Blog
BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
A new QR code phishing campaign is using Microsoft Sway to steal credentials. The attacks primarily target users in Asia and North America, particularly in the technology, manufacturing, and finance sectors.
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware...
South Korean APT Group Exploits WPS Office Zero-Day for Espionage
ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called "SpyGlace."
South Korean APT Group Exploits WPS Office Zero-Day for Espionage
ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called "SpyGlace."
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
CVE-2023-22527 is a critical vulnerability exploited for cryptojacking activities. Attack tactics include shell scripts, XMRig miners, targeting SSH endpoints, and establishing persistence through cron jobs.
FREE GUIDE
