October 18, 2023 at 04:46PM Cybercriminals are targeting plastic surgery offices, stealing medical records and using them to extort doctors and patients. The trend is not limited to the US, as plastic surgeons in Brazil and the UK have also been affected. The FBI has warned about these attacks and provided security tips for patients, … Read more
October 16, 2023 at 01:40PM Many state courts in Kansas are relying on paper filings due to an ongoing security incident, which may last for weeks. The Kansas Supreme Court turned off its eFiling system to examine the incident, and all filings must now be done on paper or by fax. The extent of the … Read more
October 13, 2023 at 04:59PM US authorities, including the Cybersecurity Infrastructure and Security Agency (CISA) and FBI, have issued a warning about the AvosLocker ransomware-as-a-service (RaaS) operation that poses a threat to critical infrastructure. AvosLocker has targeted multiple industries in the US, using various tactics such as double extortion and trusted software. Ransomware attacks have … Read more
October 13, 2023 at 02:22PM Security researchers have discovered the first ransomware campaign targeting organizations using a vulnerability in Progress Software’s WS_FTP Server. The campaign, carried out by the “Reichsadler Cybercrime Group,” demanded a ransom of 0.018 Bitcoin (approximately $500) to recover encrypted files. Sophos’s product prevented the download of the ransomware payload, and patches … Read more
October 13, 2023 at 12:29PM Researchers are currently monitoring state-sponsored information operations connected to the Israel-Hamas conflict, but no significant cyber activities have been observed yet. However, experts predict an increase in cyber attacks over time. There have been two notable information operations campaigns identified, one related to Iran and the other to China. The … Read more
October 13, 2023 at 10:12AM The US cybersecurity agency CISA has released two new resources to help organizations identify and eliminate security flaws targeted by ransomware groups. The resources include a column in the Known Exploited Vulnerabilities catalog that flags flaws associated with ransomware campaigns, and a table on the StopRansomware project’s website listing misconfigurations … Read more
October 13, 2023 at 07:06AM AvosLocker ransomware gang has been linked to recent attacks on critical infrastructure sectors in the U.S. The gang uses legitimate software and open-source remote administration tools to compromise networks and exfiltrate data. AvosLocker leverages sophisticated techniques to avoid detection and affects Windows, Linux, and VMware environments. The attacks rely on … Read more
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software … Read more
October 12, 2023 at 04:59PM A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a malware associated with information theft, keylogging, cryptocurrency mining, and ransomware. The campaign targets organizations in the Americas, and the developer of DarkGate is advertising it on underground forums and leasing it out as a service … Read more
October 12, 2023 at 03:33PM Simpson Manufacturing has reported a cyberattack that caused disruptions to its IT infrastructure on Oct. 10. Some systems have been taken offline while the company investigates the nature and scope of the attack. Third-party cybersecurity experts have been enlisted to assist. Operations will be disrupted until the incident is resolved. … Read more