The Conti cyber-crime gang has featured in many of my blog post – they have been a prolific perpetrator of some of the worse cyber attacks. Now researchers are reporting that much of their illicit infrastructure has closed down: Notorious cybercrime gang Conti ‘shuts down,’ but its influence and talent …
The malware player Wizard Spider
Wizard Spider, is the gang that is behind the malware Conti, Ryuk and Trickbot. Research by PRODAFT has examined their growth and operations over the last five years that has built an illicit corporate-like multimillion-dollar organisation. Terms like “full-service”, “it manages the entire lifecycle of a cyberattack” and “it invests …
VMWare is a real cyber security issue – fix it or get rid of it CISA warns
This is pretty simple – do you use VMWare if so get it patched or change it. The Spring Cloud framework vulnerability is proving a honey pot for attackers. CISA issues directive for exploited VMware bug after IR team deployed to ‘large’ org – The Record by Recorded Future Patch …
Continue reading “VMWare is a real cyber security issue – fix it or get rid of it CISA warns”
More on Bumblebee malware – detailed attack examination
Following the emergence of Bumblebee malware as a significant threat, SANS INternet Storm has a post looking at the function of the malware and transferring ISO files. Bumblebee Malware from TransferXL URLs – SANS Internet Storm Centre This is an excellent post by Brad and not only shows you the …
Continue reading “More on Bumblebee malware – detailed attack examination”
Windows and Linux server both targets for crypto-mining malware
Microsoft is reporting on a new variant of the Sysrv botnet malware – Sysrv-K, that infects both Windows and Linux servers. This malware can compromise a wide range of vulnerabilities including WordPress plug-ins and Spring Cloud. Once in the malware installs and operates the Monero cryptocurrency miner. Monero-mining botnet targets …
Continue reading “Windows and Linux server both targets for crypto-mining malware”
