Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
threatintel
Medusa Locker Ransomware Victim: Water For People
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Limburg
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Atomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted Payload
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat...
There is a Ransomware Armageddon Coming for Us All
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
Mandiant’s X Account Was Hacked Using Brute-Force Attack
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing...
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to...
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked...
Fidelity National Financial Hackers Stole Data Of 13 Million People
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data...
Shinyhunters Member Gets 3 Years In Prison For Breaching 60 Firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution...
Pro Ukraine Hackers Breach Russian Isp In Revenge For Kyivstar Attack
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct...
Fake 401k Year End Statements Used To Steal Corporate Credentials
Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports...
Windows 10 Kb5034441 Security Update Fails With 0x80070643 Errors
Windows 10 users worldwide report problems installing Microsoft's January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the...
Mandiants X Account Hacked By Crypto Drainer As A Service Gang
Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it...
Ivanti Warns Of Connect Secure Zero Days Exploited In Attacks
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers...
Cisco Says Critical Unity Connection Bug Lets Attackers Get Root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched...
CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on January 9, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways Ivanti has released a security update to address an...
