Attackers are reportedly targeting an NGINX/php-fpm vulnerability to infect users of the NextCloud file sync and share service with a recently discovered ransomware called NextCry. Infecting a NextCloud instance is doubly damaging to victims because the affected service begins replacing files stored on their synced-up machines with the newly encrypted versions. In a Nov. 15…
Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Business and IT services, manufacturing companies, and healthcare organizations make up a large share of the targets…
A newly discovered ransomware called PureLocker is targeting the production servers of enterprises, while exhibiting some behavior that’s very unusual for most malicious encryptors. Among its quirky features: it’s written in the PureBasic programming language, which helps it avoid conventional anti-malware detection engines; it’s very picky about who it infects, only executing if the victim machine…
The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to…
A newly discovered variant of MegaCortex ransomware goes well beyond just encrypting victims’ files — it also changes their Windows passwords and threatens to publish their stolen data if they fail to pay. In a report earlier this week, BleepingComputer said it helped analyzed the new strain after it was discovered by MalwareHunterTeam and subsequently…
Zurich Insurance has rolled out a new industry specific endoresements to its cyber insurance policies to provide coverage for manufacturers. This additional coverage was created due to the increased cyberthreat these companies are now under and the fact that many manufacturers, particularly mid-sized firms, are unaware and possibly less prepared to deal with, the risks…
A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Judging by the choice of targets, the actor has a particular interest in…
A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…
Law firms using case management software from TrialWorks found themselves unable to access their legal documents after the third-party service provider was hit with a ransomware attack earlier this month. The Coral Gables, Florida-based company, which serves roughly 2,500 clients, was attacked back on Oct. 13, but reports of the incident only began to surface…
In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…
