Tag: ransomware
Cybersecurity Threat Advisory: New ransomware variant to watch for
A new ransomware family, Ymir, has been discovered. It is an unconventional combination of memory management functions (like malloc, memmove, and memcmp) that executes malicious code directly in the memory. Continue reading this Cybersecurity Threat Advisory to learn how to...
Threat Spotlight: How ransomware for rent rules the threat landscape
This year’s annual review of ransomware attacks looks at the threat from two perspectives. First, for the third year running we’ve taken a global sample of reported ransomware attacks and analyzed what they tell us about ransomware attackers and their...
Cybersecurity Threat Advisory: VMware ESXi flaw exploited by ransomware group
A VMware ESXi vulnerability, known as CVE-2024-37085, has been discovered and it is actively exploited by several ransomware groups. Review this Cybersecurity Threat Advisory to learn how to limit the impact of this flaw. What is the threat? CVE-2024-37085 is an...
Cybersecurity Threat Advisory: Play Ransomware expands
A new Linux variant of the infamous Play Ransomware, also known as Balloonfly and PlayCrypt, was recently discovered. This variant targets VMware ESXi environments, indicating a strategic shift by the threat actors involved. Review this Cybersecurity Threat Advisory for recommendations...
Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit
The Veeam Backup & Replication vulnerability, CVE-2023-27532, which was patched in March 2023 is still being exploited. Attackers have managed to exploit unpatched systems to launch ransomware attacks since April 2024. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in...
Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains
ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack. Review this Cybersecurity Threat Advisory in detail to prevent...
Cybersecurity Threat Advisory: Black Basta ransomware surge
The Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories in response to the widespread of Black Basta ransomware attacks. Review the recommendations detailed in this Cybersecurity Threat Advisory to defend against ransomware attacks and extortion. What is the threat?...
Threat Spotlight: The remote desktop tools most targeted by attackers in the last year
Remote desktop software allows employees to connect into their computer network without being physically linked to the host device or even in the same location. This makes it a useful tool for a distributed or remote workforce. Unfortunately, remote desktop...
Cybersecurity Threat Advisory: Active exploit of Atlassian Confluence
This Cybersecurity Threat Advisory details the exploitation of the critical vulnerability CVE-2023-22518 in the Atlassian Confluence Data Center and Server. Attackers are deploying a Linux variant of Cerber (aka C3RB3R) ransomware. This allows unauthenticated attackers to reset Confluence and create...
How attackers weaponize generative AI through data poisoning and manipulation
The generative AI models that today power chatbots, online search queries, customer interactions, and more are known as large language models (LLMs). The LLMs are trained on vast volumes of data and then use that data to create more data,...
