Conti Ransomware Expands Ability to Blow Up Backups
The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.
Continue reading Conti Ransomware Expands Ability to Blow Up Backups
Author Archives: Lisa Vaas
SAS 2021: ‘Tomiris’ Backdoor Linked to SolarWinds Malware
Newly discovered code resembles the Kazuar backdoor and the Sunshuttle second-stage malware distributed by Nobelium in the SolarWinds supply-chain attacks. Continue reading SAS 2021: ‘Tomiris’ Backdoor Linked to SolarWinds Malware
Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw
The unredacted RCE exploit allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service. Continue reading Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw
Credential Spear-Phishing Uses Spoofed Zix Encrypted Email
The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more. Continue reading Credential Spear-Phishing Uses Spoofed Zix Encrypted Email
EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany
It’s not the first time that the disinformation/spearphishing campaign, which originally smeared NATO, has been linked to Russia. Continue reading EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text.
Continue reading Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
REvil Affiliates Confirm: Leadership Were Cheating Dirtbags
After news of REvil’s rip-off-the-affiliates backdoor & double chats, affiliates fumed, reiterating prior claims against the gang in “Hackers Court.” Continue reading REvil Affiliates Confirm: Leadership Were Cheating Dirtbags
Crystal Valley Farm Coop Hit with Ransomware
It’s the second agricultural business to be seized this week and portends a bitter harvest with yet another nasty jab at critical infrastructure. Continue reading Crystal Valley Farm Coop Hit with Ransomware
How REvil May Have Ripped Off Its Own Affiliates
A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliates’ cuts of ransom payments. Continue reading How REvil May Have Ripped Off Its Own Affiliates
VMware Warns of Ransomware-Friendly Bug in vCenter Server
VMware urged immediate patching of the max-severity, arbitrary file upload flaw in Analytics service, which affects all appliances running default 6.5, 6.7 and 7.0 installs.
Continue reading VMware Warns of Ransomware-Friendly Bug in vCenter Server