Latest Cybersecurity News and Articles

Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers

The use of Cheerscrypt is the latest addition to a long list of ransomware families previously deployed by the group in little over a year, including LockFile, Atom Silo, Rook, Night Sky, Pandora, and LockBit 2.0.

Finnish intelligence warns of Russia’s cyberespionage activities

The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warns of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Update: Ransomware gang leaks data stolen from LAUSD school system

LAUSD superintendent Alberto M. Carvalho confirmed the release of stolen data in a statement posted to Twitter, along with announcing a new hotline (855-926-1129) for concerned parents and students to ask questions about the data leak.

Microsoft Exchange server zero-day mitigation can be bypassed

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough.

Update: Optus reveals extent of data breach, but stays mum on how it happened

Of the 9.8 million customers impacted by the data breach, 1.2 million have at least one form of identification number that is valid, says the Singtel-owned Australian operator, adding that it has brought in Deloitte to investigate the breach.

Many IT pros don’t think a ransomware attack can impact Microsoft 365 data

The 2022 Ransomware Report by Hornetsecurity, which surveyed over 2,000 IT leaders, revealed that 24% have been victims of a ransomware attack, with 20% of attacks happening in the last year.

Analysis of DeftTorero TTPs in 2019–2021

During the intrusion analysis of DeftTorero’s webshells, researchers noted traces suggesting that the threat actor exploited a file upload form and/or a command injection flaw in a functional or staging website hosted on the target web server.

Commercial Chat Provider Comm100 Hijacked to Spread Malware in Supply Chain Attack

The attack featured a trojan malware delivered via an installer for Comm100’s Windows Desktop agent software, available on the company website and signed using a valid Comm100 certificate dated September 26, 2022, according to Crowdstrike.

CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

Tracked as CVE-2022-36804, the issue relates to a command injection vulnerability that could allow malicious actors to gain arbitrary code execution on susceptible installations by sending a specially crafted HTTP request.

BlackCat Ransomware Gang Claims to Hack US Defense Contractor NJVC

BlackCat added NJVC to the list of victims on its Tor leak site and is threatening to release the allegedly stolen data if the company will not pay the ransom. The company supports intelligence, defense, and geospatial organizations.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags