MrAgent is a new ransomware tool that operates as a binary designed to run mainly on VMware ESXi hypervisors. Its purpose is to automate and track ransomware deployment across large environments with multiple hypervisors. The gang found to be behind the tool, the RansomHouse Group, is a Ransomware-as-a-Service (RaaS) operation that was discovered in late 2021 and has been actively deploying ransomware variants on corporate networks. According to researchers, the RansomHouse Group extorts its victims twice. This article continues to discuss the RansomHouse Group and its new MrAgent tool.

The Cactus ransomware group claims to have stolen 1.5TB of data from the energy management and industrial automation company Schneider Electric. The attack affected the company's Sustainability Business division, disrupting Schneider Electric's Resource Advisor cloud platform services. According to Kroll researchers, the Cactus ransomware operation has been active since March 2023 and relies on multiple legitimate tools to achieve remote access.

Hackers have demonstrated that the new PlayStation Portal, which is a limited device for streaming games remotely from a PS5 console, is capable of much more. Andy Nguyen, a cloud vulnerability researcher, together with two other engineers, hacked the PlayStation Portal to run PPSSPP, a PlayStation Portable (PSP) emulator. The PSP is a standalone handheld portable console that was released in 2004 and does not require a wired console to stream games from. Nguyen confirmed that the hack only required software modifications, not hardware changes.

The LockBit ransomware operation has recently been severely disrupted by an international law enforcement operation that involved the seizure of servers and several individuals getting arrested or charged.  LockBit domains currently display a seizure notice informing visitors that the site is controlled by law enforcement, specifically the UK’s National Crime Agency (NCA).

According to security researchers at ThreatFabric, the Android banking trojan named Anatsa has evolved, and its attacks are more targeted.  Anatsa has been active for about four years and can target more than 600 mobile banking applications worldwide, infecting devices via malicious droppers uploaded to Google Play.  In June last year, three identified droppers had amassed roughly 30,000 installs via the application store.

Wyze recently shared more details on a security incident that impacted thousands of users recently and said that at least 13,000 customers could get a peek into other users' homes.  The company blames a third-party caching client library recently added to its systems, which had problems dealing with a large number of cameras that came online all at once after a widespread outage that occurred on 2/16.  The company noted that multiple customers reported seeing other users' video feeds under the Events tab in the app since Friday.

Two flights bound for Israel over the past week have suffered attempts to hijack their communications and divert the aircraft.  The El Al flights were both travelling from Thailand to Israel’s Ben Gurion international airport and apparently encountered “hostile elements.” No group has claimed responsibility. Although the aircraft were flying over an area in which Iranian-backed Houthis are active, sources have claimed it could be the work of a group operating from Somaliland an unrecognized state in the Horn of Africa.

A Ukrainian national charged with operating the Raccoon Infostealer malware-as-a-service (MaaS) has recently made an appearance in a US court after being extradited from the Netherlands.  Mark Sokolovsky, 28, was arrested in March 2022 after the FBI and law enforcement agencies in Italy and the Netherlands dismantled the Raccoon Infostealer infrastructure.  In October 2022, Sokolovsky was indicted in the US for his involvement in the distribution of the Raccoon Infostealer malware to millions of computers worldwide.

A KAUST research team has developed a Machine Learning (ML) approach that addresses a major medical research challenge by integrating an ensemble of privacy-preserving algorithms. The challenge is using the power of Artificial Intelligence (AI) to accelerate genomic data discovery while protecting individuals' privacy. According to KAUST's Xin Gao, omics data typically contains a large amount of private information, such as gene expression and cell composition. This information can often be linked to a person's disease or health status.