EHA
Fileless Technique to Deploy Ransomware

New GOOTLOADER Malware Uses Fileless Technique to Deploy Ransomware

The group behind the Windows Gootloader malware, known as UNC2565, has effectively modified the code to make it more intrusive and difficult to detect. Researchers at Mandiant noted UNC2565 started making significant adjustments to its...
Doctor Paid $60,000 in Bitcoin to Hire Dark Web Hitmen

Doctor Paid $60,000 in Bitcoin to Hire Dark Web Hitmen

A former neonatologist received an 8-year prison sentence and was mandated to pay over $25,000 in compensation, along with a $100,000 fine. Ronald Craig Ilg, age 56, received an 8-year sentence for arranging assaults and...
Vice Ransomware Group

Vice Ransomware Group Uses Custom Ransomware with New Encryption Algorithms

Cybersecurity analysts at SentinelOne security firm have recently identified that the Vice Society ransomware gang has switched to custom ransomware which is dubbed "PolyVice."  There are two algorithms that are used by this custom ransomware...
Agenda Ransomware Attacking Critical Infrastructure to Steal Sensitive Data

Agenda Ransomware Attacking Critical Infrastructure to Steal Sensitive Data

As of this year, many ransomware-as-a-service groups, notably Agenda Agenda (also known as Qilin), have developed versions of their ransomware in Rust. The Rust variant of Agenda, like its Go counterpart, has targeted important industries. Trend Micro...
Hackers Using Microsoft-signed Malicious Windows Drivers in Ransomware Attacks

Hackers Using Microsoft-signed Malicious Windows Drivers in Ransomware Attacks

Following a series of cyberattacks, including ransomware attacks, Microsoft recently revoked several Microsoft hardware developer accounts. In a coordinated disclosure, the news came from the following entities:- Microsoft Mandiant Sophos SentinelOne Authenticode signatures from Microsoft's Windows Hardware Developer Program have...
Hackers Behind Hive Ransomware

Hackers Behind Hive Ransomware Earned $100 Million from 1,300 Victims

The FBI recently asserted that there have been thousands of companies have been targeted by the notorious Hive ransomware gang since June 2021.  During that time frame, the operators of the Hive ransomware gang extorted...
Black Basta Ransomware Ties With FIN7 Hackers To Deploy Custom Hacking & Evasion Tools

Black Basta Ransomware Ties With FIN7 Hackers To Deploy Custom Hacking & Evasion Tools

There is evidence found pointing to the connection between FIN7 (aka Carbanak), a financially motivated hacking group, and the Black Basta ransomware gang.  The cybersecurity researchers at Sentinel Lab conducted an analysis in which they...
Hackers Selling Ransomware Victims and Network Access Data for $4 Million

Hackers Selling Ransomware Victims and Network Access Data for $4 Million

Israeli cyber-intelligence firm KELA has recently published its Q3 2022 ransomware report in which it has reported that an estimated $4 million worth of 576 global corporate network access is being sold worldwide by...
FARGO Ransomware Attacks MS-SQL Servers To Encrypt Internet Services

FARGO Ransomware Attacks MS-SQL Servers To Encrypt Internet Services

Cybersecurity experts at the ASEC (AhnLab Security Emergency Response Center) analysis team have recently warned that Microsoft SQL servers that are vulnerable to attacks have been targeted by the ransomware called FARGO in a...
Lorenz Ransomware Group Breach Enterprise Networks Using Their Phone Systems

Lorenz Ransomware Group Breach Enterprise Networks Using Their Phone Systems

Using Mitel's MiVoice VOIP appliances as a means to access the corporate network of enterprises, the Lorenz ransomware gang is now using a critical vulnerability in the appliances to compromise the security of enterprises. Security...