In June 2023, yet another new player was detected on the ransomware scene, dubbed NoEscape; it is now widely believed to be a successor to the previously shut-down Avaddon ransomware. Upon NoEscape's release into the wild, the malware was capable of encrypting data on Windows and Linux machine
Every year, Chainalysis publishes its crypto crime report, which focuses on tracking illicit cryptocurrency flows associated with cybercrime. Every year it makes for exciting reading, and 2023 is no different. In summary, ransomware payments are up, but cryptocurrency payments related to other
New research from security firm Check Point shows Chinese Threat Actors actively targeting European government agencies with a focus on embassies and foreign affairs ministries in a campaign used to distribute SmugX. Researchers believe this is a part of a larger trend in Chinese threat actor
Security firm Avast has released a free decryptor for those impacted by the Akira ransomware. The decryptor can help victims recover their data without paying the ransom, and Avast has released decryptors for both 64-bit and 32-bit Windows operating systems. Akira is relatively new to the rans
According to a recent report by AhnLab Security Emergency Response Center (ASEC), researchers discovered an attack campaign by an unknown threat actor using poorly managed Linux SSH servers to distribute Tsunami DDoS, a distributed-denial-of-service malware, along with several other malware strains
The threat actors behind one of the ransomware's newest kids on the block Rhysida have announced they will leak documents belonging to the Chilean Army. This comes after the Army confirmed that systems were impacted in a security incident detected over the weekend on May 27, 2023. Chilean cybe
According to a new report by Doctor Web, pirated versions of Windows 10 are being used to distribute clipper malware. Interestingly, the malware is hidden in EFI partitions to evade detection. There is a lot to unpack in that introduction, so it is best, to begin with what clipper malware is.
Following a tweet by samczum and subsequent investigations by journalists at Bloomberg, the sanctioned crypto mixer has suffered the cryptocurrency version of a hostile takeover. According to the tweet, samczum, a security researcher for crypto investment firm Paradigm, said that an attacker g
According to a recent report by Akamai, threat actors are actively looking to exploit a critical vulnerability found in a WordPress plugin, some 24 hours after proof-of-concept code was released to the public at large. The saga was summarized by Akamai researchers as follows, A recent examp
Last week this publication covered how ransomware operations were exploiting recently disclosed and patched PaperCut server vulnerabilities. According to PaperCut, the vulnerabilities, if exploited, can allow for remote code execution. The company provided more information regarding the severi