In an update on Babuk’s site today, the threat actors write: I not so long ago wrote about the closure of babuk, yes, you all correctly understood babuk as a partensky program will be closed, but it will live in its new understanding, we are a promoted brand with the best pentesters of dark net…
Category: Malware
Fr: Baclesse cuts its Internet connection to prevent the spread of a computer worm
The Centre François Baclesse is one of three proton therapy centers for fighting cancer in France. This week, they also had to fight the results of a cyberattack by heartless criminals. Thankfully, their recent investment in improving their cybersecurity seems to have paid off. On April 28, the center issued the following statement on their…
Cyberspies target military organizations with new Nebulae backdoor
Sergiu Gatlan reports: A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. For at least a decade, the hacking group known as Naikon has actively spied on organizations in countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand,…
Presque Isle police data leaked by threat actors — somewhat
Kathleen Phalen Tomaselli reports: The ransom time clock on the Presque Isle Police Department’s ransomware attack ran out Wednesday at about 9:30 p.m. in a dramatic red-numbered countdown of minutes and seconds racing toward zero on the hacker’s dark web site. But it looks like the unidentified criminals have not yet made their next move…
FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims
Amer Owaida reports: The United States’ Federal Bureau of Investigation (FBI) has shared more than 4.3 million email addresses, harvested by the Emotet botnet, with data breach tracking website Have I Been Pwned (HBIP) in an effort to help alert victims of the notorious botnet. “In all, 4,324,770 email addresses were provided which span a wide range…
QNAP warns of AgeLocker ransomware attacks against NAS devices
Catalin Cimpanu reports: Taiwanese hardware vendor QNAP said today that its network-attached storage (NAS) devices are under attack by a ransomware operation known as AgeLocker. In a security advisory, the Taiwanese company urged customers to immediately update their NAS operating system and any apps they have installed on the device to prevent the AgeLocker gang from…