Hackers Exploit Critical Confluence Server Flaw to Deploy LockBit Ransomware
Hackers Exploit Critical Confluence Server Flaw to Deploy LockBit Ransomware A recent cyberattack exposed the risks of unpatched servers, as hackers exploited a critical flaw in an Atlassian Confluence instance to deploy LockBit ransomware. The attack leveraged CVE-2023-22527, a remote code execution vulnerability, enabling attackers to run arbitrary commands on the server. This incident underscores […]
SparkCat Malware: The Next-Gen Crypto Stealer Using OCR to Target Mobile Users
SparkCat Malware: The Next-Gen Crypto Stealer Using OCR to Target Mobile Users SparkCat is a highly sophisticated piece of malware that targets both Android and iOS devices, with the specific aim of stealing sensitive information, particularly cryptocurrency wallet recovery phrases. The malware uses Optical Character Recognition (OCR) technology to scan and extract text from images […]
Akira Ransomware Expands Target to Linux and VMware ESXi
Akira Ransomware Expands Target to Linux and VMware ESXi Akira, a Ransomware-as-a-Service (RaaS) group, has quickly established itself as a major cybersecurity threat since emerging in March 2023. The group has executed over 300 attacks in 2024 alone, amassing more than $42 million in ransom payments as of April. Akira primarily targets critical sectors in […]
Ransomware Actors are Axploiting ESXi Bare-Metal Hypervisors via SSH Tunneling
Ransomware Actors are Exploiting ESXi Bare-Metal Hypervisors via SSH Tunneling Summary Threat actors are targeting VMware ESXi hypervisors by abusing SSH tunneling to establish persistence, facilitate lateral movement, and execute ransomware without detection. These hypervisors, vital to virtualized environments, frequently lack proper monitoring, making them attractive targets. The dispersed logging architecture of ESXi further complicates […]