cyber2security blog

Multiple Ransomware Groups Adapt Babuk Code to Target ESXi VMs
Two years ago, a popular ransomware-as-a-service group's source…

‘Very Noisy:’ For the Black Hat NOC, It’s All Malicious Traffic All the Time
Black Hat Asia's NOC team gives a look inside what's really happening…

Microsoft Authenticator to Enforce Number Matching
As a way to enhance MFA security, Microsoft will require users…

New Ransomware Gang RA Group Hits U.S. and South Korean Organizations
A new ransomware group known as RA Group has become the latest…

North Korean Hackers Behind Hospital Data Breach in Seoul
Data on more than 830K people exposed in the 2021 cyberattack.
The…

Why Economic Downturns Put Innovation at Risk & Threaten Cyber Safety
Supplementing staff by hiring hackers to seek holes in a company's…

Dragos Employee Hacked, Revealing Ransomware, Extortion Scheme
Attackers compromised the personal email of a new employee and,…

Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks
Several security vulnerabilities have been disclosed in cloud…

Billy Corgan Paid Off Hacker Who Threatened to Leak New Smashing Pumpkins Songs
Corgan got FBI involved to track down the cybercriminal, who…

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Government, aviation, education, and telecom sectors located…

New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
A new ransomware-as-service (RaaS) operation called MichaelKors…

Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs
A two-bit comedian is using a patched Microsoft vulnerability…

TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline
US Transportation Security Agency (TSA) administrator reflects…

The new info-stealing malware operations to watch out for
The information-stealing malware market is constantly evolving,…

Stealthy MerDoor malware uncovered after five years of attacks
A new APT hacking group dubbed Lancefly uses a custom 'Merdoor'…

Why High Tech Companies Struggle with SaaS Security
It's easy to think high-tech companies have a security advantage…

Microsoft Advisories Are Getting Worse
A predictable patch cadence is nice, but the software giant can…

WhatsApp now lets you lock chats with a password or fingerprint
Meta is now rolling out 'Chat Lock,' a new WhatsApp privacy feature…

VirusTotal AI code analysis expands Windows, Linux script support
Google has added support for more scripting languages to VirusTotal…

The Week in Ransomware – May 12th 2023 – New Gangs Emerge
This week we have multiple reports of new ransomware families…

FBI: Bl00dy Ransomware targets education orgs in PaperCut attacks
The FBI and CISA issued a joint advisory to warn that the Bl00dy…

Ransomware gang steals data of 5.8 million PharMerica patients
Pharmacy services provider PharMerica has disclosed a massive…

New RA Group ransomware targets U.S. orgs in double-extortion attacks
A new ransomware group named 'RA Group' is targeting pharmaceutical,…

Hackers target WordPress plugin flaw after PoC exploit released
Hackers are actively exploiting a recently fixed vulnerability…

Capita warns customers they should assume data was stolen
Business process outsourcing firm Capita is warning customers…

Airline exposes passenger info to others due to a ‘technical error’
airBaltic, Latvia's flag carrier has acknowledged that a 'technical…

Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after…

Brave unveils new “Forgetful Browsing” anti-tracking feature
The privacy-focused Brave Browser is introducing a new "Forgetful…

CISA warns of critical Ruckus bug used to infect Wi-Fi access points
The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…

Brightly warns of SchoolDude data breach exposing credentials
U.S. tech company and Siemens subsidiary Brightly Software is…

Former Ubiquiti dev who extorted the firm gets six years in prison
Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced…

Toyota: Car location data of 2 million customers exposed for ten years
Toyota Motor Corporation disclosed a data breach on its cloud…

Twitter rolls out encrypted DMs, but only for paying accounts
Twitter has launched its 'Encrypted Direct Messages' feature…

Microsoft patches bypass for recently fixed Outlook zero-click bug
Microsoft fixed a security vulnerability this week that could…

Stealthier version of Linux BPFDoor malware spotted in the wild
A new, stealthier variant of the Linux malware 'BPFDoor' has…

Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and…

Philadelphia Inquirer operations disrupted after cyberattack
The Philadelphia Inquirer daily newspaper is working on restoring…

Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
An increasing number of ransomware operations are adopting the…

WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
One of WordPress's most popular Elementor plugins, "Essential…

Google brings dark web monitoring to all U.S. Gmail users
Google announced today that all Gmail users in the United States…

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs
The second generation version of Belkin's Wemo Mini Smart Plug…

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
A Russian national has been charged and indicted by the U.S.…

China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks
The Chinese nation-state actor known as Mustang Panda has been…

RapperBot DDoS malware adds cryptojacking as new revenue stream
New samples of the RapperBot botnet malware have added cryptojacking…

State-Sponsored Sidewinder Hacker Group’s Covert Attack Infrastructure Uncovered
Cybersecurity researchers have unearthed previously undocumented…

Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
Ransomware affiliates associated with the Qilin ransomware-as-a-service…

Cyolo Product Overview: Secure Remote Access to All Environments
Operational technology (OT) cybersecurity is a challenging but…

CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced…

18-year-old charged with hacking 60,000 DraftKings betting accounts
The Department of Justice revealed today that an 18-year-old…

KeePass exploit helps retrieve cleartext master password, fix coming soon
The popular KeePass password manager is vulnerable to extracting…

Apple fixes three new zero-days exploited to hack iPhones, Macs
Apple has addressed three new zero-day vulnerabilities exploited…

LayerZero launches record-breaking $15M crypto bug bounty program
LayerZero Labs has launched a bug bounty on the Immunefi platform…

MalasLocker ransomware targets Zimbra servers, demands charity donation
A new ransomware operation is hacking Zimbra servers to steal…

Cisco warns of critical switch bugs with public exploit code
Cisco warned customers today of four critical remote code execution…

Microsoft pulls Defender update fixing Windows LSA Protection bug
Microsoft has pulled a recent Microsoft Defender update that…

Hackers target vulnerable WordPress Elementor plugin after PoC released
Hackers are now actively probing for vulnerable Essential Addons…

Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
A Golang implementation of Cobalt Strike called Geacon is likely…

Cybercrime gang pre-infects millions of Android devices with malware
A large cybercrime enterprise tracked as the "Lemon Group" has…

Malicious Microsoft VSCode extensions steal passwords, open remote shells
Cybercriminals are starting to target Microsoft's VSCode Marketplace,…

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official…