LockBit Ransomware Gang in Decline, May Be Compromised, Report

By Habiba Rashid A new report from Jon DiMaggio, Chief Security Strategist at Analyst1, “Ransomware Diaries: Volume 3 - LockBit’s Secrets'' exposes LockBit's activities, their targets, and the challenges they've been facing. This is a post from HackRead.com Read the original post: LockBit...

Ransomware review: August 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

PT-2023-5957 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0. before 8.0.30 PHP versions 8.1. before 8.1.22 PHP versions 8.2. before 8.2.8 Description: The issue is caused by insufficient length checking when loading phar files, leading to a stack buffer overflow, which can result in...

Ransomware review: July 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

Attacks, Vulnerabilities and Actors 3 July to 9 July 2023

For a detailed threat digest, download the pdf file here Summary HiveForceLabs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eight attacks executed, a zero-day vulnerability in the WordPress Plugin, and thre...

Lockbit Ransomware strikes, demands $70-million Ransom

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lockbit sub-group, National Hazard Agency, claims of data exfiltration from TSMC systems, allegedly deployed Ransomware and demands 70-million-dollar ransom. TSMC has clarified that their system is...

LockBit Green and phishing that targets organizations

Introduction In recent months, we published private reports on a broad range of subjects. We wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, we selected three private reports, namely those related to LockBit and phishing campaigns...

Actors, Threats and Vulnerabilities 12 June to 18 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of twenty different vulnerabilities in...

US dangles $10 million reward for information about Cl0p ransomware gang

The US Department of States national security rewards program, Rewards for Justice RFJ, is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...

A Newly Named Group of GRU Hackers is Wreaking Havoc in Ukraine

Plus: The arrest of an alleged Lockbit ransomware hacker, the wild tale of a problematic FBI informant, and one of North Korea’s biggest crypto heists...

20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona

The U.S. Department of Justice DoJ on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa. Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least...

20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona

The U.S. Department of Justice DoJ on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa. Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least...

LockBit Ransomware Evolving Tactics and Pervasive Impact in 2023

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware is a highly impactful Ransomware-as-a-Service RaaS variant that targets critical sectors globally. Since 2020, victims in the US alone have paid around $91 million in ransom payments...

LockBit Ransomware Extorts $91 Million from U.S. Companies

The threat actors behind the LockBit ransomware-as-a-service RaaS scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That's according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency CISA, the...

LockBit Ransomware Extorts $91 Million from U.S. Companies

The threat actors behind the LockBit ransomware-as-a-service RaaS scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That's according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency CISA, the...

LockBit ransomware advisory from CISA provides interesting insights

The US Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand CERT NZ, NCSC-NZ have all...

CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit

Today, CISA, the Federal Bureau of Investigation FBI, the Multi-State Information Sharing and Analysis Center MS-ISAC, and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory CSA to help organizations understand and defend against threat...

Understanding Ransomware Threat Actors: LockBit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food...

Ransomware review: June 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool,...