12 matches found
BlackCat’s Resurgence Despite Law Enforcement Disruptions
Summary: Blackcat, a sophisticated Ransomware-as-a-Service operation, infiltrates networks using advanced social engineering and remote access tools, offering triple extortion tactics and cyber remediation advice for ransom payment, and resurged after a December 2023 disruption, causing widesprea...
Advanced BlackCat Ransomware Using Triple Extortion Tactics and Signed Kernel Driver
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The BlackCat ransomware operation is a highly sophisticated and customizable threat targeting corporate environments, featuring advanced encryption, spreading capabilities, and triple extortion tactics. ...
Defeating Triple Extortion Ransomware: The Potent Combo of Ransomware and DDoS Attacks
Protect your organization from triple extortion ransomware – the devastating combination of ransomware and a DDoS attack – with these four steps...
Ransomware review: August 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. As expected, LockBit remaine...
The LockBit Ransomware Gang Is Surprisingly Professional
This article makes LockBit sound like a legitimate organization: The DDoS attack last weekend that put a temporary stop to leaking Entrust data was seen as an opportunity to explore the triple extortion tactic to apply more pressure on victims to pay a ransom. LockBitSupp said that the ransomware...
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns. Called Ransomware for IoT or R4IoT by Forescout, it's a "novel, proof-of-concept ransomware that exploits an IoT...
Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims
An analysis of four months of chat logs spanning more than 40 conversations between the operators of Conti and Hive ransomware and their victims has offered an insight into the groups' inner workings and their negotiation techniques. In one exchange, the Conti Team is said to have significantly...
LockBit, BlackCat, Swissport, Oh My! Ransomware Activity Stays Strong
Law enforcement, C-suite executives and the cybersecurity community at-large have been laser-focused on stopping the expensive and disruptive barrage of ransomware attacks — and it appears to be working, at least to some extent. Nonetheless, recent moves from the LockBit 2.0 and BlackCat gangs,...
IT Giant Accenture Hit by LockBit Ransomware; Hackers Threaten to Leak Data
Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. "These people are beyond privacy and security. I...
Avaddon Ransomware Gang Evaporates Amid Global Crackdowns
Ransomware group Avaddon has decided to shutter its criminal enterprise after landing in the crosshairs of law-enforcement agencies in the U.S. and Australia. Avaddon, a prolific ransomware-as-a-service RaaS provider, released its decryption keys to BleepingComputer — 2,934 in total — with each k...
DarkSide Getting Taken to ‘Hackers’ Court’ For Not Paying Affiliates
Cybercriminals who have worked as affiliates with ransomware group DarkSide, responsible for the Colonial Pipeline attack, are having a tough time getting paid for their work now that the group has had its operations interrupted; so, they’re turning to admins of the group’s Dark Web criminal foru...
Ransomware’s New Swindle: Triple Extortion
Ransomware attacks are exploding at a staggering rate, and so are the ransoms being demanded. Now experts are warning against a new threat — triple extortion — which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial...