DarkSide ransomware gang is back as BlackMatter operation

The notorious DarkSide ransomware gang has been relaunched as a new BlackMatter ransomware operation, according to encryption algorithms discovered in a decryptor, and is aggressively attacking corporate organizations.   International…

Estonia arrests hacker for stealing 286K ID scans

A Tallinn man was arrested in Estonia on suspicion of downloading ID scans of 286,438 Estonians from the Identity Documents Database by exploiting a government image transfer service vulnerability (KMAIS).…

Meteor wiper malware was used against Iran’s national railway system

Meteor, a wiper malware, was responsible for the cyber-attack on Iran’s national railway system, rather than ransomware as previously supposed.   Meteor was previously undetected malware, and it has yet…

Haron and BlackMatter ransomware groups appeared on hacker forum

Two new ransomware-as-a-service (RaaS) programs have emerged on the threat radar this month, one of which claims to be a successor to DarkSide and REvil, the two infamous ransomware organizations…

Oscorp is now UBEL – Info stealing Android malware

Oscorp, a mobile malware built to attack several financial targets with the purpose of stealing funds from unsuspecting victims, was revealed by Italy’s CERT-AGID in late January.   It has…

XCSSET MacOS malware steals Telegram password and Google Chrome data

New variants of the XCSSET macOS malware are able to steal login information from several apps, including Telegram and Google Chrome, and send it to C2, according to Trend Micro…

XLoader windows info-stealer malware now designed to attack macOS

The popular Windows info stealing malware has been transformed into a new strain known as XLoader, which can now attack Mac devices as well.   On an underground forum, XLoader…

Kaseya Supply-Chain attack: REvil ransomware gang demands $70 million

New information on how the notorious Russia-linked REvil cybercrime gang may have carried off the unprecedented attack has emerged amid the massive supply-chain ransomware attack that launched an infection chain…

Kaseya supply-chain attack: Firms hit by REvil ransomware

Through a Kaseya supply-chain attack, a huge REvil ransomware campaign impacts many managed service providers and their clients.   Through what seems to be a Kaseya VSA supply-chain attack, the…

Chinese researchers accidentally revealed a Windows zero-day flaw

  A critical Windows zero-day flaw known as PrintNightmare was accidentally disclosed by security researchers in China.   Sangfor Technologies, based in Shenzhen, mistakenly published technical data including a proof-of-concept…