17 Sep 2021

Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang

Microsoft and RiskIQ researchers have uncovered several campaigns using a recently patched Microsoft MSHTML flaw, restating calls for organizations to update impacted systems. The vulnerability was first exploited by the Ryuk ransomware gang, which leveraged the bug ahead of the patch, according to the new research. Microsoft released the fix

Read More
16 Sep 2021

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

Bitdefender collaborated with law enforcement to create a key that would release data encrypted in ransomware attacks before the REvil ransomware gang disappeared from the internet on July 13. The universal decryption key will be free for victims of REvil ransomware attacks. The firm announced that it will be passing

Read More
13 Sep 2021

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight

A new Android banking trojan referred to as SOVA is currently under active development, according to researchers. The malware is reportedly looking to incorporate several tools into its arsenal, including ransomware functionality, distributed denial of service, and man in the middle. The banking trojan already boasts functions such as banking

Read More
08 Sep 2021

Cyber-Attack on Washington DC University

At Howard University in Washington DC, classes were canceled due to a cyberattack. Last week, suspicious activity was discovered on the school’s network by its information technology team. On Monday, the university stated that it was collaborating with forensic experts and law enforcement to investigate what appeared to be a

Read More
03 Sep 2021

FBI Warns Food and Agriculture Firms of Ransomware Threat

The Federal Bureau of Investigation (FBI) has released a warning alerting companies in the food and agricultural sector that they are at high risk for ransomware. This is partially due to corporate attack surfaces expanding, according to the bureau. The notification stated that the sectors contain critical infrastructures that could

Read More
31 Aug 2021

LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

In July, researchers at Sophos discovered a new emerging threat in July that exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems. The ransomware is referred to as LockFile and uses a unique intermittent encryption method as a means of evading detection. The ransomware gans also adopts tactics

Read More
26 Aug 2021

“Sophisticated” Cyber-Attack Compromises Patient Data at Private Health Clinic

In Singapore, Eye & Retina Surgeons revealed that over 73,000 patients were affected by a sophisticated cyberattack. The private medical clinic released a statement earlier this week, revealing that the attack took place on August 6. The cyberattack compromised sensitive data such as patients’ names, addresses, ID card numbers, contact

Read More
25 Aug 2021

FBI Issues Ransomware Group Flash Alert

The FBI recently released a flash warning due to the recent activities of an organized cyber-criminal gang referred to as the OnePercent Group. In the alert, which was published on Monday, the FBI stated that the group has been targeting US companies since November 2020. OnePercent uses the threat emulation

Read More
23 Aug 2021

Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits

Researchers have uncovered a campaign in which a Nigerian threat actor is seeking to turn an organization’s employees into insider threats. The individual, or potentially multiple individuals, have crafted campaign emails that offer 1 million in Bitcoin if the target installs DemonWare onto an organization’s network. It appears as though

Read More
18 Aug 2021

Black Hat and Def Con 2021 – Observations and Trends

The Black Hat and Def Con cybersecurity events are the most highly anticipated of the year.  Each event had an in-person component this year and OODA CEO Matt Devost provides his observations from each event.

Read More