Internet threat news
![NoEscape Ransomware Starts Where Avaddon Left Off](/images/thumbnails/th-27322-noescape-ransomware-starts-where-avaddon-left-off.jpg)
In June 2023, yet another new player was detected on the ransomware scene, dubbed NoEscape; it is now widely believed to be a successor to the previously shut-down Avaddon ransomware.
![New Illicit Cryptocurrency Report A Mixed Bag - Ransomware Still Breaking Records](/images/thumbnails/th-27271-new-illicit-cryptocurrency-report-a-mixed-bag-ransomware-still-breaking-records.jpg)
Every year, Chainalysis publishes its crypto crime report, which focuses on tracking illicit cryptocurrency flows associated with cybercrime. Every year it makes for exciting reading, and 2023 is no different.
![Free Akira Ransomware Decryptor Released To The Public](/images/thumbnails/th-27181-free-akira-ransomware-decryptor-released-to-the-public.jpg)
Security firm Avast has released a free decryptor for those impacted by the Akira ransomware. The decryptor can help victims recover their data without paying the ransom, and Avast has released decryptors for both 64-bit and 32-bit Windows operating systems.
![DDoS Malware Distributed Through Compromised Linux SSH Servers](/images/thumbnails/th-27106-ddos-malware-distributed-through-compromised-linux-ssh-servers.jpg)
According to a recent report by AhnLab Security Emergency Response Center (ASEC), researchers discovered an attack campaign by an unknown threat actor using poorly managed Linux SSH servers to distribute Tsunami DDoS, a distributed-denial-of-service malware, along with several other malware strains to carry out different tasks on compromised machines.
![Pirated Windows 10 Downloads Used to Distribute Clipper Malware](/images/thumbnails/th-27030-pirated-windows-10-downloads-used-to-distribute-clipper-malware.jpg)
According to a new report by Doctor Web, pirated versions of Windows 10 are being used to distribute clipper malware. Interestingly, the malware is hidden in EFI partitions to evade detection.
![Sancionated Crypto Mixer Tornado Cash Hijacked](/images/thumbnails/th-26817-sancionated-crypto-mixer-tornado-cash-hijacked.jpg)
Following a tweet by samczum and subsequent investigations by journalists at Bloomberg, the sanctioned crypto mixer has suffered the cryptocurrency version of a hostile takeover.
![Threat Actors Actively Exploiting WordPress Plugin Flaw](/images/thumbnails/th-26760-threat-actors-actively-exploiting-wordpress-plugin-flaw.jpg)
According to a recent report by Akamai, threat actors are actively looking to exploit a critical vulnerability found in a WordPress plugin, some 24 hours after proof-of-concept code was released to the public at large.
![State-Sponsored Threat Actors Exploiting PaperCut Vulnerabilities](/images/thumbnails/th-26703-state-sponsored-threat-actors-exploiting-papercut-vulnerabilities.jpg)
Last week this publication covered how ransomware operations were exploiting recently disclosed and patched PaperCut server vulnerabilities. According to PaperCut, the vulnerabilities, if exploited, can allow for remote code execution.
![New Malware Granting Threat Actors Hidden VNC Access](/images/thumbnails/th-26662-new-malware-granting-threat-actors-hidden-vnc-access.jpg)
According to a new report published by Elastic Security Labs, their security researchers discovered a new malware strain dubbed LOBSHOT.
The discovery was made when researchers notices a spike a malvertising campaigns at the start of 2023, where threat actors distributed malware strains using an elaborate scheme of fake websites through Google Ads.
![Ransomware Gangs Actively Exploiting PaperCut Server Vulnerabilities](/images/thumbnails/th-26627-ransomware-gangs-actively-exploiting-papercut-server-vulnerabilities.jpg)
In March 2023, two vulnerabilities were patched in the PaperCut Application Server, both of which would allow a threat actor, if exploited, to perform unauthenticated remote code execution and information disclosure.
![Action1 RMM Seen Abused In Ransomware Attacks](/images/thumbnails/th-26589-action1-rmm-seen-abused-in-ransomware-attacks.jpg)
Following several reports from security firms, it appears that ransomware operators are abusing the remote monitoring and management (RMM) product Action1 RMM which is used by Managed Service Providers (MSPs) to manage endpoints on customer networks remotely.
![Security Researchers Discover The Fastest Known Ransomware Variant Rorschach](/images/thumbnails/th-26446-security-researchers-discover-the-fastest-known-ransomware-variant-rorschach.jpg)
In a recently published report by security firm Check Point, a newly discovered ransomware is breaking new records for the fastest encryptor. That might be the headlining grabbing feature of Rorschach, but the malware’s developers have looked to use the best features from several other variants to create a frightening foe for those tasked to defend IT infrastructure.
More Articles...
Page 4 of 53
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>