Recent Security News
-
FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies
February 15, 2024 at 02:45PM The US government has neutralized a Russian cyber espionage platform by disrupting a botnet of hundreds of Ubiquiti Edge OS routers controlled by the APT28 group. The routers were initially infected with ‘Moobot’ malware by cybercriminals and subsequently hijacked by the Russian group. The operation involved deleting stolen data and…
-
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
February 15, 2024 at 02:19PM CISA and MS-ISAC conducted an incident response assessment revealing a threat actor gaining unauthorized access to a state government organization’s network environment. Moreover, the attacker compromised network administrator credentials through the account of a former employee, successfully accessing the organization’s internal and Azure environments. A Cybersecurity Advisory containing mitigation strategies…
-
US offers up to $15 million for tips on ALPHV ransomware gang
February 15, 2024 at 01:57PM The U.S. State Department is offering rewards of up to $10 million for information on the ALPHV/Blackcat ransomware gang leaders and an additional $5 million for tips on individuals involved in ALPHV ransomware attacks. The FBI linked the gang to over 60 breaches and over $300 million in ransom payments.…
-
RansomHouse gang automates VMware ESXi attacks with new MrAgent tool
February 15, 2024 at 01:57PM RansomHouse’s new tool ‘MrAgent’ automates deploying its data encrypter across multiple VMware ESXi hypervisors. This ransomware targeting large organizations maximizes impact by compromising critical applications and services. Custom configurations include scheduling an encryption event and altering the hypervisor’s monitor message. The tool’s adaptation for Windows systems demonstrates intent to extend…