Microsoft signed a dodgy driver and now ransomware scum are exploiting it
Paragon Software has released a new driver, BioNTdrv.sys version 2.0.0, which fixes these flaws. Vulnerable versions of the ...
Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware
New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups ...
Microsoft Adds Paragon Partition Manager Driver To Blocklist As Ransomware Hackers Exploit Windows-Signed Driver For Attacks
Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a ...
Microsoft discovers five potentially damaging attacks against its own software
Microsoft confirmed the findings when it added the affected version of the driver to its Vulnerable Driver Blocklist - and at ...
Microsoft-signed driver used in ransomware attacks
Threat actors are exploiting a privilege escalation flaw in Paragon Partition Manager for “bring your own vulnerable driver” ...
The Register on MSN5mon
Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud
More recently, Microsoft spotted it deploying Embargo's ransomware payload, and separately compared it to more established, ...
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in ...
The Hacker News12h
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) ...
Data Theft Drove 94% of Global Cyberattacks in 2024 & Ransomware Defenses are “Increasingly Complex”
Ransomware groups now steal, encrypt, and threaten to leak company data on the dark web, forcing victims to pay or risk ...
Microsoft invests in cloud data firm Veeam Software to build AI products
Microsoft has made an undisclosed equity investment in Veeam Software as part of an expanded partnership to build artificial ...
CSOonline1d
Ransomware access playbook: What Black Basta’s leaked logs reveal
Analyzing leaked internal communication logs, security researchers are piecing together how one of the most notorious ...
Infosecurity-magazine.com1d
Attackers Leverage Microsoft Teams and Quick Assist for Access
Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy ...