A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand.On January 16th, the IObit forums were hacked as part of an attack to distribute the DeroHE ransomware. During this attack, the threat actors emailed all of the IObit forum users with a free software promotion linking to a ransomware in

Image: Pat WhelenThe Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach.ASIC is an independent Australian government commission tasked with the regulation of insurance, securities, and financial services, as well with consumer protection as Aust

As critical infrastructure faces increasing and sophisticated attacks, these trends will enable the energy sector to shore up its cybersecurity defenses.From shifts in geopolitics, the energy transition, and climate change to upending the status quo in global health, financial markets, and private sector business models, 2020 will be remembered as a year of

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if Ti

Most of us have grown up with computers being an everyday part of life. At work or at home computers and smart devices play an important role in daily life. And most of us have learned to use them quite safely – although regular readers of the Panda Security blog will probably be even better informed. Yet despite an increase in general IT knowledge, pe

India desperately needs more cyber-heroes to defend its web-fronts(and backs)! As one of the major economies of the world, India has and sincerely contributed to the large scale digitalization and virtualization of its economic, financial, governance as well as administrative systems. On its way to emerge as one of the software product-making powers, India

In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses to carry out operational activities, but it is also the backbone for the United States’ critical infr

Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom.In October 2020, we reported that ransomware gangs were beginning to utilize DDoS attacks against a victims' network or web site as an extra tool to force them to pay a ransom. At the time, the two operations using this new tactic were SunCrypt and Ragn

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.Pixlr database leaked for freeShinyHunters is a threat actor

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Critical flaws in Orbit Fox WordPress plugin allows site takeoverEMA said that hackers manipulated stolen documents before leaking themSecurity Affairs newsletter Round 297500K+ records of C-level people

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach.Last month, the SolarWinds network management company disclosed that they suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers.The US governmen

Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems.SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME a

The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vuln

Ransomware news is slow this week, with mostly small ransomware variants being released and a small number of attacks reported.This week's biggest news is threat actors hacking the IObit forums to host malware for an IObit phishing scam that infected numerous people with the DeroHE ransomware.This week's other interesting news is a new threat actor

Fully-functional exploit code is now publicly available for a maximum severity pre-auth vulnerability impacting default configurations of an SAP Solution Manager (SolMan) component.SAP SolMan is an application lifecycle manager deployed in almost all SAP environments and designed to help unify the management of all SAP and non-SAP systems within a single int