Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe.
Volexity Warns of ‘Active Exploitation’ of Zimbra Zero-Day
Ransomware Attack Disrupts Manufacturing at KP Snacks
British snacks producer Kenyon Produce (KP) Snacks has fallen victim to a ransomware attack that caused some disruptions to its manufacturing and distribution operations.
The German-owned company says it became aware of the attack on January 28, and that it immediately took the necessary steps to contain the incident.
Ransomware Often Hits Industrial Systems, With Significant Impact: Survey
Ransomware attacks in many cases hit industrial control systems (ICS) or operational technology (OT) environments, and impact is often significant, according to a report published on Thursday by IoT and industrial cybersecurity company Claroty.
Financially Motivated Hackers Use Leaked Conti Ransomware Techniques in Attacks
A series of financially motivated attacks are employing techniques observed in Conti ransomware playbooks that were leaked online in August 2021, Mandiant reports.
Walmart Dissects New ‘Sugar’ Ransomware
The cyber threat team at retail giant Walmart has dissected a new ransomware family dubbed Sugar, which is available to cybercriminals as a ransomware-as-a-service (RaaS).
Newly Detected “StrifeWater” RAT Linked to Iranian APT
The Iranian threat group known as Moses Staff was first spotted in October 2021. It claims its purpose is to harm Israeli companies by leaking sensitive stolen data, but it has also been seen targeting a variety of industries in countries such as Italy, India, Germany, Chile, Turkey, UAE and the U.S.
Iranian Hackers Using New PowerShell Backdoor Linked to Memento Ransomware
Attacks from the Iranian Phosphorus APT (aka Charming Kitten, APT35) are well documented. Now a new set of tools incorporated into the group’s arsenal, and a connection with the Memento ransomware, have been discovered.
Over 100 Million Android Users Installed ‘Dark Herring’ Scamware
More than 105 million Android users downloaded and installed scamware from Google Play and third-party app stores, according to mobile security firm Zimperium.
Attack Surface Management Play Censys Scores $35M Investment
The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion.
REvil Ransomware Operations Apparently Unaffected by Recent Arrests
The REvil (Sodinokibi) ransomware cooperative’s activity did not even slow down following Russia’s recent move to arrest several alleged members of the group, according to threat intelligence company ReversingLabs.
