Collaborate Disseminate
The security community witnessed triple-digit growth in the number of publicly disclosed ransomware incidents in 2020. As noted in a previous blog post on Five Things You Need to Know About Ransomware Attacks, ransomware attacks grew 715% in H1 20… Continue reading Ransomware Trends: Six Notable Ransomware Attacks from 2021
In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick. Continue reading Try This One Weird Trick Russian Hackers Hate
Ransomware hacking groups are getting greedier. The average demand for a digital extortion payment shot up in the first quarter of this year to $220,298, up 43% from the previous quarter, according to a quarterly report from Coveware, a ransomware response firm. The median payment, too, jumped up 58% from from $49,450 to $78,398. The majority of ransomware attacks in the first quarter also involved theft of corporate data, a continuation of a trend of ransomware actors increasingly relying on exfiltration and extortion demands. Seventy-seven percent of ransomware attacks included the threat to publish stolen data in the first quarter of this year, which is up 10% compared to the last quarter of 2020, Coveware found. The report comes as the U.S. government is working to improve law enforcement actions targeting the infrastructure that supports ransomware gangs. In recognition that extortion demands are an increasingly popular approach, the U.S. Department of […]
The post Ransomware demands up by 43% so far in 2021, Coveware says appeared first on CyberScoop.
Continue reading Ransomware demands up by 43% so far in 2021, Coveware says
The Sodinokibi ransomware gang is trying to extort Apple following an attack against one of the tech giant’s business partners. According to Bloomberg News, someone using the moniker “Unknown” announced on April 18 that the Sodinokibi/REvil gang w… Continue reading Sodinokibi Ransomware Gang Extorts Apple Through Supply Chain Attack
When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express
When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike. Continue reading Cyberattacks on Healthcare Spike 45% Since November
In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.
The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of clients globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually. Continue reading Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo
Network access to various industries is being offered in underground forums at as little as $300 a pop – and researchers warn that ransomware groups like Maze and NetWalker could be buying in. Continue reading Ransomware Attackers Buy Network Access in Cyberattack Shortcut
The last six months have seen damaging ransomware attacks on two multibillion-dollar IT firms, Conduent and Cognizant, with clients all over the world. The incidents locked computers across the companies, cut into revenue and required days, if not weeks, of clean up. A report published Monday by consulting giant Accenture warns that the kind of criminal groups behind those attacks have more options than ever for accessing corporate networks thanks to a thriving market for outsourced hacking. Accenture researchers are tracking more the 25 regular “network access sellers,” or people who specialize in breaching an organization’s networks and handing off that access to the highest bidder. The access sellers have frequented the same underground forums as the people involved with prolific strains of ransomware like NetWalker and Maze, the latter which was used against Cognizant. “Network access selling has progressed from a niche underground offering throughout 2017 to a central pillar of criminal underground […]
The post How middlemen are giving ransomware gangs more attack options appeared first on CyberScoop.
Continue reading How middlemen are giving ransomware gangs more attack options