#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

ransomware | Breaking Cybersecurity News | The Hacker News

How Do Hackers Blend In So Well? Learn Their Tricks in This Expert Webinar

How Do Hackers Blend In So Well? Learn Their Tricks in This Expert Webinar

May 24, 2024 Cybersecurity Webinar
Don't be fooled into thinking that cyber threats are only a problem for large organizations. The truth is that cybercriminals are increasingly targeting smaller businesses, and they're getting smarter every day. Join our FREE webinar " Navigating the SMB Threat Landscape: Key Insights from Huntress' Threat Report ," in which Jamie Levy — Director of Adversary Tactics at Huntress, a renowned cybersecurity expert with extensive experience in combating cyber threats — breaks down the latest cyber threats to SMBs like yours and explains what you can do about them. Here's a sneak peek of what you'll learn: Attackers are Blending In: Cyber attackers are getting smarter. They are increasingly using legitimate tools to disguise their activities, making it harder for traditional security measures to detect them. Learn how these techniques work and what you can do to detect these hidden threats. Ransomware on the Rise:  Following the takedown of Qakbot, there
Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

May 23, 2024 Ransomware / Virtualization
Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse," cybersecurity firm Sygnia  said  in a report shared with The Hacker News. The Israeli company, through its incident response efforts involving various ransomware families like LockBit, HelloKitty, BlackMatter, RedAlert (N13V), Scattered Spider, Akira, Cactus, BlackCat and Cheerscrypt, found that attacks on virtualization environments adhere to a similar sequence of actions. This includes the following steps - Obtaining initial access through phishing attacks, malicious file downloads, and exploitation of known vulnerabilities in internet-facing assets Escalating their privilege
Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel

Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel

May 20, 2024 Cyber Attack / Threat Intelligence
An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively. Cybersecurity firm Check Point is tracking the activity under the moniker  Void Manticore , which is also referred to as  Storm-0842  (formerly DEV-0842) by Microsoft. "There are clear overlaps between the targets of Void Manticore and  Scarred Manticore , with indications of systematic hand off of targets between those two groups when deciding to conduct destructive activities against existing victims of Scarred Manticore," the company  said  in a report published today. The threat actor is known for its disruptive cyber attacks against Albania since July 2022 under the name Homeland Justice that involve the use of bespoke wiper malware called  Cl Wiper  and  No-Justice  (aka LowEraser). Similar wiper malware attacks have also targeted Wi
cyber security

Webinar: How to streamline security reviews with Trust Center

websiteVantaCompliance / Security Audit
Learn how Vanta Trust Center can help provide real-time evidence for passing controls and automate responses to security questionnaires.
Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks

May 20, 2024Software Security / Vulnerability
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96% of all software contains some open-source components, and open-source components make up between  70% and 90% of any given piece of modern software . Unfortunately for our security-minded developers, most modern vulnerabilities come from those software components.  As new vulnerabilities emerge and are publicly reported as  Common Vulnerabilities and Exposures  (CVEs), security teams have little choice but to ask the developer to refactor the code to include different versions of the dependencies. Nobody is happy in this situation, as it blocks new features and can be maddening to roll back component versions and hope that nothing breaks. Developers need a way to  quickly  determine if
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

May 16, 2024 Ransomware / Internet of Things
Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances. "The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of patient data stored on the vulnerable devices," operational technology (OT) security vendor Nozomi Networks  said  in a technical report. The security issues impact the Vivid T9 ultrasound system and its pre-installed Common Service Desktop web application, which is exposed on the localhost interface of the device and allows users to perform administrative actions. They also affect another software program called EchoPAC that's installed on a doctor's Windows workstation to help them access multi-dimensional echo, vascular, and abdominal ultrasound images. That being said, s
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks

Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks

May 16, 2024 Ransomware / Incident Response
The Microsoft Threat Intelligence team said it has observed a threat actor it tracks under the name  Storm-1811  abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy  Black Basta  ransomware," the company  said  in a report published on May 15, 2024. The attack chain involves the use of impersonation through voice phishing to trick unsuspecting victims into installing remote monitoring and management (RMM) tools, followed by the delivery of  QakBot , Cobalt Strike, and ultimately Black Basta ransomware. "Threat actors misuse Quick Assist features to perform social engineering attacks by pretending, for example, to be a trusted contact like Microsoft technical support or an IT professional from the target user's company to gain initial access to a target device," the tech giant said. Quick Assist is a  legitimate application  from Microsoft t
Expert Insights
Cybersecurity Resources