Files Within Password-Protected WinRAR Archives Locked by New Memento Ransomware Group

Memento ransomware group makes its way on the threat landscape scene. Their approach seems to be quite uncommon, as the threat actor group locks files in WinRAR archives protected by…

Ransomware is now a giant black hole that is sucking in all other forms of cybercrime

Ransomware is so lucrative for the gangs involved that other parts of the cybercrime ecosystem are being repurposed into a system for delivering potential victims. “The gravitational force of ransomware’s…

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained…

New BazarBackdoor Attack Discovered

New BazarBackdoor Attack Discovered A security company has reported a new cyber-attack involving a malware family known as both BazarBackdoor and BazarLoader. Researchers at SophosLabs came across the attack when it arrived in their inboxes.  “Spamming…

Congress Mulls Ban on Big Ransom Payouts

A bill introduced this week would regulate ransomware response by the country’s critical financial sector. A U.S. lawmaker has introduced a bill – the Ransomware and Financial Stability Act (H.R.5936)…

BazarBackdoor now abuses Windows 10 apps feature in 'call me back' attack

A Microsoft Windows 10 app feature is being abused in a new phishing campaign spreading the BazarBackdoor malware.  On Thursday, researchers from Sophos Labs said the attack was noticed after…

BazarBackdoor now abuses Windows 10 app feature in 'call me back' attack

A Microsoft Windows 10 app feature is being abused in a new phishing campaign spreading the BazarBackdoor malware.  On Thursday, researchers from Sophos Labs said the attack was noticed after…

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. Three separate threat groups are all using a common initial access broker…

BlackBerry report highlights initial access broker providing entry to StrongPity APT, MountLocker and Phobos ransomware gangs

A new report from BlackBerry has uncovered an initial access broker called “Zebra2104” that has connections to three malicious cybercriminal groups, some of which are involved in ransomware and phishing. …

Free Discord Nitro Offer Used to Steal Steam Credentials

A fake Steam pop-up prompts users to ‘link’ Discord account for free Nitro subs. There’s a new scam making the rounds on Discord, through which cybercriminals can harvest Steam account…