Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…
When is a war really a not a war, at least as far as an insurance company is concerned? That is the question the cybersecurity and insurance industries are likely to find out at the conclusion of a court case between Zurich International and the U.S. food company Mondelez International, one of the many firms…
It was one for the books – a mysterious cyberattack laying waste to systems in the city of Atlanta before moving on to a wide swath of targets, including health care companies, the Port of San Diego, the Colorado Department of Transportation. March 22, 2018 – Workers arriving in various departments in the city of…
French engineering research and consulting firm Altran Technologies disclosed this week that a Jan. 24 cyberattack impacted its operations in certain European countries. In response to the incident, the company immediately shut down its IT network and all applications,” the company said in a press release issued on Monday. Altran’s statement was short on specifics,…
Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…
A new family of ransomware that was discovered in a private peer-to-peer network earlier this month has prompted a warning from researchers due to its apparent modular capabilities and its sophisticated coding and anti-analysis techniques. Nicknamed Anatova, the ransomware has already been detected in at least several hundred machines around the world, despite having a…
The Malwarebytes State of Malware 2018 report found an odd mix of attacks that took place last year with businesses bearing the brunt of cybercriminals’ efforts, while consumers were victimized in a new way using their previously hacked PII. Malwarebytes CEO Marcin Kleczynski The amount of malware targeted at business increased 79 percent, compared to…
Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…
Another city was hit with a ransomware attack which knocked daily services back into the era of the pen and Pad. Last week, the city of Del Rio, Texas was hit with a ransomware attack which forced city officials to shut down the servers at its city hall and deny employees access to the system,…
Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple U.S. newspapers in late 2018 to the Emotet and TrickBot trojans. In so doing, some analysts have now also shifted blame for the attack from North Korean actors to cybercriminals, possibly from Russia, while others maintain that attribution efforts are premature. Crowdstrike,…
