'

Decryptor Issued For Babuk Tortilla Ransomware Variant

Decryptor Issued For Babuk Tortilla Ransomware Variant

Researchers with Cisco Talos have released a decryptor for the Tortilla variant of the Babuk ransomware, allowing businesses targeted by the ransomware to recover their files. The Cisco Talos team also shared related threat intelligence with Dutch law enforcement agencies, which were then able to identify and apprehend the threat actor behind Babuk Tortilla operations. … Read more

Categories duo

Months long AsyncRAT campaign targeted key US infrastructure employees

Months long AsyncRAT campaign targeted key US infrastructure employees

For the past 11 months a threat group has been targeting employees in various companies with phishing emails that distribute an open-source trojan program called AsyncRAT. The targets included companies managing key infrastructure in the US. According to AT&T’s Alien Labs cybersecurity division, the attackers’ command-and-control (C&C) infrastructure uses a domain generation algorithm (DGA) to … Read more

Threat Actors Target Microsoft SQL Servers in Mimic Ransomware Attacks

Threat Actors Target Microsoft SQL Servers in Mimic Ransomware Attacks

For several weeks, threat actors have been targeting insecure Microsoft SQL database servers (MSSQL) of organizations based in the U.S., EU and Latin America, in order to deploy ransomware. In the ongoing campaign, observed by researchers with Securonix, attackers first brute force administrative passwords on MSSQL servers in order to download a number of payloads, … Read more

Categories duo

Shadow APIs are opening organizations to attacks: Report

Shadow APIs are opening organizations to attacks: Report

Organizations lacking visibility on the application programming interfaces (APIs) they use has resulted in the APIs becoming more complex to manage and protect against abuse, according to a report by Cloudflare. The report based on the traffic patterns observed by Cloudflare’s network between Oct 2022 and August 2023, has found that organizations are either failing … Read more

Enterprises with Kyocera printers open to path traversal attacks

Enterprises with Kyocera printers open to path traversal attacks

Multi-function printer (MFP) devices and software provider Kyocera Document Solutions has a path traversal vulnerability in its web-based device manager tool used for managing large printer fleets in mid-to-large sized enterprises, according to Trustwave. Tracked as CVE-2023-50916, the vulnerability allows an attacker to intercept access and change the local path, set on the web application … Read more