Black Basta Ransomware Archives

CVE-2026-3055: Critical Citrix NetScaler Memory Flaw Actively Exploited in the Wild

acint3 weeks ago02 mins

Threat actors are actively exploiting CVE-2026-3055, a critical severity memory overread vulnerability in Citrix NetScaler ADC and NetScaler Gateway appliances. Security researchers at watchTowr have confirmed in-the-wild exploitation began at least March 27, 2026, with attackers extracting authenticated administrative session IDs that could enable full takeover of vulnerable devices. The Vulnerability CVE-2026-3055 is a memory…

SonicWall Cloud Breach Enables Ransomware Attack on 74 US Banks and Credit Unions

acint3 months ago02 mins

State-sponsored hackers exploited SonicWall’s MySonicWall cloud breach to launch a ransomware attack affecting 74 US banks and credit unions, compromising data of over 400,000 individuals. The attack demonstrates how third-party security breaches can cascade into devastating downstream attacks.

Financially motivated threat actors misusing App Installer

bulwarkblack2 years ago02 mins

Read Article Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme (App Installer) to distribute malware. In addition to ensuring that customers are protected from observed attacker activity, Microsoft investigated the use of App Installer in these attacks. In response to this…

Thumb

Name

Size

Date

IOCs_YARA_TTPs_Posted_Articles/ IOCs_YARA_TTPs_Posted_Articles

IOCs_YARA_TTPs_Posted_Articles

Open 99.71 KB 2024-01-12 January 12, 2024 2024-03-22 March 22, 2024

21 Items
99.71 KB

March 22, 2024

6291fc182b