Collaborate Disseminate
Users exposing poorly secured PostgreSQL and MySQL servers online are in danger of getting their databases wiped by a ransomware bot, Border0 researchers are warning. The attackers asks for a small sum to return / not publish the data, but those who pa… Continue reading Poorly secured PostgreSQL, MySQL servers targeted by ransomware bot
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets its data decrypted, they cann… Continue reading “Security researcher” offers to delete data stolen by ransomware attackers
The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. FBI develops ALPHV/Blackcat decryptor Over the past 18 months, ALPHV/Blackcat has e… Continue reading Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims
In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must p… Continue reading Vulnerability disclosure: Legal risks and ethical considerations for researchers
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter many… Continue reading The shifting sands of the war against cyber extortion
A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days.
This is over the top, but is just another example of the extreme pressure ransomware gangs put on companies after seizing their data. Gangs are now going through the data, looking for particularly important or embarrassing pieces of data to threaten executives with exposing. I have heard stories of executives’ families being threatened, of consensual porn being identified (people regularly mix work and personal email) and exposed, and of victims’ customers and partners being directly contacted. Ransoms are in the millions, and gangs do their best to ensure that the pressure to pay is intense…
Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ra… Continue reading Nuclear and oil & gas are major targets of ransomware groups in 2024
Ransomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider threats. While the future of ransomware is full of unknown threats, we can look to […]
The post The evolution of ransomware: Lessons for the future appeared first on Security Intelligence.
Continue reading The evolution of ransomware: Lessons for the future
A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively address ransomware. Ransomware, as predicted, is growing at tremendous rates an… Continue reading Success eludes the International Counter Ransomware Initiative
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-day … Continue reading MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)