A security tool that hackers used to disguise their ransomware attacks, email scams and other nefarious activity is offline following a global law enforcement action. Servers and web domains belonging to DoubleVPN, a virtual private network (VPN), were seized during an investigation by the Dutch National Police, the FBI, the U.K.'s National Crime Agency and Europol, authorities said Wednesday. READ MORE...
Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. The breach was part of the SolarWinds cyber espionage campaign last year that the U.S. attributed to the Russian Foreign Intelligence Service, the SVR, through its hacking division commonly referred to as APT29, The Dukes, Cozy Bear, or Nobelium. READ MORE...
Dutch cybersecurity firm Tesorion has released a free decryptor for the Lorenz ransomware, allowing victims to recover some of their files for free without paying a ransom. Lorenz is a human-operated ransomware that began operating in April 2021 and has since listed twelve victims whose data they have stolen and leaked on their ransomware data leak site. Lorenz is not particularly active and has begun to taper off in recent months compared to other operations. READ MORE...
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and - what's worse - PoC exploits have since been leaked. CVE-2021-1675 (aka "PrintNightmare") was initially classed as low severity vulnerability, allowing local privilege elevation, and was patched on June 2021 Patch Tuesday. READ MORE...