alphv (26)

12213058659?profile=RESIZE_400xMicrosoft spokesmen disclosed on 17 August 2023 that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution.  "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company's threat intelligence team said in a series of posts on X (formerly Twitter).  "This Bla

12213037664?profile=RESIZE_400x

A known ransomware group on 21 August 2023 started publishing data allegedly stolen from the systems of Japanese watchmaking company Seiko https://www.seikowatches.com.  Seiko revealed on 10 August 2023 that it had identified a possible data breach on 28 July 2023, with someone gaining access to at least one server.  An investigation showed that some information may have been compromised.   “The Company and all our Group companies kindly ask our customers and business partners to contact us imm

12150964496?profile=RESIZE_400xWith half of 2023 over, ransomware gangs have operated at a near-record profit, extorting more than $449 million from victims, according to blockchain research firm Chainalysis.  The figure likely pales in comparison to the actual totals because the research only looks at cryptocurrency wallets being monitored by the firm.  If the trends continue, ransomware groups are on pace to bring in nearly $900 million in 2023, only $40 million behind the peak of $939.9 million seen in 2021.

Chainalysis re

11523236857?profile=RESIZE_400xIf you keep feeding the local stray cat, it will never go away.  Like malware, if you don’t stomp it out, it keeps harassing you.  The threat actors behind BlackCat ransomware have developed an improved variant that prioritizes speed and stealth to bypass security guardrails and achieve their ransom objectives.  The new version, Sphynx, and announced in February 2023 and includes updated capabilities that strengthen the group's efforts to evade detection.  The "product" update was first highligh

11029684500?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA), on 07 April 2023 added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.  This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands on the underlying system.  The flaws were fixed in a patch released by Veritas in March 2021.

10740900057?profile=RESIZE_400xEncevo Group, an energy corporation based in Luxembourg, is dealing with an ongoing cyberattack by ransomware-as-a-service gang BlackCat.  Some digital services are still disrupted 12 days after the attack began, but the company says that energy supply has not been affected.  BlackCat is believed by researchers to retain hackers of DarkSide, the now-defunct ransomware group that attacked US gas provider Colonial Pipeline in 2021. 

Encevo Group cyberattack: In a dark web blog post on 29 July, Bla