Security Research

The Japanese video game giant Bandai Namco, known for publishing franchises like Elden Ring, Pac-Man and Tekken, has been hit by BlackCat/AlphV ransomware.

Google has released updates for its popular Chrome browser to remediate several vulnerabilities, including a high-severity vulnerability that has already been exploited in the wild. This marks the fourth zero-day vulnerability that had to be patched in Chrome this year.

On March 16, 2022, security specialists identified a new version of BlackCat ransomware (so named because the software displays a black cat on the victim’s payment site). These experts also noted that some previous YARA rules no longer match, which will make it difficult to find malicious files.

An unpatched remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), which is being tracked as CVE-2022-30192, is being exploited in phishing campaigns that are targeting U.S. and European government organizations.

Palermo, a city of 1.3 million people and a popular tourist destination in Southern Italy, has become the latest victim of a Vice Society ransomware attack.

Carinthia, the southernmost state in Austria, has had their computer systems encrypted by BlackCat (ALPHV) ransomware, causing a severe disruption of government services.

A new malware distribution campaign is embedding malicious Microsoft Word documents inside PDF files, prompting victims to launch the Word document as soon as the PDF is opened.

Global agricultural equipment company AGCO, creator of Fendt tractors and other popular tools, has been knocked offline by a ransomware attack.

Recent phishing campaigns are targeting verified Twitter profiles with convincing emails, enticing victims to provide their Twitter credentials — supposedly in order to fix a problem with their verification badge.

A new ransomware known as Black Basta has emerged, attacking at least 12 companies within its first three weeks of operation — including the American Dental Association and wind farm operator Deutsche Windtechnik.

On February 23, 2022, a new data wiper and ransomware were deployed on a large number of devices in the Ukraine, as ESET Research reported on Twitter. Just before this, a couple of Ukrainian government sites and services were subjected to DDoS attacks. Cybersecurity specialists discovered that the malware was deployed via Microsoft Active Directory GPO. In addition to the disk wiper and ransomware, a worm component was deploy

The Nordex Group, known as one of the world's largest manufacturers of wind turbines, has confirmed a cyberattack. The attack was discovered end of last month, and Nordex disabled remote access from some networks to their turbines as a precaution.