HackDig : Dig high-quality web security articles

Ransomware review: July 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In July, LockBit maintained the place it has occupied all year as the most active ransom
Publish At:2022-08-04 20:01 | Read:306 | Comments:0 | Tags:Threat Intelligence 0mega BianLian BlackBasta Cheers conti h

Ransomware rolled through business defenses in Q2 2022

Ransomware has given security professionals a headache for the better part of a decade. Fast forward to 2022, and the headache has become a migraine—not just for IT teams but business owners, employees, and customers as well. Over the last three months, ransomware gangs have increased the pressure by multiplying in number and unleashing targeted attacks on v
Publish At:2022-07-13 20:00 | Read:421 | Comments:0 | Tags:Business black basta conti government lockbit ransomware

North Korean APT targets US healthcare sector with Maui ransomware

State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health (HPH) sector for the past year using the Maui ransomware, according to a joint cybersecurity advisory (CSA) from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury. CISA Director Jen Easterly also announced t
Publish At:2022-07-10 20:00 | Read:345 | Comments:0 | Tags:Ransomware APT cisa conti Cybersecurity and Infrastructure S

Ransomware review: June 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In June, LockBit was the most active ransomware, just as it has been all year. The month
Publish At:2022-07-01 20:00 | Read:854 | Comments:0 | Tags:Threat Intelligence ALPHV conti Karakurt lockbit ransomware

A week in security (June 20 – June 26)

Last week on Malwarebytes Labs: LinkedIn scams are a “significant threat”, warns FBIDDoS-for-hire service provider jailedInternet Safety Month: 7 tips for staying safe online while on vacationClient-side Magecart attacks still around, but more covertSecurity vulnerabilities: 5 times that organizations got hackedYou can be tracked online using
Publish At:2022-06-27 07:53 | Read:338 | Comments:0 | Tags:A week in security 311 7-zip APT28 catfishing chrome conti C

Conti ransomware group’s pulse stops, but did it fake its own death?

The dark web leak site used by the notorious Conti ransomware gang has disappeared, along with the chat function it used to negotiate ransoms with victims. For as long as this infrastructure is down the group is unable to operate and a significent threat is removed from the pantheon of ransomware threats. The Conti leak site is down (June 22, 2022) Ran
Publish At:2022-06-23 16:01 | Read:719 | Comments:0 | Tags:Ransomware conti Conti ransomware ransomware

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is go
Publish At:2022-05-31 20:37 | Read:1219 | Comments:0 | Tags:A Little Sunshine Data Breaches Ne'er-Do-Well News Ransomwar

A week in security (May 9 – 15)

Last week on Malwarebytes Labs: How to spot the signs of a virtual kidnap scamVirtual credit cards coming to Chrome: What you need to knowClearview AI banned from selling facial recognition data in the USCyberattacks on SATCOM networks attributed to Russian threat actorsF5 BIG-IP vulnerability is now being used to disable serversCollege closes down after
Publish At:2022-05-16 09:01 | Read:684 | Comments:0 | Tags:A week in security APT34 canon chrome Clearview AI conti F5

Costa Rica continues defence against sustained Conti ransomware attacks

It’s not been plain sailing recently for Conti ransomware, the Ransomware as a Service (RaaS) group with several major attacks under its belt. In August last year, a pen tester leaked valuable manuals and documents related to the operation. These leaks continued as the Conti gang expressed support for the Russian Government in the midst of their invasi
Publish At:2022-05-09 12:52 | Read:609 | Comments:0 | Tags:Ransomware conti costa rica data fbi losses ransomware treas

Adventures in the land of BumbleBee

Authored by: Nikolaos Totosis, Nikolaos Pantazopoulos and Mike Stokkel Executive summary BUMBLEBEE is a new malicious loader that is being used by several threat actors and has been observed to download different malicious samples. The key points are: BUMBLEBEE is statically linked with the open-source libraries OpenSSL 1.1.0f, Boost (version 1.68).
Publish At:2022-04-29 08:54 | Read:1390 | Comments:0 | Tags:Uncategorized bumblebee cobalt strike conti meterpreter

FBI warns food and agriculture to brace for seasonal ransomware attacks

The Federal Bureau of Investigation (FBI) recently released a Private Industry Notification warning agriculture cooperatives (also known as “farmers’ co-ops”) of the looming danger of well-timed ransomware attacks. The agency warns that during the critical planting and harvesting seasons, attacks could result in the theft of proprietary inf
Publish At:2022-04-28 16:44 | Read:1824 | Comments:0 | Tags:Ransomware Vital infrastructure blackbyte BlackMatter conti

Conti’s Ransomware Toll on the Healthcare Industry

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare faci
Publish At:2022-04-18 20:34 | Read:1255 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Ransomware Conti Emotet

Conti ransomware offshoot targets Russian organizations

p>Thanks to the Threat Intelligence team for their help with this article. Conti, the infamous ransomware created by a group of Russian and Eastern European cybercriminals, has again made headlines after a hacking group used its leaked source code to create another variant of the ransomware and target Russian businesses. The hacking group cal
Publish At:2022-04-12 08:52 | Read:1823 | Comments:0 | Tags:Ransomware conti Conti ransomware nb65 Network Battalion 65

A week in security (February 28 – March 6)

Last week on Malwarebytes Labs: Beware of malware offering “Warm greetings from Saudi Aramco”Update now! Cisco fixes several vulnerabilitiesHermeticWiper: A detailed analysis of the destructive malware that targeted UkraineTips to protect your data, security, and privacy from a hands-on expertNvidia, the ransomware breach with some plot twistsDon’t fall f
Publish At:2022-03-07 08:51 | Read:2364 | Comments:0 | Tags:A week in security Chrome 99 Cisco conti Crisis Text Line de

Conti Ransomware Group Diaries, Part III: Weaponry

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermin
Publish At:2022-03-04 20:33 | Read:873 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Ransomware alarm Bentle

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud