June 12, 2024 at 06:16PM Symantec’s threat hunters suspect Black Basta ransomware gang exploited a Windows privilege escalation bug, CVE-2024-26169, before Microsoft’s patch. Symantec’s analysis suggests the ransomware could have been compiled pre-patch, allowing “at least one group” to exploit the vulnerability as a zero-day. The ransomware gang, tracked as Storm-1811, used social engineering attacks … Read more
May 16, 2024 at 07:34PM Cybercrime gang leverages Microsoft Quick Assist in social engineering attacks to deploy Black Basta ransomware. Microsoft investigates and advises users to be cautious of tech support scams. Organizations are recommended to block or uninstall unused remote management tools to reduce risk. Threat indicators and hunting queries provided by Microsoft for … Read more
May 10, 2024 at 02:56PM Ascension, a major U.S. healthcare network, is diverting ambulances due to a suspected ransomware attack causing disruptions and system outages. MyChart, phone systems, and systems for ordering tests and medications are offline. Non-emergent procedures are on hold, and the network is working with experts to address the attack, suspected to … Read more
October 15, 2023 at 01:53PM DarkGate malware attacks have been using compromised Skype accounts to infect targets. The attacks involve VBA loader script attachments that download an AutoIT script to drop and execute the final DarkGate malware payload. Trend Micro researchers also observed DarkGate being pushed through Microsoft Teams. The malware-as-a-service operation has seen a … Read more