Collaborate Disseminate
If true, it’s just the latest example of phony data requests used for illicit purposes.
The post Twitter may have given user’s private data to a ransomware hacker, who then ran a researcher offline appeared first on CyberScoop.
Chinese hackers have been targeting India’s power supply for years.
The post Suspected Chinese hackers are targeting India’s power grid appeared first on CyberScoop.
Continue reading Suspected Chinese hackers are targeting India’s power grid
Russia responds to economic sanctions hobbling renewals of its Internet security certificates by saying it will create its own.
The post Russia to create its own security certificate authority, alarming experts appeared first on CyberScoop.
Continue reading Russia to create its own security certificate authority, alarming experts
A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web. In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to “strike back” at any entities that organized “any war activities against Russia.” But ten days after the leaks began, Conti appears to be thriving. Experts say the notorious ransomware gang has pivoted all too easily, replacing much of the infrastructure that was exposed in the leaks while moving quickly to hit new targets with ransom demands. According to Vitali Kremez, CEO of the cybersecurity firm AdvIntel, by Monday morning Conti had successfully completed two new data breaches at […]
The post Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say appeared first on CyberScoop.
Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents. Continue reading Microsoft Patch Tuesday, February 2022 Edition
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant. Continue reading Who Wrote the ALPHV/BlackCat Ransomware Strain?
State-sponsored hacking groups have been uncharacteristically quiet leading up to the Olympic Games next month in Beijing. Researchers say there’s one big reason why: No one wants to get on the bad side of China. “Disruptive Russian, Iranian, and North Korean state-sponsored cyberattacks targeting the 2022 Winter Olympics are unlikely to manifest due to the close relationships those countries maintain with the host nation, China,” Recorded Future researchers write in a report on potential cybersecurity threats to the games released Wednesday. Although high-level attacks are unlikely, the Winter Games still present a target-rich environment for nation-state groups that focus on cyber-espionage, researchers say. And — as is typical for any large international event — cybercriminals also will be looking for opportunities to scam athletes, organizers, volunteers and fans during the Winter Games. Beware of SIM cards Advanced persistent threat (APT) groups from Iran and Russia, while unlikely to attack China […]
The post APTs quiet ahead of Beijing games, but financially motivated hackers are still lurking, research says appeared first on CyberScoop.
Ransomware is fundamentally about reaping massive profits from victims — payments were on pace to cross the billion-dollar threshold in 2021, according to the U.S. government — but there are signs foreign government-connected groups are increasingly moving into a territory dominated by criminal gangs, and for an entirely different motive: namely, causing chaos. Research that Microsoft and cybersecurity company CrowdStrike recently publicized separately concluded that Iranian hackers tied to Tehran had been conducting ransomware attacks that weren’t about making money, but instead disrupting their enemies. It echoed research from last spring and summer by FlashPoint and SentinelOne, respectively. When disruptive ransomware pays off, those who have studied the phenomenon say, it can embarrass victims. It can be used to steal data and leak sensitive information the public. It can lock up systems, disabling targets. And given the prominence of ransomware, it’s another method that foreign intelligence and military agencies can use […]
The post Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem. appeared first on CyberScoop.
Police in Ukraine on Thursday said they broke up a ransomware gang allegedly responsible for extorting more than 50 companies across Europe and the U.S. for more than $1 million. The Ukrainian Cyberpolice, a division of the country’s national police, announced the arrest of an unnamed 36-year-old man who they say partnered with his wife and three others to carry out ransomware attacks. The group is also accused of providing virtual private network (VPN) services to other criminals for a fee. VPNs are widely and legally used around the world to shield portions of internet traffic and obscure the end-user’s IP address. But police in Ukraine say this VPN service also allowed customers to download computer viruses, spyware and other malware. “It was a purely ‘gangster’ service created by criminals for criminals and not under the control of any government or law enforcement agencies,” the Security Service of Ukraine said in […]
The post Ukrainian authorities arrest suspected ransomware ringleader appeared first on CyberScoop.
Continue reading Ukrainian authorities arrest suspected ransomware ringleader
An under-the-radar ransomware group that’s been attacking schools, hospitals and other critical infrastructure has tried to cover its tracks by rebranding, according to findings from researchers at Mandiant. Sabbath, a rebrand of the ransomware group Arcane, “is unfortunately not slowing down” in its attacks, Tyler McLellan, principal analyst at Mandiant, said in a statement. “They picked up their pace right into November 2021, when its public shaming portal mysteriously went offline.” Researchers first caught onto Sabbath in October, when it held the data of a Texas school district for school for ransom. Interestingly, the group turned to social media platform Reddit to make its ransom demand. Ransomware gangs often host their own websites where they shame victims and threaten to leak data. Sabbath eventually launched its own victim site, which researchers found nearly identical to that of a formerly active group that went by the name Arcane. The two groups […]
The post Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny appeared first on CyberScoop.
Continue reading Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny