73 matches found
FBI Warns Conti Ransomware Hit 16 U.S. Health and Emergency Services
The adversary behind Conti ransomware targeted no fewer than 16 healthcare and first responder networks in the U.S. within the past year, totally victimizing over 400 organizations worldwide, 290 of which are situated in the country. That's according to a new flash alert issued by the U.S. Federa...
Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations
The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department MPD after negotiations with the DC Police broke down, warning that they intend to publish all data if their ransom demands are not met. "The negotiations reached a dead...
Ransomware Demands Spike 320%, Payments Rise
When it comes to paying the ransom in a ransomware attack, demands are on the rise. Yet, many companies that paid the ransom failed to receive a decryption key, in a survey issued Monday. In fact, pandemic-themed phishing scams, a sustained onslaught of ransomware attacks and the rise of a remote...
Government Demands for Amazon User Data Exploded in 2020
Plus: Smartmatic lawsuits, a fake WhatsApp, and more of the week’s top security news...
Why Paying to Delete Stolen Data is Bonkers
Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion...
DDoS attacks in Q3 2020
News overview Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to master techniques and develop malware already familiar to us from the last reporting period. For example, another DDoS botnet joined in the assault on Docker...
What's Next for Edge Delivery
Access to media through the internet is a huge part of how so many in the world are entertained, informed, and even educated nowadays. And 2020 has shined an even greater light on that fact as many around the world have needed to adjust to life during a pandemic. At Akamai, we saw traffic deliver...
Google Responds to Warrants for “About” Searches
One of the things we learned from the Snowden documents is that the NSA conducts "about" searches. That is, searches based on activities and not identifiers. A normal search would be on a name, or IP address, or phone number. An about search would something like "show me anyone that has used this...
British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies
A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous...
Ransom Demands Return: New DDoS Extortion Threats From Old Actors Targeting Finance and Retail
Update 08/24/2020 As mentioned below, the Akamai SIRT has been tracking attacks from the so-called Armada Collective and Fancy Bear actors, who are sending ransom letters to various industry verticals such as finance, travel, and e-commerce. In addition to the...
RagnarLocker Ransomware Threatens to Release Confidential Information | McAfee Blogs
ARCHIVED STORY RagnarLocker Ransomware Threatens to Release Confidential Information Alexandre Mundo · JUN 09, 2020 EXECUTIVE SUMMARY The RagnarLocker ransomware first appeared in the wild at the end of December 2019 as part of a campaign against compromised networks targeted by its operators. Th...
Threat spotlight: RobbinHood ransomware takes the driver’s seat
Despite their name, the RobbinHood cybercriminal gang is not stealing from the rich to give to the poor. Instead, these ransomware developers are more like big game hunters—attacking enterprise organizations and critical infrastructure and keeping all the spoils for themselves. In 2019, the...
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits / EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation. EDB Note: poc-exploit.c / / poc-exploit.c for CVE-2018-14634 Copyright C 2018 Qualys, Inc. This program is fre...
Ryuk Ransomware Emerges in Highly Targeted, Highly Lucrative Campaign
A targeted new ransomware has burst on the scene, attacking well-chosen, targeted organizations worldwide with a highly sophisticated operation that may be linked to a well-known APT actor. Over the past two weeks, the Ryuk ransomware has encrypted hundreds of PCs, storage and data centers in eac...
Russia asks Apple to remove Telegram Messenger from the App Store
Russia's communications regulator Roskomnadzor has threatened Apple to face the consequences if the company does not remove secure messaging app Telegram from its App Store. Back in April, the Russian government banned Telegram in the country for the company's refusal to hand over private...
Variant of SynAck Malware Adopts Doppelgänging Technique
Researchers have identified a new variant of the SynAck ransomware that is now using the newly identified Process Doppelgänging to slip past antivirus programs. Researchers said this is the first ransomware seen in the wild to employ the approach. Both SynAck ransomware and Process Doppelgänging...
Threat Predictions for Cryptocurrencies in 2018
The landscape in 2017 Today, cryptocurrency is no longer only for computer geeks and IT pros. It's starting to affect people's daily life more than they realize. At the same time, it is fast becoming an attractive target for cybercriminals. Some cyberthreats have been inherited from e-payments,...
FBI Asks Businesses to Share Details About DDoS Attacks
The FBI has made an appeal to organizations victimized by DDoS attacks to share details and characteristics of those incidents, echoing a similar plea made last year in the throes of a relentless wave of ransomware attacks. The bureau said victims should contact local field offices regardless of...
Svpeng Behind a Spike in Mobile Ransomware
The sting of mobile ransomware grew more painful in 2017 with attacks increasing a whopping 3.5 times in the first quarter compared to the same time a year ago. Behind those attacks were a quarter million Trojan installation packages targeting Android devices that sought to extort between $100 to...
FIN10: Anatomy of a Cyber Extortion Operation
FireEye has identified a set of financially motivated intrusion operations being carried out by a threat actor we have dubbed FIN10. FIN10 is known for compromising networks, stealing sensitive data, and directly engaging victim executives and board members in an attempt to extort them into payin...