Hacking, Information Security, Ransomware and Security Intelligence

Hacking

Information Security

Ransomware

Security Intelligence

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems.

Ransomware

Ransomware Hacking Internet Internet

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks. The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. Then they use OpenSSH and Impacket to move laterally and deploy the Clop ransomware payload.

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. SecurityAffairs – hacking, STRRAT RAT). Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Security Intelligence

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

Ransomware

Ransomware Security Intelligence Encryption Advertising

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. The campaign shares victimology with recent operations conducted by Russia-linked threat actors.

Ransomware

Ransomware Telecommunications DNS Hacking

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Security Affairs

OCTOBER 16, 2022

Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. ” continues the report.

Ransomware

Ransomware Encryption Backups Security Intelligence

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Security Affairs

AUGUST 7, 2023

Senior official reports a quadruple increase in ransomware attacks against Finland since it started the process to join NATO. The number of ransomware attacks targeting Finland has increased fourfold since the country began the process of joining NATO in 2023. So I don’t believe there’s a single silver bullet.”

Ransomware

Ransomware Government Cyber threats Security Intelligence

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

SolarWinds Serv-U bug exploited for Log4j attacks

Security Affairs

JANUARY 19, 2022

We reported our discovery to SolarWinds, and security updates have been released. More info: [link] — Microsoft Security Intelligence (@MsftSecIntel) January 19, 2022. SecurityAffairs – hacking, SolarWinds). The post SolarWinds Serv-U bug exploited for Log4j attacks appeared first on Security Affairs.

Authentication

Authentication Hacking Ransomware Security Intelligence

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021. The analysis focuses on six Iranian hacking groups that are increasingly utilizing ransomware to either fundraise or disrupt the computer networks of the targets.

VPN

VPN Social Engineering Accountability Media

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

This week, VMware and Microsoft warned of an ongoing, widespread Chromeloader malware campaign that is dropping malicious browser extensions, node-WebKit malware, and ransomware. pic.twitter.com/v6sexKgDSg — Microsoft Security Intelligence (@MsftSecIntel) September 16, 2022. SecurityAffairs – hacking, malware).

Malware

Malware Adware Ransomware Security Intelligence

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

This week, the independent security researcher Nguyen Jang published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers. The availability of the exploit online was immediately noticed by several cyber security experts, including Marcus Hutchins. SecurityAffairs – hacking, Microsoft Exchange).

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Security Affairs

JANUARY 26, 2022

VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks. This month, the Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. Pierluigi Paganini.

Internet

Internet Internet Ransomware Hacking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations.

Malware

Malware Security Intelligence Banking Phishing

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. Emotet malware is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot). SecurityAffairs – hacking, Emotet). Pierluigi Paganini.

Malware

Malware Passwords Advertising Cybercrime

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020.

Government

Government Banking Advertising Malware

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

Chief Hacking Officer: Yevi, where are you at with London bank hack?”. Chief Hacking Officer: What? You committed that hack two weeks ago!”. Security kinda tough get inside.”. Chief Hacking Officer: When you should have never committed this hack.”. Hackers Also Have Financial Reporting And Quotas :).

Hacking

Hacking CISO Cybersecurity Banking

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign.

Banking

Banking Malware Security Intelligence Advertising

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. The Trickbot infrastructure was used by crooks to compromise systems and carry out human-operated campaigns, notably its use for the deployment of the Ryuk ransomware. SecurityAffairs – hacking, Trickbot). Pierluigi Paganini.

Banking

Banking Malware Advertising Financial Services

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. ” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware.

Penetration Testing

Penetration Testing Malware Advertising Spyware

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

” Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Small Business

Small Business Malware Cryptocurrency Advertising

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats. What are the benefits of cyber security awareness trainings?

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cyber Security Informer

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Webinars

Trending Sources

STRRAT RAT spreads masquerading as ransomware

Webinars

Microsoft warns about ongoing PonyFinal ransomware attacks

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

SolarWinds Serv-U bug exploited for Log4j attacks

Iran-linked APT groups continue to evolve

IT giants warn of ongoing Chromeloader malware campaigns

Researchers warn of a surge in cyber attacks against Microsoft Exchange

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

CISA alert warns of Emotet attacks on US govt entities

Hackers Also Have Financial Reporting And Quotas :)

Emotet operators are running Halloween-themed campaigns

Microsoft partnered with other security firms to takedown TrickBot botnet

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Cyber Security Awareness and Risk Management

Stay Connected