17 matches found
Canada Fines Cybercrime Friendly Cryptomus $176M
Financial regulators in Canada this week levied $176 million in fines against Cryptomus , a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months...
Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year
Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars...
A week in security (August 19 – August 25)
Last week on Malwarebytes Labs: Millennials’ sense of privacy uniquely tested in romantic relationships Hacked GPS tracker reveals location data of customers "We will hold them accountable": General Motors sued for selling customer driving data to third parties Why you need to know about ransomwa...
U.S. Charges Russian Man as Boss of LockBit Ransomware Group
The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attac...
New US Law to Require Cyber Incident Reports
The US Congress is poised to pass the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Once signed by the President, it will become law. The law will require critical infrastructure owners and operators to report cyber incidents and ransomware payments. The legislation was...
U.S. Senate Passes Cybersecurity Bill to Strengthen Critical Infrastructure Security
The U.S. Senate unanimously passed the "Strengthening American Cybersecurity Act" on Tuesday in an attempt to bolster the cybersecurity of critical infrastructure owners in the country. The new bipartisan legislation, among other things, stipulates entities that experience a cyber incident to...
Congress Mulls Banning Big Ransomware Payouts
A U.S. lawmaker has introduced a bill – the Ransomware and Financial Stability Act H.R.5936 PDF – that would make it illegal for financial firms to pay ransoms over $100,000 without first getting the government’s permission. The legislation was introduced on Wednesday by the top Republican on the...
U.S. Charges Ukrainian Hacker for Kaseya Attack; Seizes $6 Million from REvil Gang
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack dow...
Ransom Disclosure Act would mandate ransomware payment reporting
In an effort to better understand and clamp down on the ransomware economy and its related use of cryptocurrencies, US Senator and past presidential hopeful Elizabeth Warren and US House Representative Deborah Ross introduced a new bill last week that would require companies and organizations to...
This Week in Security News June 11, 2021
The post-pandemic security landscape and the banning of ransomware payments could create new crisis situations...
[Security Nation] Jeff Man on Mapping the MITRE ATT&CK Framework Against PCI
!\Security Nation\ Jeff Man on Mapping the MITRE ATT&CK Framework Against PCIhttps://blog.rapid7.com/content/images/2021/05/securitynationlogo-1.jpg In this episode of Security Nation, we are joined by Jeff Man, who discusses his work mapping the MITRE ATT&CK Framework against PCI. Stick around f...
Ransomware Payments and Sanctions - U.S. Treasury Advisory
On Oct. 1, the United States Treasury Department Office of Foreign Assets Control OFAC issued an advisory concerning ransomware payments and sanctions regulations. The advisory warned that paying ransoms to sanctioned persons and entities risks violating the law. It also notes that OFAC may impos...
Researchers Mixed on Sanctions for Ransomware Negotiators
Ransomware negotiators may have to pay up in new ways if they intercede with cybercriminals on companies’ behalf. Several researchers weighed in on the wisdom of the move, with mixed reactions. The U.S. Department of the Treasury said Thursday that companies that facilitate ransomware payments to...
Department of Treasury Releases Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments
The U.S. Department of the Treasury’s Office of Foreign Assets Control OFAC has released an Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments. Financial institutions, cyber insurance firms, and companies that facilitate payments on behalf of victims may be violating OFAC...
A week in security (January 20 – 26)
Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes...
Romanian Duo Receives Jailtime For Infecting 400,000 With Malware
A Romanian duo has been sentenced to jailtime for infecting 400,000 computers with malware that stole credentials and financial information, and scammed victims out of millions of dollars. The two Romanian hackers, Bogdan Nicolescu, 37, and Radu Miclaus, 37, were sentenced to 20 years and 18 year...
Locky Gets Updated to ‘Ykcol’, Part of Rapid-Fire Spam Campaigns
Cybercriminals behind the Locky ransomware have revamped the malware’s code three times in 30-day period and blasted out massive spam campaigns. According to researchers at Trustwave, the latest variant of Locky ransomware is called Ykcol that’s Locky spelled backwards and was part of a Sept. 19...