Ransomware publishes data stolen from Cisco

The Yanluowang hack group published data stolen from Cisco back in May 2022. Cisco representatives acknowledged that the data leak took place, but still insist that the incident did not affect the company’s business in any way. Let me remind you that last month, Cisco representatives confirmed that back in May, the company’s corporate network… Continue reading Ransomware publishes data stolen from Cisco

The LockBit Group Is Taking on DDoS Attacks

Last week, after the information security company Entrust was hacked, the LockBit hacker group was subjected to powerful DDoS attacks. Now the hackers say they have improved DDoS protection and plan to do triple extortion in the future, using such attacks as additional leverage on victims. Let me remind you that we also reported that… Continue reading The LockBit Group Is Taking on DDoS Attacks

New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers

Researchers have discovered a new RedAlert (aka N13V) ransomware that encrypts Windows and Linux VMWare ESXi servers and targets corporate networks. MalwareHunterTeam, an information security expert, was the first to notice the new malware, posting screenshots from the group’s dark web site on Twitter. Let me remind you that we also wrote that Information Security… Continue reading New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers

AstraLocker Ransomware Operators Publish File Decryption Tools

AstraLocker ransomware operators have announced that the malware is ending its work and have uploaded data decryption tools to VirusTotal. The hackers say that they do not plan to return to ransomware in the future, but intend to switch to cryptojacking. The Bleeping Computer reports that it has already studied the archive published by the… Continue reading AstraLocker Ransomware Operators Publish File Decryption Tools

Hackers Launched LockBit 3.0 and Bug Bounty Ransomware

LockBit 3.0 Builder is now available to the public. What is the story behind it?

The LockBit ransomware group released the LockBit 3.0 malware, at the same time introduced its own bug bounty ransomware program, and also announced that it would accept ransoms in the Zcash cryptocurrency. Bleeping Computer recalls that LockBit appeared in 2019 and has since become one of the most active threats, accounting for about 40% of… Continue reading Hackers Launched LockBit 3.0 and Bug Bounty Ransomware

Information Security Specialists Discovered a 0-day Vulnerability in Windows Search

A new 0-day Windows Search vulnerability could be used to automatically open a search box and launch remote malware, which is easily done by simply opening a Word document. Bleeping Computer says the problem is serious because Windows supports the search-ms protocol URI handler, which allows apps and HTML links to run custom searches on… Continue reading Information Security Specialists Discovered a 0-day Vulnerability in Windows Search

Google Has Disabled Some of the Global Cache Servers in Russia

Media reports say that Google is notifying ISPs in Russia that it is shutting down its Google Global Cache (GGC) servers, which speed up the loading of its services, including YouTube content. These changes are reported by RBC, citing two of its own sources in the telecommunications industry. Let me also remind you that we… Continue reading Google Has Disabled Some of the Global Cache Servers in Russia

The Conti Ransomware Ceases Operations and Breaks Up into Several Groups

Experts report that the Conti ransomware is going out of business, group ceases operations, its infrastructure is disabled, and the group’s leaders have said the brand already does not exist. One of the first to notice the change was Elisey Boguslavsky of Advanced Intel, who tweeted that the group’s internal infrastructure had been shut down.… Continue reading The Conti Ransomware Ceases Operations and Breaks Up into Several Groups

Law enforcement officers closed the hacker resource RaidForums

During the international operation TOURNIQUET, which was coordinated by Europol, the well-known hacker resource RaidForums, which was mainly used to trade in stolen databases, was closed. The administrator of RaidForums and two of his accomplices have been arrested, and the site’s infrastructure is now under the control of law enforcement agencies. The operation was reportedly… Continue reading Law enforcement officers closed the hacker resource RaidForums

Leaked Conti ransomware source codes were used to attack Russian authorities

In March 2022, the source codes of the Conti malware were made public, and now, apparently, other hackers are starting to use them, turning the ransomware against Russian authorities and companies. Let me remind you that this story began back in February 2022, when an anonymous information security researcher who had access to the infrastructure… Continue reading Leaked Conti ransomware source codes were used to attack Russian authorities