Protecting the human attack surface from the next ransomware attack

As we head into 2021, ransomware is making another resurgence, particularly in targeted attacks from highly organized hacker groups. In fact, cybercrime is surging since the start of the pandemic. When IT and security professionals plan how to respond,… Continue reading Protecting the human attack surface from the next ransomware attack

Energy giant Shell impacted in Accellion hack

Oil and gas company Shell is the latest organization to get caught up in the hack that targeted IT provider Accellion’s file-sharing platform, the energy company says. The suspected criminal hackers behind the breach, who have gone after victims around the world using vulnerabilities in Accellion’s file transfer application (FTA), have accessed some personal data as well as data belonging to Shell stakeholders and subsidiaries, the company said on March 16. Shell had used the FTA to securely transfer large files. The incident appears to have only impacted the Accellion file transfer service. Shell claims there is “no evidence” so far that the incident has affected Shell’s IT system itself. Shell is working with authorities and regulators to investigate the incident, the firm said. The list of companies that use Accellion’s FTA that have fallen victim to the Accellion hack continues growing by the day. A Michigan-based savings bank and […]

The post Energy giant Shell impacted in Accellion hack appeared first on CyberScoop.

Continue reading Energy giant Shell impacted in Accellion hack

IT Security firm Qualys extorted by Clop gang after data breach

By Waqas
Qualys has confirmed that the Clop ransomware gang is behind the cyber attack that exploited Accellion exploit.
This is a post from HackRead.com Read the original post: IT Security firm Qualys extorted by Clop gang after data breach
Continue reading IT Security firm Qualys extorted by Clop gang after data breach

Accellion FTA attacks, extortion attempts might be the work of FIN11

Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations. Accellion has also confirmed on Monday that “out of approximately 30… Continue reading Accellion FTA attacks, extortion attempts might be the work of FIN11

After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy

Vastaamo, the Finnish psychotherapy practice that covered up a horrific data breach which resulted in patients receiving blackmail threats, has declared itself bankrupt.

Read more in my article on the Hot for Security blog. Continue reading After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy

Meet Babuk, a ransomware attacker blamed for the Serco breach

It began with a laughable offer. Someone calling themselves “biba99” on a popular criminal forum claimed on Jan. 5 to provide “non-malicious” software to help organizations identify “security issues.” The author struggled to explain, in halting English, “why we are not … criminals” while assuring readers that the group would not hack hospitals or schools. A month later, the attacker behind what appeared to be a bumbling forum post is reportedly claiming responsibility for a ransomware attack on the multibillion-dollar outsourcing firm Serco. The ransomware gang, dubbed Babuk after the strain of code it uses, is a case study in how quickly crooks can learn the basics of digital extortion — and how that breeds ambition for big corporate scalps. It shows how even relatively unsophisticated criminals can bedevil major corporations. After claiming to only target companies that earn less than $4 million, the Babuk attacker went after Serco, Sky News […]

The post Meet Babuk, a ransomware attacker blamed for the Serco breach appeared first on CyberScoop.

Continue reading Meet Babuk, a ransomware attacker blamed for the Serco breach

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Facebook, Instagram, TikTok, and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrative resale of compromised, highly sought-after usernames. Continue reading Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

PART I: Retrospective 2020: DDoS Was Back — Bigger and Badder Than Ever Before

Never before has the risk of a distributed denial-of-service (DDoS) attack been higher. In 2020, we saw record-breaking attacks, a DDoS extortion campaign impacting thousands of organizations globally, more emergency customer turnups, and more Akamai customers attacked than any year on record — and we’ve been successfully fighting DDoS attacks since 2003! We also saw a big increase in attacks targeting verticals that haven’t seen as much activity of late, with 7 of 11 of the industries we track seeing peak attack counts in 2020. Continue reading PART I: Retrospective 2020: DDoS Was Back — Bigger and Badder Than Ever Before

On the Evolution of Ransomware

Good article on the evolution of ransomware:

Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and, unfortunately, predictable devolution. After years spent honing their techniques, attackers are growing bolder. They’ve begun to incorporate other types of extortion like blackmail into their arsenals, by exfiltrating an organization’s data and then threatening to release it if the victim doesn’t pay an additional fee. Most significantly, ransomware attackers have transitioned from a model in which they hit lots of individuals and accumulated many small ransom payments to one where they carefully plan attacks against a …

Continue reading On the Evolution of Ransomware

Finnish Data Theft and Extortion

The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they started extorting money from the patients:

Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records. The company reportedly did not pay up. Given the scale of the attack and the sensitive nature of the stolen data, the case has become a national story in Finland. Globally, attacks on health care organizations have escalated as cybercriminals look for higher-value targets…

Continue reading Finnish Data Theft and Extortion