30 Jul 2021

Israeli Government Agencies Visit NSO Group Offices

Authorities have opened an investigation into the Israeli company, NSO Group, behind the Pegasus spyware. Officials from multiple different agencies within the Israeli government visited NSO Group’s offices as part of the new investigation amid claims that the firm is selling its powerful spyware to threat actors who then commit

Read More
30 Jul 2021

US Government Unlikely to Ban Ransomware Payments

Despite controversy over whether businesses and organizations who fall victim to ransomware should meet criminals’ demands, the US government is likely to make it illegal for victims of ransomware attacks to pay the ransom. According to the US Department of Justice, banning this act will only wreak further havoc. Oftentimes,

Read More
29 Jul 2021

No More Ransom Saves Victims Nearly €1 billion Over 5 Years

No More Ransom, a company that looks to prevent ransomware victims from paying millions of dollars to malicious hacking groups, has allegedly saved victims more than €1 billion over the past five years. No More Ransom wants to prevent incentivizing ransomware groups with large payouts and to protect victims from

Read More
29 Jul 2021

BlackMatter & Haron, Evil Ransomware Newborns or Rebirths

According to researchers, disappeared ransomware groups DarkSide and REvil have simply rebranded as Haron and BlackMatter. The two ransomware groups took down their leak sites and forums, going dark over the past several months. However, researchers claim that Haron and BlackMatter contain many of the hallmarks of the formerly active

Read More
29 Jul 2021

Hackers used never-before-seen wiper in recent attack on Iranian train system

Researchers at cybersecurity company SentinelOne recently released a report detailing a recent cyberattack on Iran’s train system. The report identifies a new threat actor dubbed MeteorExpress and a previously unknown wiper. The attack was initially reported by local news outlets on July 9, stating that hackers were defacing display screens

Read More
28 Jul 2021

Praying Mantis Threat Group Targeting US Firms in Sophisticated Attacks

Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

Read More
28 Jul 2021

Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities

The US’s Cybersecurity and Infrastructure Security Agency (CISA), Australia’s Cyber Security Centre (ACSC), and the UK’s National Cyber Security Centre (NCSC), and the US FBI recently released an advisory detailing the top 30 most exploited vulnerabilities dating back to 2017. After seven months of 2021, the agencies found that CVE-2017-11882,

Read More
27 Jul 2021

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Explicit Videos

RAMP, the underground forum started and hosted by the Babuk ransomware group, has been targeted by a comment spammer. The comment spammer flooded the ransomware gang’s new forum with explicit videos and GIFs, demanding $5k in bitcoin to make the intrusions stop. Babuk ransomware has been attempting to rebrand itself

Read More
27 Jul 2021

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft rushed to release mitigations for a new exploit that forces remote Windows systems to reveal password hashes that can easily be cracked by malicious actors. The flaw lies in the Windows NT LAN Manager, according to the company, and has been dubbed PetitPotam. Microsoft has released an advisory that

Read More
27 Jul 2021

Time to update your iPhone as Apple fixes ‘actively exploited’ zero day flaw

Apple released a fix for a previously undisclosed flaw that appears to have been actively exploited. The patch pertains to iPad iOS 14.7.1 and iOS 14.7.1. The company also released macOS Big Sur 11.5.1 to address the same issue, however, this one lies in a common Apple kernel extension called

Read More