Neowin

Microsoft has revealed that a threat actor labeled Storm-0324 is distributing malware by using "phishing lures through Microsoft Teams chats" that could be used to launch ransomware attacks.

​Some things are certain in cybersecurity: Ransomware attacks will occur; expert jobs will remain vacant; and CVEs will go unpatched. Take a look at expectations from the sector in 2023.

In this episode of Microsoft Weekly: FTC takes the L as judge gives the Microsoft-ABK merger the green light; Microsoft confirms Windows 11 version 23H2; Cortana dies even more; and Patch Tuesday.

The US Department of the Treasury has sanctioned a prolific ransomware actor, Mikhail Matveev. The Department of State will also offer a $10 million reward for info that leads to his arrest.

Google says hackers were delivering the Magniber ransomware by using a flaw in Microsoft's SmartScreen feature. Google informed Microsoft of the issue which was fixed in today's Patch Tuesday release.

The Housing Authority of the City of Los Angeles recently announced that it suffered a data breach due to a ransomware attack. The incident gave hackers access to members' sensitive information.

The United States Marshals Services has suffered a major security breach that compromised the department's sensitive law enforcement information followed by a ransomware attack.

Fruits and vegetables company Dole recently suffered a ransomware attack that forced it to shut down its production plants. The company is working with experts to remediate the issue.

The threat actors behind a ransomware strain called "HardBit" were recently seen asking victims to provide them with their insurance details. This is so they can tailor their demand within the policy.

The cybercriminals behind the ESXiArgs ransomware have created a new variant that evades the recovery script that the U.S. CISA recently released. The new version also comes with a new ransom note.

CISA has released a data recovery script dubbed "ESXiArgs-Recover" in order to help users who have been affected by the massive worldwide ESXiArgs ransomware server attacks on VMWare's vSphere.

The ransomware attack was first reported by Italy's National Cybersecurity Agency, but it has affected many other servers in other European countries, along with the US and Canada.

A ransomware strain that exploits a legitimate Windows search tool has recently been discovered by security researchers. The new variant can disable Windows Defender and even prevent shutdowns.

One of the best ways to recover from such a malicious attack is to ensure you keep good and recent backups of your systems. This is where Undelete instant file recovery software can help.

A newly discovered ransomware strain is framing cybersecurity experts by claiming that they are the ones behind the attacks. However, the people blamed are not associated in any way with the malware.

Ransomware is no longer a question of if, but when. Read more for tips on prevention and how best to respond to a ransomware attack. Get ahead of threats with actionable tip in this White Paper.

Avast has launched the Ransomware Shield for business users. It protects files and folders from being edited by unauthorized programs, which should protect them from ransomware programs.

Microsoft is soon ready to start blocking Office macros once again. The company has updated its support documentation with clear explanations and step-by-step instructions for users and IT admins.

As risks in the cyberspace escalate, CISOs are rethinking what goes into ransomware preparation and response, and expectations for managing the ever-increasing risk. Learn how, in this free report.

QNAP remains silent while ech0raix, a ransomware operator targets its devices once again. QNAP NAS devices had been attacked earlier this year, in 2021, and in 2020. Users must remain cautious.

Trend Micro has cautioned that the recent Windows 11 optional update KB5014019 is leading to issues on its products. The update is breaking the UMH which is responsible for ransomware protection.

A unique ransomware called GoodWill forces victims to do acts of kindness like feed and clothe the less fortunate in order to decrypt their files. Victims also have to post evidence on social media.

Microsoft has issued a warning about the growing threat posed by human-operated ransomware in the ransomware-as-a-service (RaaS) gig economy. It has also provided some guidance for organizations.

A new Magniber ransomware campaign is here that is infecting potential victims using fake Windows updates. Upon successful infection, the threat actors are asking for payment of around $2,600 in BTC.

Some of the Lapsus$ group's members may have been arrested, but the hackers managed to sneak inside T-Mobile servers and stole the company's source code to perform SIM swap attacks for ransomware.

A security company has published details about Hive ransomware currently targeting vulnerable Microsoft Exchange servers and encrypting environments with a "windows.exe" file containing ransomware.

Microsoft has publicly revealed the identity and location of a perpetrator behind ZLoader in order to deter others. The person had developed a ZLoader component that is used to distribute ransomware.

Microsoft 365 Defender has passed MITRE's evaluations for ransomware attack chains with flying colors. It was able to detect and protect against every major attack stage across multiple platforms.

The benefits of ESET's integration of Intel's TDT into its multi-layered cybersecurity technology suite allowing for superior ransomware protection will be made available later in the year.

Google Drive can now display warning banners to alert users of potentially malicious files. The new resource is available to all Google Workspace, G Suite Basic, and Business users.

Certain health data management systems in Brazil have suffered a cyberattack, with COVID-19 vaccination data allegedly being deleted. The government has been unable to recover the data so far.