Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware
New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups ...
Microsoft Adds Paragon Partition Manager Driver To Blocklist As Ransomware Hackers Exploit Windows-Signed Driver For Attacks
Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a ...
The Hacker News10h
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
Medusa ransomware surged 42% in 2024, claiming nearly 400 victims. Spearwing exploits Microsoft flaws to breach networks ...
Microsoft signed a dodgy driver and now ransomware scum are exploiting it
Paragon Software has released a new driver, BioNTdrv.sys version 2.0.0, which fixes these flaws. Vulnerable versions of the ...
The Hacker News9h
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
EncryptHub expands phishing and ransomware tactics, leveraging PPI services, trojanized apps, and EncryptRAT to target ...
CSO Online3d
Ransomware access playbook: What Black Basta’s leaked logs reveal
Analyzing leaked internal communication logs, security researchers are piecing together how one of the most notorious ...
Microsoft SharePoint hijacked to spread Havoc malware
Havoc is a post-exploitation framework designed for advanced red teaming and adversary simulation, providing modular ...
Windows Report1d
Black Basta and Cactus attackers gang up on Teams users with new techniques
A new security report discovered similarities in Black Basta and Cactus ransomware attacks showing collaboration traits.
Cybercrims now licking stamps and sending extortion demands in snail mail
Ransomware extortionists are now using letters sent by snail mail to demand payments, without bothering to infiltrate targets ...
Infosecurity Magazine3d
Attackers Leverage Microsoft Teams and Quick Assist for Access
Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware ...
Webroot Essentials
Until recently, Webroot Essentials was called Webroot Antivirus. Before that, the full name was Webroot SecureAnywhere Antivirus. The app’s appearance has remained the same through these changes for ...