Lucene search
+L

218 matches found

The Hacker News
The Hacker News
added 2023/04/17 1:50 p.m.25 views

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-o...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/17 1:50 p.m.4 views

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino , is primarily designed to facilitate follow-...

6.7AI score
Exploits0
Trellix
Trellix
added 2023/04/03 12:0 a.m.29 views

A Royal Analysis of Royal Ransom

A Royal Analysis of Royal Ransom By Alexandre Mundo, and Max Kersten · April 3, 2023 We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group which used multiple strains of ransomware...

7.4AI score
Exploits0
Trellix
Trellix
added 2023/04/03 12:0 a.m.13 views

A Royal Analysis of Royal Ransom

A Royal Analysis of Royal Ransom By Trellix · April 3, 2023 This blog was also written by Alexandre Mundo and Max Kersten We would like to thank Advanced Cyber Services team within Trellix Professional Services for the incident response-related data. Emerging in early 2022 as a private group whic...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/14 11:52 a.m.42 views

The Prolificacy of LockBit Ransomware

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022. LockBit ransomware was first discovered in Septembe...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/03 6:42 a.m.2 views

U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released a new advisory about Royal ransomware, which emerged in the threat landscape last year. "After gaining access to victims' networks, Royal actors disable antivirus software and exfiltrate large amounts of data before...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/15 1:0 a.m.32 views

TrickBot gang members sanctioned after pandemic ransomware attacks

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot alias "TrickLoader", a mainstream banking Trojan turned malware-as-a-service MaaS platform for other criminal...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/10 9:34 a.m.44 views

U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks

In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev aka Alex Konor, Bentley,...

1.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/10 9:34 a.m.3 views

U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks

In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev aka Alex Konor, Bentley,...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/02/09 8:41 p.m.17 views

Russia’s Ransomware Gangs Are Being Named and Shamed

Members of the Trickbot and Conti cybercrime gangs have been sanctioned in an unprecedented wave of action against the country’s hackers...

3.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/08 4:30 p.m.63 views

Ransomware review: February 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacke...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/08 9:39 a.m.34 views

Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware

A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2023/01/26 9:0 a.m.22 views

Quarterly Report: Incident Response Trends in Q4 2022

Syncro, a remote management and monitoring tool, emerges as an increasingly common tool for adversaries. By Caitlin Huey. Ransomware continued to be a top threat Cisco Talos Incident Response Talos IR responded to this quarter, with appearances from both previously seen and newly observed...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/12 2:46 p.m.4 views

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...

7AI score
Exploits0
hivepro
hivepro
added 2022/12/30 8:21 a.m.25 views

New Ransomware Variants Created Using Leaked Conti Source Code

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The leaked source code of the Conti ransomware has been used to create new strains of the ransomware. These new strains include Putin Team, ScareCrow, BlueSky, and Meow ransomware are being distributed...

2.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/23 10:5 a.m.25 views

Vice Society Ransomware Attackers Adopt Robust Encryption Methods

The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. "This ransomware variant, dubbed 'PolyVice,' implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms," SentinelOne...

0.7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/12/01 2:0 p.m.19 views

A Closer Look at Ransomware Attack Trends in APJ

Read about the surge of ransomware as a service RaaS cyberattack trends in APJ, and the infamous and prolific Conti group’s role in them...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2022/11/25 12:0 a.m.325 views

Win32.Ransom.Conti MVID-2022-0662 Cryptography Logic Flaw

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/99e55ce93392068c970384ab24a0e13d.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Win32.Ransom.Conti Vulnerability: Crypto Logic Fla...

Exploits0
Trellix
Trellix
added 2022/11/22 12:0 a.m.25 views

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti By Jambul Tologonov· November 22, 2022 Introduction On October 31, 2022, Yanluowang’s TOR site was hacked displaying a message “check and mate!! Yanluowang Matrix chat hacked @yanluowangleaks Time’s...

1.1AI score
Exploits0
Trellix
Trellix
added 2022/11/22 12:0 a.m.24 views

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti

Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti By Jambul Tologonov· November 22, 2022 Introduction On October 31, 2022, Yanluowang’s TOR site was hacked displaying a message “check and mate!! Yanluowang Matrix chat hacked @yanluowangleaks Time’s...

6.2AI score
Exploits0
Rows per page
Query Builder