Cybersecurity researchers have discovered a new variant of the Phobos ransomware family named Faust. This iteration was documented by Fortinet FortiGuard Labs, which detailed its dissemination method involving a Microsoft Excel document (.XLAM) that contains a VBA script capable of executing malicious actions. The attack initiates when the victim opens…
In a bold announcement reminiscent of previous disclosures, the LockBit 5.0 cybercriminal group recently introduced a new secure blogging domain, claiming it offers a multilayered protective system against law enforcement activities. This declaration, steeped in confidence, comes at a time when scrutiny over their operations has intensified. Just days prior,…
ConnectWise ScreenConnect Software Patch Addresses Critical Security Vulnerabilities ConnectWise has recently issued crucial software updates to rectify two significant security vulnerabilities in its ScreenConnect remote desktop software, including a critical flaw that could allow remote code execution on compromised systems. This follows the identification of these vulnerabilities, which the company…
Recent cyberattacks have targeted unpatched Atlassian servers, with threat actors utilizing a Linux variant of the Cerber ransomware, also referred to as C3RB3R. The incidents exploit a critical vulnerability, identified as CVE-2023-22518, which has a CVSS score of 9.1. This vulnerability affects the Atlassian Confluence Data Center and Server, permitting…
Crossroads of Cyber Crime: The Re-Victimization Phenomenon in Ransomware Attacks In examining a dataset of over 11,000 organizations impacted by Cyber Extortion and ransomware attacks, a troubling trend emerges: many victims are notably repeated targets. This raises critical questions about the nature of these re-victimizations—are they a result of multiple…
The prominent global IT consultancy firm Accenture has recently fallen victim to a ransomware attack attributed to the LockBit group. This incident marks yet another significant breach in a landscape already troubled by high-profile cybercrimes, particularly as the cybercriminal marketplace continues to adjust following the takedown of similar influential groups…
The LockBit ransomware group has made a notable return, launching its latest variant, LockBit 5.0, after a period of inactivity triggered by law enforcement actions earlier in 2024. The resurgence comes despite significant disruptions to their infrastructure and efforts to dismantle their operations during Operation Cronos. Under the direction of…
Cybersecurity experts have recently illuminated the mechanisms of a global ransomware operation attributed to Mikhail Pavlovich Matveev, a Russian national indicted by U.S. authorities for his involvement in a multitude of cyberattacks worldwide. Matveev resides in St. Petersburg and utilizes several aliases, including Wazawaka and Boriselcin, playing a pivotal role…
The U.S. Department of Justice (DoJ) has formally declared the disruption of the BlackCat ransomware operation, providing a decryption tool for over 500 victims affected by the malware. This intervention is seen as a significant step in combating ransomware threats that have plagued businesses across the globe. According to court…
