FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructu

The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023.
That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation's

https://thehackernews.com/2023/10/fbi-ci...ocker.html

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams.
In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware.
"It's

https://thehackernews.com/2023/10/darkga...g-via.html

Ransomware attacks doubled year on year. Are organizations equipped to handle the ev

Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively. 
This article will cover just some of those new developments in Q3-2023 as well as give predictions on quarters to

https://thehackernews.com/2023/10/ransom...-year.html

Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration

The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities.
The findings come from Kaspersky, which first shed light on the adversary last year, linking it to attacks against high-profile entities in Europe and Asia for nearly three

https://thehackernews.com/2023/10/resear...et-of.html

How Ethical Hackers Are Securing Elections

Election technology manufacturers are teaming up with ethical hackers to secure elections.


https://www.hackerone.com/ethical-hacker...n-security

Meet HackerOne’s Brand Ambassadors That Break the Hacker Stereotype

The publicity around exploited young hackers perpetuates fear and stigma that young, skilled hackers have no ethical path to put their talent to work.


https://www.hackerone.com/ethical-hacker...s-for-good

DigiCert Announces Comprehensive Discovery of Cryptographic Assets



https://www.darkreading.com/operations/d...hic-assets

Making the Case for Cryptographic Agility and Orchestration

Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity.

https://www.darkreading.com/dr-tech/maki...hestration

Ransomware attacks now target unpatched WS_FTP servers


Internet-exposed WS_FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks.  [...]


https://www.bleepingcomputer.com/news/se...p-servers/

FBI shares AvosLocker ransomware technical details, defense tips

The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts. [...]


https://www.bleepingcomputer.com/news/se...ense-tips/