Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently most recommended. No one can argue that 2020 was the year of ransomware … [Read more...] about Сryptocurrency and Ransomware — The Ultimate Friendship
ransomware
Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4
The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released … [Read more...] about Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4
Defend your organization from ransomware attacks with Cisco Secure Endpoint
Ransomware is one of the most dangerous threats organizations face today, so it’s no wonder that Cisco Talos Incident Response named it the top threat of the year in 2021. These attacks continue to grow and become more advanced, with ransomware attacks growing by 13% over 2021 and a whopping 79% over 2020 so far this year (see Figure 1 below).1 Stopping ransomware attacks … [Read more...] about Defend your organization from ransomware attacks with Cisco Secure Endpoint
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting on the network perimeter," researchers from cybersecurity firm Arctic Wolf said in … [Read more...] about Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro. The ransomware infection, which was triggered in the last week of July 2022, banked on the fact that the driver in question ("mhyprot2.sys") is signed with a … [Read more...] about Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim
A new ransomware strain written in Golang dubbed "Agenda" has been spotted in the wild, targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. "Agenda can reboot systems in safe mode, attempts to stop many server-specific processes and services, and has multiple modes to run," Trend Micro researchers said in an analysis last … [Read more...] about New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim
Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in June 2022, launching a brand new leak site and what's the very first ransomware … [Read more...] about Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
Luna and Black Basta cross-platform ransomware
Ransomware groups are of late increasingly targeting not only Windows computers, but Linux devices and ESXi virtual machines. We’ve already spotlighted the BlackCat gang, which distributes malware written in the cross-platform language Rust and is capable of encrypting such systems. Our experts analyzed two more malware families that recently appeared on the dark web with … [Read more...] about Luna and Black Basta cross-platform ransomware
New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News
Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language. Luna, as it's called, is "fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption. "Both the Linux and … [Read more...] about New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News
Ransomware attacks can and will shut you down
No, ransomware attacks are not random. From extortion to data breaches, ransomware is always evolving, and is becoming very lucrative with ransomware-as-a-service kit making it easier to target organizations. The days of just a single bad actor searching for vulnerabilities in your security stack are over. Security Operations Centers (SOCs) and the security analyst community … [Read more...] about Ransomware attacks can and will shut you down