advanced and persistent threat actor — which they have Read More …
Security researchers warn of three new zero-day vulnerabilities in the Kaseya Unitrends service and advise users not to expose the service to the Internet. Kaseya Unitrends is a cloud-based enterprise backup and disaster recovery solution that is offered as a Read More …
The Babuk ransomware gang’s new rebrand isn’t going so well. It seems the cybercriminal group has been a victim of a ransomware attack of its own. Babuk’s latest endeavor, a Dark Web ransomware forum called RAMP, was crippled by a Read More …
