Daily Cyber Brief

AstraLocker ransomware shuts down and shifts to cryptojacking, evidence suggests that REvil may have reemerged, and the DoD calls on ethical hackers to uncover vulnerabilities in their systems...

Cybersecurity

Justice Department identifies disrupting ransomware and cyberattacks as key objective in new strategic plan

The Department of Justice said Friday that it will make disrupting ransomware attacks and prosecuting cybercriminals a key objective as part of a new strategic plan. In a statement, the department said it intends to beef up its cybersecurity technological capabilities…

Experts warn of cybersecurity vulnerabilities in implanted medical devices

After years of debate, the FDA recently issued guidance for cybersecurity in lifesaving medical devices like pacemakers and insulin pumps as they can be hacked. NBC News’ Ken Dilanian takes a look at these growing concerns and spoke to a cybersecurity consultant who was able…

New RedAlert Ransomware targets Windows, Linux VMware ESXi servers

A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. The new operation was discovered today by MalwareHunterTeam, who tweeted various images of the gang's data leak site…

Latest Cyberattack Against Iran Part of Ongoing Campaign

Iran’s steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country’s rail system. Malware used in a crippling cyberattacks against an Iranian steel plants last week is connected to an attack that shut down the country’s rail system last year…

DoD issues call for hackers to dig into networks

The Defense Department is offering monetary rewards to ethical hackers who discover critical or severe vulnerabilities within the massive agency’s networks. The Pentagon’s inaugural “Hack U.S” program — run in conjunction with bug bounty platform HackerOne and under…

As New Clues Emerges, Experts Wonder: Is REvil Back?

Change is a part of life, and nothing stays the same for too long, even with hacking groups, which are at their most dangerous when working in complete silence. The notorious REvil ransomware gang, linked to the infamous JBS and Kaseya, has resurfaced three months after…

NPM supply-chain attack impacts hundreds of websites and apps

An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. As researchers at supply chain security firm ReversingLabs…

Nearly $9 million stolen from DeFi platform Crema Finance

Decentralized finance platform Crema Finance announced that it was hacked on Saturday and had about $8.8 million stolen during the attack. In a series of tweets over the July 4 weekend, the company explained that the hacker used several novel tactics enabling them to…

Pro-China Group Uses Dragonbridge Campaign to Target Rare Earth Mining Companies

A pro-China influence campaign singled out rare earth mining companies in Australia, Canada, and the U.S. with negative messaging in an unsuccessful attempt to manipulate public discourse to China's benefit. Targeted firms included Australia's Lynas Rare Earths…

AstraLocker ransomware shuts down and releases decryptors

The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking. The ransomware's developer submitted a ZIP archive with AstraLocker decryptors to the VirusTotal malware…

Daily Cyber Brief

AstraLocker ransomware shuts down and shifts to cryptojacking, evidence suggests that REvil may have reemerged, and the DoD calls on ethical hackers to uncover vulnerabilities in their systems...

Cybersecurity

Join the conversation

Overt Operator