Category: General

Created with Sketch.

Dallas Appraisal District paid $ 170,000 due to ransomware

The Dallas Central Appraisal District was forced to pay $170,000 after a ransomware attack in November. On Election Day 2022, all 300 county desktops were frozen. The emails did not work, and the website disappeared, the Dallas Morning News reported. All they could see was an extortion message from Royal Ransomware. The attack brought the…
Read more

A new threat actor tracked by TA886 is targeting organizations in the United States and Germany with new custom malware to track and steal data on infected systems

The previously unknown activity was first discovered by Proofpoint in October 2022, with the security firm reporting that it continued into 2023. The threat actor appears to be financially motivated, and performs an initial assessment of compromised systems to determine if the target is valuable enough for further intrusion. The hacker targets victims using phishing…
Read more

The US Cybersecurity and Infrastructure Security Agency (CISA) has released an open source tool that can help some victims of the recent ESXiArgs ransomware attacks recover their files

The ESXiArgs ransomware attacks, first spotted on February 3, include an exploit for CVE-2021-21974, a high-hardware ESXi remote code execution vulnerability that VMware patched in February 2021. Hackers are leveraging the vulnerability to deploy file-encrypting malware targeting virtual machines (VMs). The cybercriminals also claim to have stolen data – which they are threatening to leak…
Read more

The broad ransom campaign on VMware Esxi servers – the US Cyber and Infrastructure Agency publishes a script to recover the information?

The campaign, which has so far hit at least 2,800 servers , is not considered particularly successful by the attackers. In monitoring the crypto wallets, it appears that very little ransom money was paid ($100k~) and in retrospect it turns out that the attackers performed the encryption in a sloppy way that allows the information…
Read more

A new campaign of QBot malware known as “QakNote” has been spotted in the field since last week, using malicious Microsoft OneNote ‘.one’ attachments to infect systems with the banking trojan

The Qbot (aka QakBot) is a former banking trojan that has evolved into malware that specializes in gaining initial access to devices, allowing hackers to load additional malware onto the compromised machines and perform data theft, ransomware, or other network-wide activities. Hackers can embed almost any file type when creating malicious OneNote documents, including VBS…
Read more

The Holy Souls group known as NEPTUNIUM has claimed to have stolen the personal information of over 200,000 customers of the French satirical magazine Charlie Hebdo

The group released a spreadsheet containing usernames, phone numbers and home and email addresses as proof. The leak could put customers at risk by making them targets for extremist organizations. “We believe this attack is a response by the Iranian government to a cartoon contest held by Charlie Hebdo. A month before they carried out…
Read more

Skip to content