Skip to content Skip to footer

Unpatched Atlassian Servers Targeted by Ransomware Attackers Exploiting Critical Security Vulnerability

Ransomware attackers exploit a critical security vulnerability (CVE-2023-22518) to target unpatched Atlassian servers and deploy a Linux variant of Cerber (aka C3RB3R) ransomware. This vulnerability allows an unauthenticated attacker to reset Confluence and create an administrator account, giving them access to the server. This post will discuss the details of this security vulnerability, how it…

Read More

New Malware Kapeka Discovered in Cyber Attacks Targeting Eastern Europe

Cybersecurity firm WithSecure has discovered a new “flexible” backdoor called Kapeka in cyber attacks targeting Eastern Europe. The malware has been sporadically observed in Estonia and Ukraine since mid-2022. It has been attributed to the Russia-linked advanced persistent threat group Sandworm (APT44 or Telebots). The discovery of this new malware highlights the ongoing threat posed…

Read More

GitHub Repositories Used to Distribute RisePro Information Stealer Uncovered

Cybersecurity researchers have recently uncovered a disturbing information-stealing campaign dubbed "gitgub." This malicious campaign uses several GitHub repositories to distribute a dangerous information stealer called RisePro. In total, 17 repositories were discovered, all linked to 11 different accounts, which Microsoft has since taken down, GitHub's parent company. The repositories all appeared similarly and contained a…

Read More

There have been reports of ransomware attacks carried out by malicious actors exploiting vulnerabilities in JetBrains TeamCity.

GuidePoint Security's recent discovery reveals that the cybercriminals responsible for the BianLian ransomware have exploited vulnerabilities in JetBrains TeamCity software to carry out extortion attacks. The attack begins with exploiting a TeamCity server and deploying a PowerShell variant of the BianLian backdoor. Although the ransomware first surfaced in June 2022, it has shifted to conducting…

Read More

GhostSec and Stormous Ransomware Groups Conduct Double Extortion Attacks

In the world of cybercrime, the group known as GhostSec has emerged as a significant threat, with its latest activities being linked to a variant of the GhostLocker ransomware family, written in Golang. Researchers at Cisco Talos have reported that GhostSec and another ransomware group called Stormous are conducting double extortion ransomware attacks on various…

Read More

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

We have no names, man. No names. We are nameless!Cereal

Deitasoft © 2024. All Rights Reserved.