The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. In an update to the original advisory published in March with additional information discovered during FBI investigations, the two agencies also noted that Read more…
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware Read more…
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. In a private industry notification, the agency says that third-party vendors and services are common attack vector. Ransomware gangs continue to rely Read more…
En octobre, nous avons recensé 376 cyberattaques et revendications à travers le monde, un volume comparable à celui du mois de mai… et surtout celui d’octobre 2021. Au passage, nous avons relevé notre compte pour septembre de 396 à 407. Cette progression est notamment due aux corrections rendues nécessaires par les pratiques Read more…
The HelloKitty ransomware operation is exploiting a recently disclosed Apache ActiveMQ remote code execution (RCE) flaw to breach networks and encrypt devices. The flaw, tracked CVE-2023-46604, is a critical severity (CVSS v3 score: 10.0) RCE allowing attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. Read more…