Recent Security News
-
New Black Basta decryptor exploits ransomware flaw to recover files
December 30, 2023 at 10:25AM Security Research Labs (SRLabs) has developed a decryptor called the “Black Basta Buster” that allows victims of the Black Basta ransomware to potentially recover their files for free, exploiting a flaw in the encryption algorithm used by the ransomware gang. However, the developers have since fixed the bug, rendering the…
-
Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks
December 30, 2023 at 04:42AM Cybersecurity researchers are cautioning about a surge in phishing attacks targeting cryptocurrency wallets, utilizing a technique to drain multiple blockchain networks. Notably, a group called Angel Drainer offers a “scam-as-a-service” for a percentage of stolen assets. To combat this, users are advised to use hardware wallets, verify smart contracts, and…
-
The Week in Ransomware – December 29th 2023 – LockBit targets hospitals
December 29, 2023 at 03:40PM Summary: This week, there was minimal research on ransomware, with focus on new attacks and LockBit affiliates targeting hospitals. Notable incidents include Yakult Australia’s cyber incident, Ohio Lottery’s system shutdown, LockBit attacks on German hospitals, and new ransomware variants discovered by PCrisk. Microsoft again disabled a protocol handler due to…
-
Hospitals ask courts to force cloud storage firm to return stolen data
December 29, 2023 at 03:26PM Two New York hospitals, Carthage Area Hospital and Claxton-Hepburn Medical Center, are seeking a court order to retrieve data stolen in a ransomware attack last August. The stolen data, stored on a Boston cloud storage company’s servers, includes sensitive patient information. The hospitals have taken legal action to recover the…
-
‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections
December 29, 2023 at 11:21AM The “Operation Triangulation” spyware attack bypassed iPhone memory protections using undocumented Apple chip functions and multiple vulnerabilities. The zero-click campaign targeted iMessage, exploited an RCE vulnerability, and used intricate, multi-stage attacks to gain privileged access and install spyware, presenting an unprecedented level of sophistication in iPhone cyber threats. Kaspersky recommends…