Malware

New .NET Malware "WhiteSnake" Targets Python Developers, Uses Tor for C&C Communication

Apr 24, 2023 By Andrey Polkovnychenko In JFrog

The JFrog Security Research team recently discovered a new malware payload in the PyPI repository, written in C#. This is uncommon since PyPI is primarily a repository for Python packages, and its codebase consists mostly of Python code, or natively compiled libraries used by Python programs. This finding raised our concerns about the potential for cross-language malware attacks.

Read Post

JFrog

Read more about New .NET Malware "WhiteSnake" Targets Python Developers, Uses Tor for C&C Communication

Hackers Backdoor to Microsoft SQL Servers using Trigona ransomware

Apr 24, 2023 By John Gates In CalCom

South Korean cyber security organisation AhnLab has identified a breach in Microsoft SQL servers allowing deployment of Trigona ransomware. The attacks were threat actors using brute-force or dictionary attacks with obtained or guessed credentials to infiltrate externally accessible MS-SQL servers.

Read Post

CalCom

Read more about Hackers Backdoor to Microsoft SQL Servers using Trigona ransomware

BlackCat Ransomware Group Says Aloha to POS

Apr 23, 2023 By Shmuel Gihon In Cyberint

Cyber attacks can have a significant impact on point-of-sale (POS) services, which are used in retail environments to process transactions and collect payments from customers. POS systems typically involve the use of software, hardware, and network components, which can be vulnerable to a variety of cyber threats. A successful campaign targeting POS systems can result in credit card theft, transaction tampering, service disruption, brand damage and other severe organizational damage.

Read Post

Cyberint

Read more about BlackCat Ransomware Group Says Aloha to POS

Ransomware trends: the European transport sector

Apr 23, 2023 By Miles In JUMPSEC

As Aviation, Maritime, Rail and Road transport organisations are reportedly experiencing increased levels of ransomware activity across Europe as per ENISA’s recent report, JUMPSEC analysts have combined the findings with JUMPSEC’s attacker reported data scraped from a variety of sources (including the dark web) providing further context to the risks currently posed to European transport organisations.

Read Post

JUMPSEC

Read more about Ransomware trends: the European transport sector

Cyber Security Decoded S1 E3 featuring Sandra Joyce

Apr 23, 2023 By Rubrik In Rubrik

Tune in to hear from the Head of Rubrik Zero Labs Steve Stone as he sits down with Sandra Joyce, Vice President of Mandiant Intelligence at Google Cloud to discuss the State of Data Security!

View Video

Rubrik

Read more about Cyber Security Decoded S1 E3 featuring Sandra Joyce

Threat Update: AwfulShred Script Wiper

Apr 21, 2023 By Splunk Threat Research Team In Splunk

The Splunk Threat Research Team (STRT) continues to analyze and produce content related to the ongoing geopolitical conflict in eastern Europe where new variances of destructive payloads are being released, targeting government and civilian infrastructure. The sole purpose of these destructive payloads is to decimate infrastructure; there is no ransom or alternative presented, and they need to be addressed as soon as they are detected.

Read Post

Splunk

Read more about Threat Update: AwfulShred Script Wiper

MXDR Demo: Eradicating Multi-Vector Fileless Malware Attack in Minutes

Apr 21, 2023 By CrowdStrike In CrowdStrike

CrowdStrike Falcon Complete XDR is the world’s first managed extended detection and response (MXDR) service with end-to-end remediation, from the #1 MDR leader. In this video, we demonstrate how the Falcon Complete XDR service team identifies, triages, and fully-remediates the cross-domain XDR threat activity associated with an advanced, file-less malware attack as the adversary attempts to persist and exfiltrate from servers in the customer’s environment.

View Video

CrowdStrike

Read more about MXDR Demo: Eradicating Multi-Vector Fileless Malware Attack in Minutes

Beyond the ransom: Unpacking the true cost of a ransomware attack

Apr 20, 2023 By General In ManageEngine

Ransomware has become a significant threat in today’s digital landscape, with cybercriminals using it as an effective means of making money, often with a low cost and high profit margin. Victims rarely recover their stolen data in full, despite promises from the perpetrators, so most of the time paying the ransom is not a viable solution.

Read Post

ManageEngine

Read more about Beyond the ransom: Unpacking the true cost of a ransomware attack

11:11 Systems' CTO shares insight into Oakland's ransomware attack

Apr 20, 2023 By 11:11 Systems In 11:11 Systems

The city of Oakland was victim of a ransomware attack, gaining access to city services, employee information, payroll, and more. TVU Fox 2 interviewed Justin Giardina, Chief Technical Officer of 11:11 Systems, and asked him to share insight into the cybersecurity situation.

View Video

11:11 Systems

Read more about 11:11 Systems' CTO shares insight into Oakland's ransomware attack

Detecting and mitigating ransomware using Endpoint Central.

Apr 18, 2023 By ManageEngine In ManageEngine

Is your organization at risk of a ransomware attack? Don't wait until it's too late. With Endpoint Central's advanced anti-ransomware solution, you can detect and block intrusions in real-time, using our multi-patented technology and AI-assisted detection engine. Keep your data safe and prevent costly ransom payments with Endpoint Central's 24/7 threat detection and rapid response capabilities.

View Video