Tag: BACKUP

Cyberattack on Ostheim Town Hall: 95% of Data Encrypted, Recovery Achieved Without Ransom Payment

Date Reported: 2025-03-15 Country: USA | United States Victim: Comté de Strafford | Strafford County Website: co.strafford.nh.us Information :The communication systems of Strafford County have been offline since Saturday. Officials are currently unaware of the cause of this outage. County offices, including the prosecutor’s department, have lost access to their phones and emails.…
Read More
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog
Mandiant’s discovery in mid-2024 revealed that the China-nexus espionage group, UNC3886, deployed custom backdoors on Juniper Networks’ Junos OS routers, utilizing various capabilities to maintain long-term access while circumventing security protections. Mandiant urges organizations to upgrade their Juniper devices to mitigate these vulnerabilities and recommends security measures.…
Read More
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Summary: This week’s cybersecurity report highlights the evolving landscape of cyber threats, including advanced techniques used by threat groups and rising supply chain vulnerabilities. Law enforcement efforts against cybercriminal networks show promise, while new exploits and vulnerabilities demand prompt attention from organizations. The report includes notable incidents, emerging attack methods, and critical vulnerabilities that security teams should prioritize.…
Read More
Sunset:1 Walkthrough
This walkthrough provides a detailed guide on tackling the Sunset: 1 Capture The Flag (CTF) challenge, emphasizing skills in web exploitation, enumeration, and privilege escalation. Users navigate various tools and commands to identify and exploit vulnerabilities, ultimately achieving root access. Affected: Vulnerable web platforms

Keypoints :

The Sunset: 1 CTF challenge is designed for skill development in web exploitation and privilege escalation.…
Read More

Victim: Lake Psychological Services Country : Actor: trinity Source: http://txtggyng5euqkyzl2knbejwpm4rlq575jn2egqldu27osbqytrj6ruyd.onion/articles/15 Discovered: 2025-03-16 21:26:30.396799 Published: 2025-03-16 21:25:15.956571 Description :Data Capacity: 190GB Storage Type: Often refers to SSDs, HDDs, or external storage options Usage: Suitable for large files such as video, high-resolution images, or extensive databases Transfer Speed: Depending on the type of storage, speeds may vary significantly File Organization: Important for efficient access and management of stored data Backup Solutions: Regular backups recommended to prevent data loss Compatibility: Ensure that the storage medium is compatible with intended devices

About Country: Finland (FI) is recognized as a leader in cybersecurity, consistently ranking high in global indices for digital safety and resilience.…

Read More
Akira Ransomware Expands to Linux: The Attacking Abilities and Strategies
Akira ransomware has emerged as a significant threat, particularly targeting Linux systems. The ransom note indicates extensive data encryption and the removal of backups. The attack strategy involves sophisticated parameters for encryption and an efficient identity concealment approach, emphasizing the group’s experience in ransomware operations. Affected: corporate infrastructure, Linux systems, backup data, database files, virtual machine files

Keypoints :

Akira ransomware targets internal corporate infrastructures, claiming to have encrypted data and removed backups.…
Read More
How to Detect and Eliminate Persistent Malware Before It Wreaks Havoc
This article provides an in-depth analysis of an intrusion investigation conducted by security professionals, focusing on the methods and techniques used to unravel a complex attack. It details how the threat actor gained initial access, performed credential theft, and executed lateral movement within a network. The findings highlight the challenges of gathering complete telemetry during such investigations.…
Read More
Elysium Ransomware: A New Variant of the Ghost Family Targeting Critical Infrastructure
Summary: A new ransomware variant called Elysium, linked to the Ghost ransomware family, targets critical sectors like healthcare and government. The attackers exploit outdated applications to gain access and deploy various tools to execute a multi-stage attack. Elysium disrupts recovery efforts by targeting backups and encrypting files with a specific extension while demanding a ransom in Monero for decryption.…
Read More
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
Summary: The State of Backup and Recovery Report 2025 highlights the challenges IT professionals face in securing business-critical data within increasingly complex environments. Key insights reveal declining confidence in backup systems, rising operational burdens, and significant gaps in disaster recovery capabilities, particularly as organizations rapidly adopt cloud solutions.…
Read More
This advisory details the tactics, techniques, and procedures (TTPs) associated with the Medusa ransomware variant. Medusa, operating as a ransomware-as-a-service (RaaS), has affected over 300 victims across various critical infrastructure sectors since its inception in June 2021. The advisory provides insights into initial access methods, lateral movement tactics, and a double extortion model employed by Medusa actors.…
Read More
Microsoft Fixes 7 Zero-Days and 57 Vulnerabilities in March 2025 Patch Tuesday – PRSOL:CC
March 2025 Patch Tuesday from Microsoft addresses 57 vulnerabilities, including 6 actively exploited zero-day vulnerabilities. The critical vulnerabilities primarily include remote code execution flaws, and details on other related updates and the context of exploitations are elaborated in this article. Affected: Microsoft products, Windows operating system, Microsoft Edge

Keypoints :

Microsoft’s March 2025 Patch Tuesday released 57 security updates.…
Read More
Microsoft Fixes 7 Zero-Days and 57 Vulnerabilities in March 2025 Patch Tuesday – PRSOL:CC
Summary: Microsoft released its March 2025 Patch Tuesday updates, addressing 57 vulnerabilities, including six actively exploited zero-days and six “Critical” remote code execution vulnerabilities. Key issues include elevation of privilege and information disclosure vulnerabilities primarily associated with Windows and Office applications. Users are advised to apply these updates promptly to mitigate potential attacks leveraging these vulnerabilities.…
Read More
Windows 11 KB5053598 & KB5053602 cumulative updates released
Summary: Microsoft has released mandatory cumulative updates KB5053598 and KB5053602 for Windows 11 versions 24H2 and 23H2, addressing security vulnerabilities discovered in previous months. The updates also introduce significant new features and changes, along with fixing various bugs to enhance system performance. Users can install the updates through Windows Update or manually from the Microsoft Update Catalog.…
Read More