Encryption Archives - Cyber Security Minute

Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs

Issued by: Dark Reading

Multiple ransomware groups have been weaponizing an authentication bypass bug in VMware ESXi hypervisors to quickly deploy malware across virtualized environments. VMware assigned the bug (CVE-2024-37085) a “medium” 6.8 out of 10 score on the CVSS scale. The average score is largely due to the fact that it requires an attacker to have existing permissions…

Malware & Threats

The State of Ransomware in Critical Infrastructure 2024

Issued by: Naked Security

The latest annual Sophos study of the real-world ransomware experiences of energy, oil/gas and utilities sector – a core element of the critical infrastructure supporting businesses – explores the full victim journey, from attack rate and root cause to operational impact and business outcomes. This year’s report sheds light on new areas of study for…

Malware & Threats

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Issued by: The Hacker News

Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. “The new version of Zloader…

Vulnerabilities

GitHub Rotates Credentials in Response to Vulnerability

Issued by: SecurityWeek

The Microsoft-owned platform received the vulnerability report on December 26, 2023, and took immediate action to address the issue and revoke potentially exposed credentials, which led to disruptions between December 27 and 29. The security defect, which allowed access to credentials within a production container, had no impact beyond the security researcher who identified and…

Malware & Threats

Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

Issued by: Naked Security

The latest high-profile cybercrime exploits attributed to the Clop ransomware crew aren’t your traditional sort of ransomware attacks (if “traditional” is the right word for an extortion mechanism that goes back only to 1989). Conventional ransomware attacks are where your files get scrambled, your business gets totally derailed, and a message appears telling you that…

Malware & Threats

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Issued by: DataBreach Today

Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment. This seems to have been the case for BianLian, a prolific ransomware group that emerged in the summer of…

Network Security

Unpatched Akuvox Smart Intercom Vulnerabilities Can Be Exploited for Spying

Issued by: Security Week

The vulnerabilities were discovered by researchers at industrial and IoT cybersecurity firm Claroty. The company — along with CISA and CERT/CC — has attempted to report the findings to the vendor over the past year, but without success, and the security holes remain unpatched. Claroty this week disclosed technical details of its findings and CISA…

Malware & Threats

Vice Society Ransomware Attackers Adopt Robust Encryption Methods

Issued by: The Hacker News

The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. “This ransomware variant, dubbed ‘PolyVice,’ implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms,” SentinelOne researcher Antonio Cocomazzi said in an analysis. Vice Society, which is tracked by Microsoft under the…

Malware & Threats

Agenda Ransomware Uses Rust to Target More Vital Industries

Issued by: Trend Micro Blog

This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have developed versions of their ransomware in Rust, a cross-platform language that makes it easier to tailor malware to different operating systems like Windows and Linux. In this blog entry, we shed light on Agenda (also known as Qilin), another ransomware group that has started…

Application Security

Demo: Your data has been encrypted! Stopping ransomware attacks with Malwarebytes EDR

Issued by: Malwarebytes

It’s no secret that ransomware is one of the most pressing cyber threats of our day. What worse, ransomware gangs have increased their attacks on a range of vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. With Malwarebytes Endpoint Detection and Response, however, you can fight—and defeat—advanced ransomware that…