Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
The Pysa ransomware gang has created a new Linux version of its malware designed to target Linux hosts with the ChaChi backdoor, using its Windows counterpart's characteristics, according to a new report.
A Russian citizen, alleged to be working as a developer for the malware-spreading organization Trickbot, reportedly has been arrested at Seoul-Incheon International Airport. He was questioned by Korean authorities following an extradition request from the U.S.
The FBI has issued a warning about Hive ransomware after the group took down Memorial Health System last week. The alert details indicators of compromise, tactics, techniques and procedures associated with these ransomware attacks to help organizations better defend themselves.
An advertisement on an underground forum seeks testers for an under-construction version of the malware builder called "Chaos," researchers at Trend Micro report.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes.
Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in February that resulted in unauthorized access to certain data about its clients.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
At least seven companies with annual revenue of over $1 billion have been hit so far this year by Hades ransomware, according to an Accenture Security report.
The DarkSide Russian-speaking cybercrime group, which announced May 13 it was closing its ransomware-as-a-service operation, had earlier completed a Linux version of its malware designed to target ESXi servers hosting VMware virtual machines, according to AT&T’s Alien Labs.
A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.
A bill introduced this week in the Australian Parliament would make it mandatory for organizations based in the country to report to the Australian Cyber Security Center any payments they plan to make to ransomware gangs.
The U.K.-based insurance firm One Call says it has successfully restored its systems in a new environment that is separate from the one that was impacted by a ransomware attack May 13, adding that a ransomware note which purported to be from DarkSide could not be verified as authentic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.
