The threat actors behind one of the ransomware's newest kids on the block Rhysida have announced they will leak documents belonging to the Chilean Army. This comes after the Army confirmed that systems were impacted in a security incident detected over the weekend on May 27, 2023. Chilean cybe
According to a new report by Doctor Web, pirated versions of Windows 10 are being used to distribute clipper malware. Interestingly, the malware is hidden in EFI partitions to evade detection. There is a lot to unpack in that introduction, so it is best, to begin with what clipper malware is.
Following a tweet by samczum and subsequent investigations by journalists at Bloomberg, the sanctioned crypto mixer has suffered the cryptocurrency version of a hostile takeover. According to the tweet, samczum, a security researcher for crypto investment firm Paradigm, said that an attacker g
According to a recent report by Akamai, threat actors are actively looking to exploit a critical vulnerability found in a WordPress plugin, some 24 hours after proof-of-concept code was released to the public at large. The saga was summarized by Akamai researchers as follows, A recent examp
Last week this publication covered how ransomware operations were exploiting recently disclosed and patched PaperCut server vulnerabilities. According to PaperCut, the vulnerabilities, if exploited, can allow for remote code execution. The company provided more information regarding the severi
According to a new report published by Elastic Security Labs, their security researchers discovered a new malware strain dubbed LOBSHOT. The discovery was made when researchers notices a spike a malvertising campaigns at the start of 2023, where threat actors distributed malware strains using an e
In March 2023, two vulnerabilities were patched in the PaperCut Application Server, both of which would allow a threat actor, if exploited, to perform unauthenticated remote code execution and information disclosure. In an advisory published by PaperCut, both vulnerabilities were described as
Following several reports from security firms, it appears that ransomware operators are abusing the remote monitoring and management (RMM) product Action1 RMM which is used by Managed Service Providers (MSPs) to manage endpoints on customer networks remotely. The software package allows patch
In a recently published report by security firm Check Point, a newly discovered ransomware is breaking new records for the fastest encryptor. That might be the headlining grabbing feature of Rorschach, but the malware’s developers have looked to use the best features from several other variants to c
Security researchers for the major telecommunications company AT&T have discovered a new variant of BlackGuard, a new info stealer that is gaining popularity with threat actors using underground hacking forums. This new variant is actively being distributed in the wild and boosts several new fe