September 12, 2024 at 02:04AM The cybercriminal group “CosmicBeetle” targets small businesses in Turkey, Spain, India, and South Africa with ransomware, often experiencing glitches due to its low sophistication. The group exploits older vulnerabilities, particularly in software used by small businesses, and has links to the LockBit group. Small and midsize businesses are its main … Read more
September 10, 2024 at 12:34PM CosmicBeetle debuts new ransomware, ScRansom, targeting SMBs globally, possibly as an affiliate for RansomHub. The attack spans various sectors and uses brute-force attacks and known security flaws for infiltration. Cicada3301 ransomware is observed with modifications, while a kernel-mode signed Windows driver, POORTRY, used by multiple ransomware gangs as an EDR … Read more
September 10, 2024 at 06:41AM The NoName ransomware gang, also known as CosmicBeetle, has targeted small and medium-sized businesses for over three years, using the Spacecolon malware family and recently deploying the ScRansom ransomware. NoName has advanced to becoming a RansomHub affiliate, using various tools, exploiting vulnerabilities, and experimenting with different ransomware to increase its … Read more