RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...

Read The Manual Locker: A Private RaaS Provider

Read The Manual Locker: A Private RaaS Provider By Max Kersten · April 13, 2023 The underground intelligence was obtained by N074B07. Another day, another ransomware-as-a-service RaaS provider, or so it seems. We’ve observed the “Read The Manual” RTM Locker gang, previously known for their e-crim...

Taiwanese PC Company MSI Falls Victim to Ransomware Attack

Taiwanese PC company MSI short for Micro-Star International officially confirmed it was the victim of a cyber attack on its systems. The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agenci...

USB bombs sent to news organizations

We've warned about the possible dangers arising from plugging in unknown USB sticks before, but the dangers we're concerned with are normally confined to your data. However, this week we learned a far more serious threat. No fewer than five different news agencies in Ecuador were sent parcels...

Defeating Triple Extortion Ransomware: The Potent Combo of Ransomware and DDoS Attacks

Protect your organization from triple extortion ransomware – the devastating combination of ransomware and a DDoS attack – with these four steps...

"ViLE" members posed as police officers and extorted victims

Two men have been charged with wire fraud and conspiracy to commit computer intrusions after they allegedly extorted victims by threatening to publish their personal information online--a practice known as doxxing. In a press release, the US Attorney's Office in the Eastern District of New York...

LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions

U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise IoCs and tactics, techniques, and procedures TTPs associated with the notorious LockBit 3.0 ransomware. "The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service RaaS...

BianLian ransomware ramps up data-leak extortion and improves operational security

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BianLian ransomware group is ramping up data-leak extortion to extract payments, using similar tactics & a custom backdoor, and bringing 30 new C2 servers online monthly. To receive real-time threat...

What's Wrong with Manufacturing?

In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also th...

What's Wrong with Manufacturing?

In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also th...

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency DEA online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised...

Royal Ransomware Targets Organizations with Custom Encryption and Double Extortion Tactics

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Since September 2022, threat actors have been attacking both US and international organizations using a version of ransomware called Royal. This ransomware is unique...

Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme

The Dutch police announced the arrest of three individuals in connection with a "large-scale" criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent residence. The...

Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme

The Dutch police announced the arrest of three individuals in connection with a "large-scale" criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent residence. The...

Arrested: Fearmongering data thieves who victimized thousands of businesses

The Dutch police have announced the arrest of three more suspects in one of the biggest data extortion cases to date. The men, all aged between 18 and 21, were allegedly involved in extorting businesses and selling stolen data to other criminals. During a two-year investigation the police learned...

HardBit Ransomware: A Threatening Cyber Attack Targeting Organizations with New Version 2.0

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HardBit is a ransomware strain that focuses on extorting cryptocurrency payments from organizations in exchange for data decryption. It first emerged in October 2022, and a newer version, HardBit 2.0,...

Honeypot-Factory: The Use of Deception in ICS/OT Environments

The recently published Security Navigator report of Orange Cyberdefense shows there has been a rapid increase of attacks on industrial control systems ICS in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That's to be expected, as...

CISA issues alert with South Korean government about DPRK's ransomware antics

CISA and other federal agencies were joined by the National Intelligence Service NIS and the Defense Security Agency of the Republic of Korea ROK in releasing the latest cybersecurity advisory in the US government's ongoing StopRansomware effort. This alert highlights continuous state-sponsored...

Trigona Ransomware’s Rampant Threat to Businesses

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona has gained momentum lately due to its utilization of the double-extortion technique of encrypting crucial assets within an organization, including endpoints and infrastructure, and demanding...