Security firm Arctic Wolf has warned that Lorenz ransomware is exploiting a critical vulnerability in Mitel MiVoice VoIP devices to infiltrate corporate networks. Let me remind you that we also wrote that Ransomware publishes data stolen from Cisco. Lorenz has been active since at least 2021 and is engaged in the usual double extortion: not… Continue reading Lorenz Ransomware Penetrates Company Networks through Mitel VoIP Products
Tag: Kevin Beaumont
Genshin Impact Game’s Anti-Cheat Driver Is Used to Disable Antiviruses
Trend Micro experts have discovered that hackers are abusing the system anti-cheat driver of the popular game Genshin Impact to disable anti-virus software during ransomware attacks. Mhypro2.sys gives access to the memory of any process and kernel, and is also able to terminate processes with the highest privileges. Let me remind you that we also… Continue reading Genshin Impact Game’s Anti-Cheat Driver Is Used to Disable Antiviruses
Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office
Security researchers recently discovered a zero-day vulnerability in Microsoft Office dubbed Follina. The bug can be exploited through the normal opening of a Word document, using it to execute malicious PowerShell commands through the Microsoft Diagnostic Tool (MSDT). Let me remind you that we also wrote that Lapsus$ hack group stole the source codes of… Continue reading Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office
Vulnerability in Windows 10 could allow gaining administrator privileges
Last weekend, the well-known cybersecurity researcher Jonas Lykkegaard reported a rather serious vulnerability in Windows 10. All versions of Windows 10 released in the last 2.5 years (as well as Windows 11) are vulnerable to an issue dubbed SeriousSAM and HiveNightmare. Thanks to this bug, an attacker can elevate his privileges and gain access to… Continue reading Vulnerability in Windows 10 could allow gaining administrator privileges
Babuk Locker ransomware builder leaked into the network
The Babuk Locker ransomware builder has appeared in the public domain. With its help anyone can design its own ransomware, the well-known information security expert Kevin Beaumont said on Twitter. The malware is already uploaded to VirusTotal. The Record, which has already studied this leak, reports that the Babuk Locker builder can be used to… Continue reading Babuk Locker ransomware builder leaked into the network
Hackers scan network for vulnerable Microsoft Exchange servers
Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is related to the operation of the Exchange Control Panel (ECP) component and the inability of Microsoft Exchange to create unique cryptographic keys during installation. “The… Continue reading Hackers scan network for vulnerable Microsoft Exchange servers