Daily Cyber Brief
New Chaos ransomware variants found, the darknet market Versus shut down, and threat actors claiming to be REvil launch DDoS attack...
Cybersecurity
Versus, a notorious English-language cybercrime darknet market, shut down after a hacker disclosed a high-severity Proof-of-Concept (PoC) exploit last week. The vulnerability could’ve been used to access the market’s database and expose its servers’ IP addresses. The hacker…
A county in New Jersey is still dealing with the aftermath of a ransomware attack that began on Tuesday, highlighting the disruptions that cyberattacks can wreak on local governments. Officials in Somerset County — which has a population of about 350,000 and is just north…
A malvertising threat is witnessing a new surge in activity since its emergence earlier this year. Dubbed ChromeLoader, the malware is a "pervasive and persistent browser hijacker that modifies its victims' browser settings and redirects user traffic to advertisement websites,"…
Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin. The defunct REvil ransomware gang is claiming responsibility for a recent distributed denial of service (DDoS)…
Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. Today's alert comes after Intuit received multiple user…
Ransomware incidents are on the rise and this week proved no exception, with the discovery of a Linux-based ransomware family called Cheerscrypt targeting VMware ESXi servers and an attack on SpiceJet, India’s second largest airline. Meanwhile, an oddball "GoodWill" variant…
Threat analysts have disclosed vulnerabilities affecting the Open Automation Software (OAS) platform, leading to device access, denial of service, and remote code execution. The OAS platform is a widely used data connectivity solution that unites industrial devices…
Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe "Pantsdown" Baseboard Management Controller (BMC) flaw, according to new research published today. "An attacker running code on a vulnerable QCT server would be able to…
There’s a constant effort from ransomware developers to enhance their malware for its improved efficacy. Two new ransomware variants, identified as Yashma and Nokoyawa, have been discovered lately in the wild. Researchers from BlackBerry have uncovered and…
Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. While the vulnerabilities aren’t rated as critical, they are still significant on their own and can be abused by threat…