ransomware (309)

11030611089?profile=RESIZE_400xA veteran cybercriminal has revealed what is really on the dark web - where hackers, hitmen and drug dealers run wild.

The source, who has spoken anonymously, explained how hackers use ransomware to steal data for large payouts or 'to just see the world burn' and explained that any system connected to the web is at risk of an attack.[1]

'I've watched hospitals get encrypted and people are left with a choice: do I pay to decrypt the data or do I risk lives?' the man said while donning a mask to c

11029695866?profile=RESIZE_400xThe Iranian nation-state group known as MuddyWater has been observed directing destructive attacks on hybrid environments under the guise of a ransomware operation.  The name is not to be confused with McKinley Morganfield (April 4, 1913 – April 30, 1983), known professionally as Muddy Waters, was an American blues singer and musician.  Iran could be singing the blues if they keep this up.

According to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor ta

11026591064?profile=RESIZE_400xKaspersky has identified a new trend in phishing techniques, with threat actors increasingly utilizing Telegram to automate their activities and provide various services.  In a recent advisory, Kaspersky, one of their web content analysts, revealed that phishers create Telegram channels to educate their audience about phishing and share links to these channels via YouTube, GitHub, and phishing kits.  Many channels offer tools to automate malicious workflows, such as generating phishing pages or

11021860661?profile=RESIZE_400xHealthcare companies are using electronic records and tapping digital services more than ever.  That is also creating more opportunities for cybercriminals, who already have exposed the private medical information of millions of patients and bolsters the case for the industry to make security priority No. 1, experts say.  Healthcare breaches have exposed 385 million patient records from 2010 to 2022, federal records show, though individual patient records could be counted multiple times.

Hacking

11003652893?profile=RESIZE_400xA New York man accused of running the popular cybercrime forum BreachForums was recently arrested and charged.  He is believed to be Pompompurin, an individual whose online moniker was mentioned in several high-profile hacking stories in the past years.   It is sad to know that this criminal used the name Pompompurin, which is the name of a good natured Golden Retriever dog character introduced by the Japanese company Sanrio (Hello Kitty) in 1996.  The suspect is 21-year-old Conor Brian Fitzpatr

11002734488?profile=RESIZE_400xOne of the US’ largest food distributors has left chefs, owners and restaurant staff across the nation scratching their heads and looking for answers after a disruption to service that began last week.  Fort Worth TX based Ben E. Keith issued a public statement last week regarding issues with their systems that left trucks unable to make deliveries to restaurants for days.[1]  The full statement reads: "Ben E. Keith recently detected unusual activity in our network.  In response, we proactively

11001051456?profile=RESIZE_400xItalian sports car maker Ferrari reported on 19 March that a threat actor had demanded a ransom related to customer contact details that may have been exposed in a ransomware attack.  “Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm,” the iconic car maker said.  “In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.”

The company did n

10998526880?profile=RESIZE_400xOur US government just loves acronyms.  Well, here’s a brand new one - RVWP.  The Department of Homeland Security (DHS), Cybersecurity infrastructure Security Agency (CISA) is telling organizations across all sectors and of all sizes they are often impacted by damaging ransomware incidents.  Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities.  By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experien

10997392868?profile=RESIZE_400xMost of us have had or heard from a friend who has been the target of an email scammer pretending to be a friend in distress who needs money wired out of town or out of the country.  Now scammers are using the telephone to inform you that your loved one is in distress.  And the caller may sound “just like” your friend/relative. At that moment, your instinct would be to do anything to help them escape danger, including wiring money.  My father was a victim of such a scam, but he called me first f

Red Sky Alliance would like to share a technical report through a recent joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.  These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. 

Visit stopransomware.gov t

10968031660?profile=RESIZE_400xOakland California officials declared a state of emergency on 14 February after a cyberattack that first hit city technology systems last week, which continues to make it impossible to pay parking fees, fines and taxes online or connect by phone with most city departments.  “The Office of the Mayor at Oakland City Hall. Oakland officials declared a state of emergency over a recent cyberattack that hobbled critical government technology systems.”  Calls to 911 and city emergency services are stil

10960601287?profile=RESIZE_400xThe first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims.  SentinelOne said it observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on 26 December 2022.  Clop has existed since about 2019, targeting large companiesfinancial institutionsprimary schools and critical infrastructure across the world. After the group targeted several major South Korean companies like e-commerce giant E

10960601287?profile=RESIZE_400xThe first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims.  SentinelOne said it observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on 26 December 2022.  Clop has existed since about 2019, targeting large companiesfinancial institutionsprimary schools and critical infrastructure across the world. After the group targeted several major South Korean companies like e-commerce giant E

10957305483?profile=RESIZE_400xA ransomware attack that hit ION Trading UK could take days to fix, leaving scores of brokers unable to process derivatives trades.  ION Group, the financial data firm's parent company, said in a statement on its website that the attack began last week.  "The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing," ION Group said.  Ransomware is a form of malicious software deployed by criminal gangs which works by encry

10953338653?profile=RESIZE_400xIn a recent report, Microsoft warns that phishing, fake software updates and unpatched vulnerabilities are being exploited for ransomware attacks.  More than one hundred different cyber-criminal gangs are actively conducting ransomware attacks, deploying over 50 different ransomware families in campaigns which see them encrypt networks and demand a ransom payment for the decryption key.  The analysis from Microsoft Security Intelligence notes that some of the most prominent ransomware attacks of

10947154064?profile=RESIZE_400xCyberattacks in the US have significantly increased over the past year, with the healthcare system and other critical sectors being attacked as the threat of malware like ransomware and foreign spyware continues to evolve.   During 2022, US government officials and lawmakers renewed their focus on cyber security and sought to secure the country’s critical sectors from rising cyber threats. This issue will increase in 2023, as many of those threats are still escalating while the cyber sector is c

10947114066?profile=RESIZE_400xIn the last few years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the Internet's most severe security crisis.  Now, the US Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a new security warning.

Ransomware is a type of malicious software, or malware that prevents you from accessing your computer files, systems, or networks and d

10928541653?profile=RESIZE_400xWe are only 10 days into 2023 and already a ransomware attacks continue to escalate.  San Francisco’s Bay Area Rapid Transit (BART) is investigating an alleged ransomware attack after the Vice Society ransomware gang claimed to have attacked the agency.  BART which is the fifth-busiest heavy rail rapid transit system in the US, was listed on the group’s leak site on Friday.  The chief communications officer for BART, reported that they are investigating the data that was stolen and posted by the

10921891279?profile=RESIZE_400xHospitals on the front line of cyberattacks are increasingly strained under the often deadly conditions created by such hacks.  Capitalizing on the chaos of the COVID-19 pandemic, cyber criminals frequently shut down hospital networks at a time when they were overwhelmed, leading to limited emergency services, canceled surgeries, and a spike in deaths.  Hackers used to treat hospitals as ‘off limits.’  Not the case anymore.

Cyber-attacks have long been viewed as less lethal than missile strikes,

10920546466?profile=RESIZE_400xCyber threat actors continue to adapt to break the latest technologies, practices, and data privacy laws. All organizations must stay ahead of cybercrime by implementing strong cybersecurity measures and programs for today and the New Year.

Expect an increase in digital supply chain attacks - With the rapid modernization and digitization of supply chains come new security risks.  Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply