MountLocker Ransomware Expands Its Reach and Tactics A newly evolved ransomware strain, known as MountLocker, has emerged as a potent threat to corporate networks, demonstrating an alarming ability to evade security software while enabling its affiliates to execute double extortion schemes. First identified in July 2020, MountLocker has rapidly gained…
A recent breakthrough in cybersecurity research reveals a significant vulnerability within air-gapped systems, which are designed to be isolated from unsecured networks. Researchers have successfully demonstrated a method for exfiltrating sensitive data using a novel attack called AIR-FI. This technique operates by leveraging electromagnetic emissions from the computer’s DDR SDRAM…
SolarWinds, a Texas-based supplier of enterprise monitoring software, has acknowledged a major cybersecurity incident linked to a compromised version of its Orion products. Up to 18,000 customers, including numerous Fortune 500 companies and U.S. military branches, may have implemented this affected software, raising significant alarm across various sectors. This revelation…
The ongoing investigation into the SolarWinds breach continues to reveal the intricate tactics employed by the attackers who infiltrated the company’s internal systems and manipulated its software update processes. This meticulous and well-coordinated supply chain attack appears to have been in the making since at least October 2019, when the…
The Space Bears ransomware group has announced that it has acquired internal documents from Comcast by taking advantage of a breach at Quasar Inc., a telecommunications engineering firm located in Georgia. This information surfaced on the group’s dark web leak site, which notably lists Quasar as a separate victim, suggesting…
Recent reports reveal a sophisticated supply-chain attack targeting the Vietnam Government Certification Authority (VGCA). This breach involved the manipulation of the agency’s digital signature toolkit, allowing hackers to implant a backdoor into affected systems. The incident was brought to light by Slovak cybersecurity firm ESET, which identified the assault, referred…
The investigation into the SolarWinds supply chain attack continues to reveal significant findings, including the emergence of a new malware strain. Recent digital forensic analysis suggests that a different group of threat actors may be exploiting SolarWinds’ Orion software to deploy a similar persistent backdoor on compromised systems. According to…
Citrix has issued an urgent warning to its clientele regarding a pressing security breach affecting its NetScaler application delivery controller (ADC) devices. The vulnerability is being exploited by malicious actors to orchestrate amplified distributed denial-of-service (DDoS) assaults against various targets across the globe. The company stated that attackers, potentially including…
Recent investigations have surfaced an attempt to breach CrowdStrike, a prominent cybersecurity firm, within the backdrop of the ongoing espionage campaign associated with SolarWinds. The intrusion was reportedly thwarted, revealing critical insights into the current landscape of cybersecurity threats. On December 15, Microsoft’s Threat Intelligence Center flagged a third-party reseller’s…
