Since its emergence in December 2015, SamSam ransomware has evolved into a lucrative venture for cybercriminals, extracting nearly $6 million from its victims. Recent findings from Sophos reveal that the operators of SamSam have garnered over $5.9 million, drawn from 233 targeted victims, with an escalating profit trend averaging approximately…
Unpatched Citrix NetScaler Systems Targeted in Suspected Ransomware Attack Recent developments in cybersecurity have revealed that unpatched Citrix NetScaler systems facing the internet are being exploited by unidentified threat actors, likely in the context of a ransomware operation. Cybersecurity firm Sophos has identified this activity cluster as STAC4663, which is…
In its October 2023 Patch Tuesday update, Microsoft has addressed a total of 103 vulnerabilities across its software platforms, including two critical zero-day vulnerabilities actively exploited in the wild. This update highlights the ongoing importance of patch management in maintaining cybersecurity defenses. Among the identified vulnerabilities, 13 are categorized as…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog, adding three identified security flaws currently under active exploitation. This action underscores the ongoing priority for organizations to remain vigilant and address vulnerabilities promptly to protect their systems. The newly cataloged vulnerabilities include…
A recent cybersecurity incident involving a North Korean state-sponsored group known as Diamond Sleet has emerged as a significant threat to businesses. This group has been distributing a compromised version of a legitimate application developed by the Taiwanese company CyberLink, leveraging a supply chain attack to target downstream customers. According…
Recent CACTUS Ransomware Campaign Targets Qlik Sense Vulnerabilities A new ransomware campaign, identified as CACTUS, has been leveraging recently revealed security vulnerabilities within Qlik Sense, a cloud analytics and business intelligence platform. This operation has sparked significant concern among cybersecurity experts, marking the first known use of these vulnerabilities by…
Understanding the Escalating Cybersecurity Threats for SMBs In an era where cybersecurity breaches dominate headlines, the visibility of these risks extends beyond large enterprises to encompass small and medium-sized businesses (SMBs) and the public at large. This growing awareness among SMBs highlights the pressing need to bolster their security measures.…
A new cryptomining malware, identified as MrbMiner, has emerged, having compromised thousands of Microsoft SQL Server (MSSQL) databases since its discovery last year. This malware has been traced back to a small software development firm in Iran, following a lapse in operational security that inadvertently revealed the company’s name within…
The Gootkit malware framework, which has been recognized for distributing banking Trojans, has recently undergone significant enhancements that enable it to deliver a broader spectrum of malicious software, including ransomware variants. According to researchers from Sophos, Gabor Szappanos and Andrew Brandt, the Gootkit malware family has been in existence for…
