November 30, 2023 at 06:30AM A CACTUS ransomware campaign is exploiting vulnerabilities in Qlik Sense, noted by Arctic Wolf researchers. These exploits allow attackers to gain initial access and establish persistence through various means, including disabling security software. The broader ransomware landscape continues to adapt and prove lucrative despite crackdowns, with groups like Black Basta … Read more
November 21, 2023 at 09:00AM The ransomware strain Play is now available as a service for other threat actors, according to cybersecurity company Adlumin. Affiliates who purchase the ransomware follow step-by-step instructions from playbooks delivered with it, resulting in attacks with minimal variations. Play, also known as Balloonfly and PlayCrypt, has previously targeted networks through … Read more
November 13, 2023 at 10:03AM The RansomedVC group, operating under a ransomware-as-a-service (RaaS) model, has announced its shutdown and plans to sell its infrastructure. The group targeted organizations in Europe and was responsible for attacks on Sony and the District of Columbia Board of Elections. The shutdown is unlikely to have a significant impact on … Read more
November 8, 2023 at 04:44PM Farnetwork, a prolific cybercriminal, was exposed after engaging with researchers posing as potential associates. Farnetwork was responsible for multiple strains of ransomware, including Nefilim, Karma, Nemty, and JSWORM. The cybercriminal had affiliations with the now-defunct Nokoyawa ransomware group and was actively recruiting for their operations. Despite retirement claims, experts predict … Read more
November 8, 2023 at 03:21AM Cybersecurity researchers have identified a threat actor known as farnetwork, who has been involved in multiple ransomware-as-a-service (RaaS) programs, including JSWORM, Nefilim, Karma, and Nemty. They have recently launched their own RaaS program using the Nokoyawa ransomware. The threat actor is adept at using stolen corporate account credentials to carry … Read more
October 13, 2023 at 04:59PM US authorities, including the Cybersecurity Infrastructure and Security Agency (CISA) and FBI, have issued a warning about the AvosLocker ransomware-as-a-service (RaaS) operation that poses a threat to critical infrastructure. AvosLocker has targeted multiple industries in the US, using various tactics such as double extortion and trusted software. Ransomware attacks have … Read more