Collaborate Disseminate
Researchers have spotted that the TOR address used by the notorious REvil ransomware gang is now redirecting to a new website, with information about seemingly new attacks.
Read more in my article on the Tripwire State of Security blog. Continue reading REvil reborn? Notorious gang’s dark web site redirects to new ransomware operation
By Deeba Ahmed
Yaroslav Vasinskyi (22) is believed to be part of the REvil Ransomware gang that was behind multiple ransomware…
This is a post from HackRead.com Read the original post: Alleged Ukrainian Member of REvil Ransomware Gang Extradited … Continue reading Alleged Ukrainian Member of REvil Ransomware Gang Extradited to US
Yaroslav Vasinskyi faces up to 115 years in jail.
The post REvil member accused of Kaseya ransomware attack arraigned in Texas appeared first on CyberScoop.
Continue reading REvil member accused of Kaseya ransomware attack arraigned in Texas
By Deeba Ahmed
Imperva, a cyber security software and services company has thwarted a massive 2.5 million RPS (requests per second)…
This is a post from HackRead.com Read the original post: Imperva mitigated a series of massive ransom DDoS attacks
Continue reading Imperva mitigated a series of massive ransom DDoS attacks
The Conti ransomware gang says that it supports the Russian government’s invasion of Ukraine… and if anyone launches a retaliatory cyber attack against Russia, they will hit back hard – launching attacks on critical infrastructure. Continue reading Conti ransomware gang: You attack Russia, we’ll hack you back
Russian authorities seized the websites of several Russian cybercrime forums Monday, the latest in a string of high-profile actions the government there has taken against cybercriminals. Visitors to the websites for Sky Fraud, a forum for stolen credit card data, were greeted with a message posted by the Russian Ministry of Internal Affairs announcing that the page was blocked. Other “carding” and cybercrime forums were also seized, including Ferum and Trump’s Dumps, as well as U-A-S Shop, which offered illicit remote access to various organizations through the remote desktop protocol (RDP) tool. “The SKYFRAUD resource was closed forever during a special law enforcement operation,” the message reads in Russian translated to English. “Management ‘K’ of the BSTM of the Ministry of Internal Affairs of Russia warns: theft of funds from bank cards is illegal!” Within the source code of the seized website, the Russian government left a message: “Which of […]
The post Russian government continues crackdown on cybercriminals appeared first on CyberScoop.
Continue reading Russian government continues crackdown on cybercriminals
European oil and transportation services have spent all week under attack by ransomware. The latest victim, aviation services company Swissport, announced Friday that ransomware struck part of its IT infrastructure, causing flight delays and knocking its website offline. The company said last month that in 2019, it fueled 2.3 million flights, and claims 2,000 employees at 40 airports across six countries. ⚠️ A part of #Swissport’s IT infrastructure was subject to a ransomware attack. The attack has been largely contained, and we are working actively to fully resolve the issue as quickly as possible. Swissport regrets any impact the incidence has had on our service delivery. — Swissport (@swissportNews) February 4, 2022 The announcement comes one day after reports of attacks on oil port terminals in Belgium and the Netherlands. Earlier this week, two German oil companies became ransomware victims as well, forcing one of the companies into operating at […]
The post Ransomware spree hitting European oil, transport companies appeared first on CyberScoop.
Continue reading Ransomware spree hitting European oil, transport companies
The State Department is offering a $10 million reward for information on two Iranian hackers who allegedly participated in state-sponsored cyber operations designed to interfere with the 2020 U.S. presidential election. The two individuals, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, were charged with computer fraud, voter intimidation and transmission of interstate threats according to a federal indictment unsealed in November. The activity took place between August 2020 and November 2020. The State Department is offering the reward under its “Rewards for Justice” program, which has posted equal bounties for information about ransomware groups DarkSide and REvil. The indictment of the Iranians painted a picture of an extensive operation aimed at fomenting partisan divides ahead of the 2020 election. The campaign included allegedly sending threatening emails to Florida Democrats aimed at intimidating them into voting for Trump, while posing as the right-wing nationalist group Proud Boys. U.S. […]
The post State Department offers $10M for information on Iranian election interference appeared first on CyberScoop.
Continue reading State Department offers $10M for information on Iranian election interference
The Russian government’s Jan. 14 takedown of suspects associated with the notorious REvil ransomware group was an example of increasing cooperation between the U.S. and Russian governments on cybersecurity matters, a top Russian official said Friday, but the Russian government is still waiting for U.S. reciprocation on its own cyber requests. In a wide-ranging interview, Dmitry Medvedev, the former president and prime minister of Russia and currently the deputy secretary of the country’s Security Council, called the REvil arrests a “joint operation” and “perhaps one of the few areas where, despite very problematic relations with the United States, our cooperation has intensified.” Nevertheless, he added, the Russian government is waiting for definitive answers on what the Russian government considers distributed denial-of-service (DDoS) attacks on components of its remote election infrastructure during the September 2021 State Duma elections. The U.S. government has rebutted any notion of outside interference in those elections. […]
The post Top Russian official cites REvil arrests as sign of cooperation, says Moscow is awaiting reciprocation appeared first on CyberScoop.
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant. Continue reading Who Wrote the ALPHV/BlackCat Ransomware Strain?