Play Ransomware Detection: Ongoing Ransomware Attacks Against Businesses and Critical Infrastructure in the U.S., South America, and Europe

By External News-Site | December 19, 2023 |

At the end of November 2023, leading U.S. cybersecurity agencies, in collaboration with international partners, issued an alert covering LockBit 3.0 ransomware attacks as part of their #StopRansomware effort aimed at boosting cybersecurity awareness. Recently, another joint Cybersecurity Advisory came out aimed at notifying defenders of the ongoing attacks by the Play ransomware group. In […]
The post Play Ransomware Detection: Ongoing Ransomware Attacks Against Businesses and Critical Infrastructure in the U.S., South America, and Europe appeared first on SOC Prime.

Read More

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

By External News-Site | December 19, 2023 |

The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S.
“Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations in North

Read More

QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry

By External News-Site | December 18, 2023 |

A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network.
Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry.
“Targets

Read More

MongoDB Suffers Security Breach, Exposing Customer Data

By External News-Site | December 17, 2023 |

MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information.
The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response

Read More

Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

By External News-Site | December 15, 2023 |

Crypto hardware wallet maker Ledger published a new version of its “@ledgerhq/connect-kit” npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets.
The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement.
This allowed the attackers to gain

Read More

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems

By External News-Site | December 14, 2023 |

Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor.
“In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both,” ESET researchers Marc-Etienne M.Léveillé and Rene

Read More

Top targeted vulnerabilities of 2023: STOP this madness

By John | December 14, 2023 |
Top 10 Vulnerabilities of 2023

In 2023 the top 10 targeted vulnerabilities used by threat actors to actively exploit victims were more than 10 years old! In order of CVE ranking we have: CVE-2017-0199 – Microsoft Office and Worpad CVE-2017-11882 – Microsoft Exchange Server CVE-2020-1472 – Microsoft NetLogon CVE-2012-1461 – GZIP file parser utility I would really like to know…

Read More