The Macaw Locker ransomware encrypts victims’ files and append the .macaw extension to the file name of the encrypted files. It drops ransom notes with a link to a unique victim negotiation page.

The malicious Docker image was hosted in Docker Hub under the handle name alpineos, a community user who joined Docker Hub on May 26, 2021. Reportedly, the profile was hosting 25 Docker images.

The bank issued a statement on Monday to inform customers about the cyberattack, it also added to have “identified a cybersecurity incident in our systems that has partially disabled our services.”

According to the update, Twitch passwords have not been exposed. The company believes that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed.

Operators behind the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet have added a PoC exploit for Visual Tools DVR, a professional digital video recorder used in surveillance video systems.

The IT giant addressed four vulnerabilities in Acrobat and Reader for Windows and macOS, including two critical arbitrary code execution flaws, tracked as CVE-2021-40728 and CVE-2021-40731.

The exposed configuration file, first indexed on an IoT search engine on September 7, appears to be the main configuration file of the application hosted on the ‘upliftmedia’ subdomain of Sky.com.

Resecurity, Inc. and its cyber threat intelligence and R&D unit, HUNTER, drained the Agent Tesla Command & Control Servers (C2) and extracted over 950GB of logs, files, and other information.

Proofpoint researchers have discovered a new Ursnif baking Trojan campaign carried out by a group tracked as TA544 that is targeting organizations in Italy. The experts observed nearly 20 notable campaigns.

The threat actors claim to have stolen data from the company and are threatening to leak them on the dark web leak site of the group in case the company will not pay the ransom.