Cyber Security News

Action1 RMM Seen Abused In Ransomware Attacks
Date

Action1 RMM Seen Abused In Ransomware Attacks

Following several reports from security firms, it appears that ransomware operators are abusing the remote monitoring and management (RMM) product Action1 RMM which is used by Managed Service Providers (MSPs) to manage endpoints on customer networks remotely. The software package allows patch

Emotet Returns With A Sneaky Way To Avoid Detection
Date

Emotet Returns With A Sneaky Way To Avoid Detection

On March 7, 2022, Bleeping Computer broke the news that Emotet activity had surged back to life and the malware was once again facilitating the sending of malicious spam emails. After a three-month break, the malware’s operators deemed it was time to ramp up operations once more from an all too bri

LockBit’s Ever-Increasing Victim List
Date

LockBit’s Ever-Increasing Victim List

Recent news articles have shone a light on LockBit’s current operations which seem to be yielding results in encrypting data and putting a halt to several organizations' operations. The most recent of which is Essendant, a wholesale distributor of stationery and office supplies owned by Staples. The

APT27 Develops Linux Version of their Malware
Date

APT27 Develops Linux Version of their Malware

Chinese advanced persistent threat group, APT27, also known as Bronze Union, Emissary Panda, Iron Tiger, Lucky Mouse, or TG-3390, is now developing Linux version of their custom malware payloads. The group is best known for its cyber espionage abilities by leveraging custom malware packages. With th

New Post-Exploit Kit Linked to LockBit
Date

New Post-Exploit Kit Linked to LockBit

For many of the readers of this publication they will be aware of the heyday of exploit kits, effective toolsets to take advantage of vulnerable software packages. When Adobe’s Flash and Microsoft’s Internet Explorer had significant market dominance these toolkits were far more common and used to ga

Porsche South Africa Hit by Possible Ransomware Attack
Date

Porsche South Africa Hit by Possible Ransomware Attack

On February 21, 2023, South African publication MyBroadband published an article noting that Porshe South Africa’s headquarters in Johannesburg had possibly suffered a ransomware attack. The publication stated, “MyBroadband understands the attackers used a relatively new ransomware strain cal

VMWare ESXi Servers Targeted by Ransomware Gangs
Date

VMWare ESXi Servers Targeted by Ransomware Gangs

Following several reports from security firms and cyber security publications it is apparent several ransomware gangs are actively exploiting a two-year-old vulnerability that allows for remote code execution on VMWare ESXi servers. One of the initial warnings was issued by the French Computer Emerg