South African Ports Restored After Ransomware Attack, 'Hello Kitty' Malware Blamed
VNC Android malware spies on victims, Praying Mantis group attacks Microsoft IIS web servers, Israel's defense ministry 'visits' NSO Group offices, TikTok opens cybersec center, much more
South African state-owned port logistics operator Transnet, which is just now restoring operations following a July 22 ransomware attack, was targeted with a strain of ransomware that cybersecurity experts have linked to a series of high-profile data breaches likely carried out by crime gangs from Eastern Europe and Russia.
Based on the Transnet ransom note, the malware used in the attack is linked to strains known as “Death Kitty,” “Hello Kitty,” and “Five Hands,” Adam Meyers, vice president of intelligence at Crowdstrike, said. Transnet has fully restored operations at the nation’s ports after reinstating its automated terminal-operating system. Other systems are being brought up in a staggered manner. (Ryan Gallagher and Paul Burkhardt / Bloomberg)
Related: Cybersecurity| Reuters.com, TechCentral
Security researchers at Threat Fabric discovered a novel piece of Android malware, dubbed Vultur, that uses VNC (virtual network computing) technology to record and broadcast a victim’s sma…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.