LA housing authority is latest LockBit ransomware victim

The Housing Authority of the City of Los Angeles HACLA, established in 1938 to provide affordable housing in Los Angeles, confirmed in a statement that it was a victim of a ransomware cyberattack. This is the second major attack against an agency in LA after the Los Angeles United School District...

Threat Source newsletter (Jan. 5, 2023): Digging out of our inboxes

Happy New Year and welcome to this weeks edition of the Threat Source newsletter. We cant tell if its the fog from Lurenes deadly eggnog or dare we say pure rest and relaxation but were still digging out of our inboxes, trying to remember logins, and circle back on all the things we prolonged int...

FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape

An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct...

Crimeware trends: self-propagation and driver exploitation

Introduction If one sheep leaps over the ditch, the rest will follow. This is an old saying, found in various languages, and it can be applied to ransomware developers. In previous blog posts, we highlighted an increase in the popularity of platform-independent languages and ESXi support, and...

IT threat evolution in Q3 2022. Non-mobile statistics

IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly...

LockBit3.0: A Threat that Persists

LockBit3.0: A Threat that Persists By Alexandre Mundo · November 17, 2022 LockBit is a very well-known family of ransomware that has created havoc worldwide over the last few years. In March 2022, a new variant of the ransomware was discovered. The LockBit3.0 variant presented with a mix of...

LockBit3.0: A Threat that Persists

LockBit3.0: A Threat that Persists By Trellix · November 17, 2022 This blog was written by Alexandre Mundo LockBit is a very well-known family of ransomware that has created havoc worldwide over the last few years. In March 2022, a new variant of the ransomware was discovered. The LockBit3.0...

Elon Musk Introduces Twitter Mayhem Mode

Plus: US midterms survive disinformation efforts, the government names the alleged Lockbit ransomware attacker, and the Powerball drawing hits a security snag...

Russian-Canadian National Charged Over Involvement in LockBit Ransomware Attacks

The U.S. Department of Justice DoJ has announced charges against a dual Russian and Canadian national for his alleged participation in LockBit ransomware attacks across the world. The 33-year-old Ontario resident, Mikhail Vasiliev, has been taken into custody and is awaiting extradition to the...

Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. "Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malicious Word document file, and the other using an executable that...

Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution

IT service management software platform ConnectWise has released Software patches for a critical security vulnerability in Recover and R1Soft Server Backup Manager SBM. The issue, characterized as a "neutralization of Special Elements in Output Used by a Downstream Component," could be abused to...

Raspberry Robin worm used as ransomware prelude

Raspberry Robin aka Worm.RaspberyRobin started out as an annoying, yet relatively low-profile threat that was often installed via USB drive. First spotted in September 2021, it was typically introduced into a network through infected removable drives, often USB devices. Now the worm has been foun...

Ransomware review: September 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. This article is also availab...

A first look at the builder for LockBit 3.0 Black

A few months after the LockBit gang released version 3.0 of its ransomware, LockBit 3.0 Black, the builder for it has been leaked by what seems to be a disgruntled developer. LockBit has been by far the most widely used ransomware in 2022 and the appearance of the builder could make things worse...

InterContinental Hotels' booking systems disrupted by cyberattack

In a statement filed at the London Stock Exchange, InterContinental Hotels Group PLC reports that parts of the company's technology systems have been subject to unauthorized activity. The activity significantly disrupted IHG's booking channels and other applications. The InterContinental Hotels...

Ransomware review: August 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. As expected, LockBit remaine...

Multiple ransomware data leak sites experience DDoS attacks, facing intermittent outages and connectivity issues

By Azim Khodjibaev, Colin Grady, Paul Eubanks. Since Aug. 20, 2022, Cisco Talos has been monitoring suspected distributed denial-of-service DDoS attacks resulting in intermittent downtime and outages affecting several ransomware-as-a-service RaaS data leak sites. While the source and origin of th...

The LockBit Ransomware Gang Is Surprisingly Professional

This article makes LockBit sound like a legitimate organization: The DDoS attack last weekend that put a temporary stop to leaking Entrust data was seen as an opportunity to explore the triple extortion tactic to apply more pressure on victims to pay a ransom. LockBitSupp said that the ransomware...

Ransomware Attacks are on the Rise

After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service RaaS groups. With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they...

LockBit ransomware gang blames victim for DDoS attack on its website

By Deeba Ahmed LockBit Ransomware Gang claims its leak site was hit by a massive DDoS attack allegedly carried out by security company Entrust. This is a post from HackRead.com Read the original post: LockBit ransomware gang blames victim for DDoS attack on its website...