Cybercrime, the Avaddon ransomware global campaign is escalating
The FBI and the ACSC cybersecurity experts: The malware attacks are expanding the target list worldwide from a wide range of sectors.
Cybercrime, Darkside gang now target stock markets organizations
Recorded Future cybersecurity experts: The ransomware group will notify info to crooked market traders in advance, so they can short a company’s stock price.
Cybercrime, Hello ransomware uses China Chopper web shell vulnerability
Trend Micro cybersecurity experts: The malware (aka WickrMe) arrives via the CVE-2019-0604. Then, the threat actors exploit web shell to download Cobalt Strike.
Cybercrime: here it is ToxicEye, a new malware exploiting Telegram
Check Point cybersecurity experts: The RAT is managed over the platform, communicating with the attacker’s C&C server and exfiltrating data to it.
Cybercrime, Ryuk ransomware actors evolve their TTPs
Advintel cybersecurity experts: Malware operators now target exposed RDP connections to gain an initial foothold and exploit CVE-2018-8453 and CVE-2019-1069.
Cybercrime, IcedID makes its debut “in style” in the top ten malware chart
CheckPoint cybersecurity experts: The trojan (aka BokBot) comes straight into second place behind Dridex and before Lokibot. It’s a leading player.
Cybercrime, REvil evolves again: now changes password to auto-login in Safe Mode
Bleeping Computer: The ransomware automates file encryption via Safe Mode with the “DTrump4ever” password, as the sample discovered by R3MRUM.
Cybercrime, WannaCry is back and ransomware infections are surging
CheckPoint cybersecurity experts trace new samples of the malware. It still uses the EternalBlue exploit to propagate.
Cybercrime, Ziggy admins will refund ransomware victims
Money should be transferred to the user’ Bitcoin wallet address. The group in February closed the operations and published the malware source code.
Cybercrime, Hades it’s the last Evil Corp ransomware
The cybersecurity experts: It’s an evolution of the WastedLocker malware. The group (aka INDRIK SPIDER), known for Dridex, tries to bypass US sanctions.