Countdown to Ransomware: Analysis of Ransomware Attack Timelines

This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021:  2019: 2+ months — The TrickBot (initial access) to Ryuk (deployment) attack path resulted in a 90% increase in ransomware […]

The post Countdown to Ransomware: Analysis of Ransomware Attack Timelines appeared first on Security Intelligence.

Continue reading Countdown to Ransomware: Analysis of Ransomware Attack Timelines

Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail

IBM Security X-Force researchers have discovered a revamped version of the Trickbot Group’s AnchorDNS backdoor being used in recent attacks ending with the deployment of Conti ransomware. The Trickbot Group, which X-Force tracks as ITG23, is a cybercriminal gang known primarily for developing the Trickbot banking Trojan, which was first identified in 2016 and initially […]

The post Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail appeared first on Security Intelligence.

Continue reading Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail

What CISA Incident Response Playbooks Mean for Your Organization

What does the latest U.S. federal ruling on cybersecurity mean for you? The recent executive order and U.S. Cybersecurity & Infrastructure Security Agency (CISA) commentary on it could provide a good framework for defending against ransomware and other attacks. In its executive order on ‘Improving the Nation’s Cybersecurity,’ the White House directed the Secretary of […]

The post What CISA Incident Response Playbooks Mean for Your Organization appeared first on Security Intelligence.

Continue reading What CISA Incident Response Playbooks Mean for Your Organization

What CISA Incident Response Playbooks Mean for Your Organization

What does the latest U.S. federal ruling on cybersecurity mean for you? The recent executive order and U.S. Cybersecurity & Infrastructure Security Agency (CISA) commentary on it could provide a good framework for defending against ransomware and other attacks. In its executive order on ‘Improving the Nation’s Cybersecurity,’ the White House directed the Secretary of […]

The post What CISA Incident Response Playbooks Mean for Your Organization appeared first on Security Intelligence.

Continue reading What CISA Incident Response Playbooks Mean for Your Organization

Ransomware Attackers’ New Tactic: Double Extortion

Need another reason to defend against ransomware instead of ending up having to find a solution other than paying it? Double extortion may be it. So, what is double extortion? When did it start? With this tactic, ransomware actors steal a victim’s data before their malware strain activates its encryption routine. They then have the […]

The post Ransomware Attackers’ New Tactic: Double Extortion appeared first on Security Intelligence.

Continue reading Ransomware Attackers’ New Tactic: Double Extortion

Vancouver Metro Disrupted by Egregor Ransomware

The attack, which prevented Translink users from using their metro cards or buying tickets at kiosks, is the second from the prolific threat group just this week. Continue reading Vancouver Metro Disrupted by Egregor Ransomware

Clop Gang Makes Off with 2M Credit Cards from E-Land

The ransomware group pilfered payment-card data and credentials for over a year, before ending with an attack last month that shut down many of the South Korean retailer’s stores. Continue reading Clop Gang Makes Off with 2M Credit Cards from E-Land