Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 145

Ransomware Encryption Malware Hacking 145

SecureList

MAY 11, 2022

Ahead of the Anti-Ransomware Day, we summarized the tendencies that characterize ransomware landscape in 2022. Watching and assessing these tendencies not only provides us with threat intelligence to fight cybercrime today, but also helps us deduce what trends may see in the months to come and prepare for them better. –size.

Ransomware 144

Ransomware Encryption Malware Cybercrime 144

SecureList

NOVEMBER 23, 2021

Governments in many countries push for easier identification of Internet users to fight cybercrime, as well as “traditional” crime coordinated online. While we hope 2022 will be the last pandemic year, we do not think the privacy trends will reverse. What will be the consequences of these processes?

Government 137

Government Internet Internet Technology 137

SecureList

NOVEMBER 23, 2021

Finally, we will make some forecasts about financial attacks in 2022. The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world. Analysis of forecasts for 2021.

Cryptocurrency 142

Cryptocurrency Banking Cybercrime Ransomware 142

McAfee

NOVEMBER 7, 2021

McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into a Game of Thrones power struggle among Ransomware-as-a-Service bad actors in 2022. Prediction: Self-reliant cybercrime groups will shift the balance of power within the RaaS eco-kingdom. .

Cybercrime 124

Cybercrime Ransomware Cyber threats Advertising 124

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below.

Cryptocurrency 270

Cryptocurrency Cybercrime Computers and Electronics Scams 270

McAfee

OCTOBER 26, 2021

What cyber security threats should enterprises look out for in 2022? Skilled engineers and security architects from McAfee Enterprise and FireEye offer a preview of how the threatscape might look in 2022 and how these new or evolving threats could potentially impact the security of enterprises, countries, and civilians. By John Fokker.

Cybercrime 118

Cybercrime Ransomware Risk B2C 118

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. ” continues the report.

Encryption 98

Encryption Ransomware Cybercrime Engineering 98

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0 The content of this post is solely the responsibility of the author. Both LockBit 3.0

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

CyberSecurity Insiders

JANUARY 28, 2022

Here are five steps to preserve health care data security in 2022. Encrypt Data at All Points. Another crucial step in securing health care data is encrypting it. HIPAA doesn’t necessarily require encryption, but it is a helpful step in maintaining privacy, as it renders information virtually useless to anyone who intercepts it.

Penetration Testing 105

Penetration Testing Encryption Social Engineering Phishing 105

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Cybercriminals pay neither for equipment, nor for electricity, which is rather expensive in 2022. In this report we analyze cryptojacking activity in the first three quarters of 2022, and provide some relevant statistics and insights.

Cryptocurrency 142

Cryptocurrency Malware Software Ransomware 142

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Starting from September 2022, the note was changed to Royal.

Encryption 98

Encryption Ransomware Malware Healthcare 98

SecureList

NOVEMBER 1, 2022

This is our latest installment, focusing on activities that we observed during Q3 2022. We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. The most remarkable findings.

Malware 145

Malware Ransomware Spyware Encryption 145

Webroot

JANUARY 7, 2022

The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. This has created a perfect breeding ground for aspiring cybercriminals and organized cybercrime groups that support newcomers with venture capitalist-style funding. What to expect in 2022?

Cybercrime 110

Cybercrime Ransomware Phishing Cryptocurrency 110

McAfee

OCTOBER 31, 2021

McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into the continuingly aggressive role Nation States will play in 2022. Unfortunately, cybercrime has nonrepudiation and threat actors can deny all knowledge and get away with it. By Raj Samani. Prevention.

Cybercrime 115

Cybercrime Government Malware Media 115

SecureList

NOVEMBER 23, 2021

The debate about which threats pose the most danger to industrial enterprises often revolves around comparisons between APTs and cybercrime. Similarly, APTs masquerading as cybercrime, and attacks by cybercriminals pretending to be an APT, have lost their wow factor. Actions of various attacker categories. Threats to OT.

Spyware 142

Spyware Phishing Cybercrime Energy and Utilities 142

Security Affairs

DECEMBER 23, 2022

The data breach suffered by LastPass in August 2022 may have been more severe than previously thought. In an update published on Thursday, the company revealed that threat actors obtained personal information belonging to its customers, including encrypted password vaults. Website URLs) and 256-bit AES-encrypted sensitive (i.e.

Encryption 98

Encryption Passwords Backups Data breaches 98

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. The security breach was disclosed in November 2022, but at the time the company was not able to determine the impact on its customers’ data. ” continues the notice.

Backups 98

Backups Encryption Data breaches Passwords 98

SecureList

AUGUST 1, 2024

For example, Key Group, aka keygroup777, has used no fewer than eight different ransomware families throughout their relatively short history (since April 2022) – see the image below. Mallox Mallox is another relatively new ransomware variant that first came to light in 2021 and kicked off an affiliate program in 2022.

Ransomware 118

Ransomware Cybercrime Education Malware 118

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. The only local government known to have paid a ransom in 2022 was Quincy, MA., The post Ransomware attacks hit 105 US local governments in 2022 appeared first on Security Affairs.

Government 98

Government Ransomware Healthcare Education 98

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022.

Hacking 144

Hacking Encryption Ransomware Insurance 144

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 98

Encryption Malware Cryptocurrency Software 98

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Encrypting sensitive data wherever possible. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S.

Healthcare 306

Healthcare Backups Ransomware Insurance 306

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The researchers conducted five separate encryption speed tests in a controlled environment (with 6 CPUs, 8192MB RAM, SSD, and 220000 files to be encrypted), limited to local drive encryption only.

Encryption 98

Encryption Ransomware Malware Backups 98

SecureList

JUNE 22, 2023

Phishing and a kit Recently we stumbled upon a Business Email Compromise (BEC) case, active since at least Q3 2022. KTAE shows similarities between LockBit Green and Conti Three pieces of adopted code really stand out: the ransomware note, the command line options and the encryption scheme.

Phishing 140

Phishing Encryption Cybercrime Ransomware 140

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. In March 2022, SOVA authors released version 3.0 The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. ” reads the report. ” reads the report.

Ransomware 102

Ransomware Financial Services Manufacturing Healthcare 102

SecureWorld News

MARCH 29, 2024

Cybercriminals can then exploit the compromised device for various purposes, such as stealing personal information, conducting financial fraud, recruiting it into a botnet, or encrypting data and holding it for ransom. A stepping stone to impactful cybercrime This tactic has tangible real-world implications.

Cybercrime 88

Cybercrime Advertising Engineering Antivirus 88

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. The Ransom Cartel operation was launched in December 2022, and security experts at MalawareHunterTeam were among the first research teams to speculate a possible link with Revil.

Ransomware 142

Ransomware Encryption Engineering Cybercrime 142

Security Affairs

JUNE 12, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Ransomware 145

Ransomware DNS Cybercrime Hacking 145

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. It’s just some kind of sabotage.” 23, 2020. .”

Ransomware 305

Ransomware Healthcare Cybercrime Government 305

Malwarebytes

FEBRUARY 6, 2024

Big game attacks extort vast ransoms from organizations by holding their data hostage—either with encryption, the threat of damaging data leaks, or both. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 137

Ransomware Cybercrime Malware Social Engineering 137

Krebs on Security

FEBRUARY 16, 2022

The same day the ICRC went public with its breach, someone using the nickname “ Sheriff ” on the English-language cybercrime forum RaidForums advertised the sale of data from the Red Cross and Red Crescent Movement. This in turn allowed them to access the data, despite this data being encrypted.” ” On Jan.

Hacking 281

Hacking Ransomware Media Accountability 281

eSecurity Planet

NOVEMBER 30, 2021

As cybercrime has grown in both frequency and severity, zero trust’s advantages have become increasingly clear. It’s able to export passwords and other sensitive data into CSV files that can then be encrypted and stored securely. Without PAM, zero trust security would be difficult if not impossible. Updated by Devin Partida.

Software 132

Software Accountability Government Passwords 132

Security Affairs

JULY 9, 2024

DoNex is a rebrand of Muse and DarkRace ransomware, it first appeared in the threat landscape in April 2022. Upon execution, an encryption key is generated by CryptGenRandom() function. The malicious code uses the key to initialize ChaCha20 symmetric key and subsequently encrypt files.

Ransomware 135

Ransomware Encryption Passwords Hacking 135

SecureList

MAY 8, 2024

Ransomware landscape: rise in targeted groups and attacks Kaspersky collected data on targeted ransomware groups and their attacks from multiple relevant public sources, for the years 2022 and 2023, filtered and validated it. The reason for its remarkable activity may be its builder leak in 2022.

Ransomware 138

Ransomware Encryption Small Business Cybersecurity 138

SecureList

JANUARY 30, 2023

Just as any other business, cybercrime needs labor. We reviewed job ads and resumes that were posted on 155 dark web forums from January 2020 through June 2022 and analyzed those containing information about a long-term engagement or a full-time job. Offers like that come from hacker groups, among others.

Cybercrime 143

Cybercrime Marketing Encryption Risk 143