RA Ransomware Group Aggressively Attacking Manufacturing Sector
RA World, an emerging ransomware group, has been increasingly active since March 2024, using a multi-extortion tactic to steal data and threaten to leak it if the ransom is not paid.
Their leak site shows...
Play Ransomware Variant Attacking Linux ESXi Servers
Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain access to a multitude of valuable data and control...
BianLian Ransomware Leveraging RDP Credentials To Gain Initial Access
BianLian emerged in 2022, and after its emergence rapidly, it became one of the three most active ransomware groups.
They started their operations by exploiting RDP, ProxyShell, and SonicWall VPN vulnerabilities.
The cybersecurity researchers at Juniper...
Exclusive! Analysis of 3 Ransomware Threats Active Right Now
Ransomware continues to loom large over the cybersecurity landscape, causing significant damage to individuals and organizations alike.
With the difficulty of recovering encrypted files and the potential exposure of stolen data, it is essential...
Researchers Decrypted DoNex Ransomware And It’s Rebranded Versions
Researchers discovered a flaw in the DoNex ransomware's encryption scheme, allowing them to create a decryptor for DoNex and its predecessors (Muse, fake LockBit 3.0, DarkRace).
The decryptor has been secretly provided to victims since...
New Volcano Demon Ransomware Group Threatening Victims Over Phone Call
A novel malware known as Volcano Demon has been observed targeting Windows workstations and servers, obtaining administrative credentials from the network.
The threat actor doesn't have a leak site and instead uses phone calls to...
Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered
Linux servers often provide hosting for critical applications, websites, and databases, which makes them a lucrative target for intruders to get unauthorized access to steal data and manipulate services.
Exploiting security holes in Linux servers...
Beware! CSHARP-STREAMER Malware Attacking Windows Users
CSHARP-STREAMER, a Remote Access Trojan (RAT), was identified during an investigation of a ransomware attack using Metaencryptor, with a Powershell loader deploying CSHARP-STREAMER, which utilizes publicly available techniques, including AMSI-Memory-Bypass and XOR-decryption.
These parts were...
HC3 Unveils Qilin Ransomware Attacking Global Healthcare Organizations
The Health Sector Cybersecurity Coordination Center (HC3) has issued a critical alert regarding a new ransomware strain, Qilin, which is targeting healthcare organizations worldwide.
This revelation underscores the escalating cyber threats facing the healthcare...
New Linux Variant Of RansomHub Attacking ESXi Systems
Hackers often attack ESXi systems, as they are widely used in enterprise environments to manage virtualized infrastructure, making them lucrative targets.
Threat actors can exploit security flaws in ESXi to deploy ransomware and perform other...