Attacks

While this ransomware generally targets consumers rather than the enterprise, it could still pose a significant threat to large communities. Therefore, users that are impacted by AxLocker should immediately change Discord passwords, as it will invalidate the token stolen by the ransomware. While this may not help recover files, it will prevent further compromise of accounts, data, and Discord communities. https://www.bleepingcomputer.com/news/security/new-ransomware-encrypts-files-then-steals-your-discord-account/

Read More

Starovikov and Filippov, who claim to have been software engineers for an organization known as Valtron LLC, are accused of seeking to mislead the court and acting to deny Google access to discoverable data. According to a settlement submitted to Google, the actors demanded $1 million each from the company and $110,000 in legal costs in exchange for providing the private keys to Bitcoin addresses linked to the Glupteba botnet. However, the Mountain View-based company…

Read More

At this time, email addresses and passwords of Mastodon users have not been affected. This could change in the future depending on the server owner’s intent and capability. Mastodon users should remain vigilant and cautious about what they post on the platform. Leaky Server Exposing Scraped Data of 150,000 Mastodon Users

Read More

As time goes one, more and more novel ransomware families are surfacing, each with a variety of their own tactics. While this is a new family of ransomware, the techniques used by this ransomware are relatively standard. Numerous detection capabilities around this ransomware exist, many of which are likely already employed by organizations. For one, many organizations already employ queries to detect the “.crypt” file extension. Other detection capabilities around this ransomware include monitoring value…

Read More

As a general rule, whenever security patches are released for any vulnerability, the patch should be tested and implemented as soon as possible. With vulnerabilities such as Log4Shell, which presented a high risk due to the extensive use of on-prem and hybrid Exchange servers and the extensive exploitation in the wild, it is extremely important to get these patches pushed to all affected systems. Often times, threat actors will prey on victims by using old…

Read More

Today, Microsoft has released OOB emergency updates that Windows admins must install on all Domain Controllers (DCs) in affected environments. “You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them,” Microsoft advised. The OOB updates released today are available…

Read More

Since 2021, the list of commonly used credentials in brute-forcing attempts has not changed. Those looking to prevent becoming victims of these styles of attacks should make updates to firmware regularly. Strong and unique passwords should also take the place of the default passwords and devices should be placed behind a firewall if applicable. https://www.bleepingcomputer.com/news/security/updated-rapperbot-malware-targets-game-servers-in-ddos-attacks/

Read More

Global law enforcement cooperation has become the most efficient and effective way to combat international cyber-attacks. FBI director Christopher Wray acknowledged this in a recent statement to the House Homeland Security Committee. “The FBI, using its role as the lead federal agency for threat response, with its law enforcement and intelligence responsibilities, works seamlessly with domestic and international partners to defend their networks, attribute malicious activity, sanction bad behavior, and take the fight to our…

Read More