‘Double-Extortion’ Ransomware Damage Skyrockets 935%

The ransomware business is booming, and feeble corporate security and a flourishing ransomware-as-a-service RaaS affiliate market are to blame, researchers say. Access to compromised networks is cheap, thanks to a rise in the number of initial-access brokers and RaaS tools can turn everyday petty...

Planned Parenthood Breach Opens Patients to Follow-On Attacks

Planned Parenthood’s Los Angeles PPLA division has been hacked, with cyberattackers making off with sensitive personal health information for at least 400,000 patients. In a data-breach notice PDF filed with the state of California, the organization said that it had detected the intrusion on Oct...

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

In January 2021, technology vendor Ubiquiti Inc. NYSE:UI disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud...

Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims

The clearnet and dark web payment portals operated by the Conti ransomware group have gone down in what appears to be an attempt to shift to new infrastructure after details about the gang's inner workings and its members were made public. According to MalwareHunterTeam, "while both the clearweb...

Conti Ransomware

Conti is a sophisticated Ransomware-as-a-Service RaaS model first detected in December 2019. Since its inception, its use has grown rapidly and has even displaced the use of other RaaS tools like Ryuk. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigati...

Robinhood Trading Platform Data Breach Hits 7M Customers

Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers – roughly a third of its user base. A cyberattacker made off with emails and more, which could lead to follow-on attacks for Robinhood customers. The tradi...

DDoS Attacks Shatter Records in Q3, Report Finds

The third quarter saw the sheer volume of distributed denial-of-service DDoS attacks surge to several thousand hits per day, signaling a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation and straight-up...

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted...

FBI Releases PIN on Attacks Using Significant Financial Events for Extortion

The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN on ransomware actors using significant financial events, such as mergers and acquisitions, to target and leverage victim companies. CISA encourages users and administrators to review Ransomware Actors Use...

Ransomware Gangs Target Corporate Financial Activities

Ransomware gangs are zeroing in on publicly held companies with the threat of financial exposure in an effort to encourage ransom payments, the FBI is warning. In an alert issued this week PDF, the Bureau said that activity over the course of the past year shows a trend toward targeting companies...

Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion

Demanding payment in exchange for not publicly disclosing a vulnerability isn’t the same as a bug bounty program; it’s extortion. A 30-year-old alleged sports content pirate in Minneapolis, Minn., has found himself on the receiving end of a criminal complaint alleging that he not only stole user...

SquirrelWaffle Loader Malspams, Packs Qakbot, Cobalt Strike

SquirrelWaffle, a new malware loader, is mal-spamming malicious Microsoft Office documents to deliver Qakbot malware and the penetration-testing tool Cobalt Strike – two of the most common threats regularly observed targeting organizations around the world. Cisco Talos researchers said on Tuesday...

REvil ransomware gang goes dark after its Tor sites are hacked

By Deeba Ahmed In July 2021 the REvil ransomware group vanished due to mounting US pressure after the Kaseya attack. However, the group was back in September 2021 by carrying out extortion-based DDoS attacks on ITSPs in the UK and Canada/America. The infamous REvil ransomware group has suddenly...

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

In less time than it takes to get a stuffed crust pizza delivered, a new group called SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team — no ransomware...

How cyberattacks are changing according to new Microsoft Digital Defense Report

In 2021, cybercrime has become more sophisticated, widespread, and relentless. Criminals have targeted critical infrastructure—healthcare,1 information technology,2 financial services,3 energy sectors4—with headline-grabbing attacks that crippled businesses and harmed consumers. But there are...

Ransomware Hackers Who Attacked Over 100 Companies Arrested in Ukraine

Law enforcement agencies have announced the arrest of two "prolific ransomware operators" in Ukraine who allegedly conducted a string of targeted attacks against large industrial entities in Europe and North America since at least April 2020, marking the latest step in combating ransomware...

Conti Ransomware Expands Ability to Blow Up Backups

Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect. That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction ...

A guide to combatting human-operated ransomware: Part 2

This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page. In part one of this bl...

A guide to combatting human-operated ransomware: Part 2

This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page. In part one of this bl...

Canadian firm VoIP.ms hit by non-stop extortion-based DDoS attacks

By Waqas Although unconfirmed; the notorious REvil ransomware gang could be behind the DDoS attacks on VoIP.ms. Here's what we know so far. This is a post from HackRead.com Read the original post: Canadian firm VoIP.ms hit by non-stop extortion-based DDoS attacks...