56 matches found
BlackCat Ransomware Raises Ante After FBI Disruption
The U.S. Federal Bureau of Investigation FBI disclosed today that it infiltrated the worlds second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gangs darknet website, and released a decryption tool that hundreds of victim...
Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
By Waqas Third-Party Data Breach Suspected in Online Files Linked to Colonial Pipeline. This is a post from HackRead.com Read the original post: Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group...
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat
Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat By Trellix Advanced Research Center · August 28, 2023 Introduction Ransomware, a malicious software that encrypts valuable data and demands a ransom for its release, has a notorious history marked by its evolution fro...
US dangles $10 million reward for information about Cl0p ransomware gang
The US Department of States national security rewards program, Rewards for Justice RFJ, is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...
Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels
Critical infrastructure attacks are a preferred target for cyber criminals. Here's why and what's being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national securit...
High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies
Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The high-severity issue, tracked as CVE-2022-0902 CVSS score: 8.1, is a path-traversal vulnerabili...
Black Hat USA 2022 and DEF CON 30
Black Hat 2022 USA Briefings wrapped up this past week, along with its sister conference DEF CON 30. The DEF CON theme was a "Hacker Homecoming", and it really was a fun one. Coming back from the COVID hiatus, the conferences were enthusiastically full compared to the 2021 ghost town. Many of the...
Ransomware review: July 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In July, LockBit maintained...
Another ransomware payment recovered by the Justice Department
The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. The seized funds amounting to half a million US dollars, include ransoms paid by health care...
Ransomware Group Debuts Searchable Victim Data
Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally...
Ransomware Task Force priorities see progress in first year
This blog is part of our live coverage from RSA Conference 2022: US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force, heeding the group...
A Year on from the Ransomware Task Force Report
If you follow cybersecurity, you’ve likely seen one of the many articles written recently on the one-year anniversary of the Colonial Pipeline ransomware attack, which saw fuel delivery suspended for six days, disrupting air and road travel across the southeastern states of the US. The Colonial...
U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration PHMSA has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the resu...
U.S. Offering $10 Million Reward for Information on Conti Ransomware Hackers
The U.S. State Department has announced rewards of up to $10 million for any information leading to the identification of key individuals who are part of the infamous Conti cybercrime gang. Additionally, it's offering another $5 million for intelligence information that could help arrest or convi...
At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates
The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service FSB said the actions were taken in response to a...
Who is the Network Access Broker ‘Wazawaka?’
In a great many ransomware attacks, the criminals who pillage the victims network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman know...
The three most significant cyberattacks of 2021
People that predict tomorrow’s weather by looking at today’s are often right. Cloudy today? Itll probably be cloudy tomorrow. The same is often true for cybersecurity threats. Looking back at 2021 it looks a lot like 2020: A lot of ransomware attacks. So, when I was asked to write about the three...
U.S. Offers $10 Million Reward for Information on DarkSide Ransomware Group
The U.S. government on Thursday announced a $10 million reward for information that may lead to the identification or location of key individuals who hold leadership positions in the DarkSide ransomware group or any of its rebrands. On top of that, the State Department is offering bounties of up ...
Ransomware in the CIS
Introduction These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. In 2020–2021, with the outbreak of the pandemic and the emergence of several major cybercriminal groups Maze, REvil, Conti, DarkSide, Avaddon, an entire criminal ecosystem took...
Financial Cybercrime: Following Cryptocurrency via Public Ledgers
This is Part II of a two-part series on how cybercrooks embrace and use cryptocurrency. To read Part I, please click here. While Bitcoin transactions are anonymous, it’s possible to follow the money through public ledgers to see what those transactions actually are and how they flow. This allows ...