LockBit ransomware attacks are constantly evolving by making use of a wide range of techniques to infect targets while also taking steps to disable endpoint security solutions. "The affiliates that use LockBit's services conduct their attacks according to their preference and use different tools and techniques to achieve their goal," Cybereason security analysts Loïc Castel and … [Read more...] about Researchers Detail Techniques LockBit Ransomware Using to Infect its Targets
ransomware
North Korean Maui Ransomware Actively Targeting U.S. Healthcare Organizations
In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. "North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including … [Read more...] about North Korean Maui Ransomware Actively Targeting U.S. Healthcare Organizations
Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, … [Read more...] about Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware
Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
A suspected ransomware intrusion against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a … [Read more...] about Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
Do You Have Ransomware Insurance? Look at the Fine Print
Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that's where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance. In this article, we'll outline why, particularly … [Read more...] about Do You Have Ransomware Insurance? Look at the Fine Print
Conti Ransomware Operation Shut Down After Splitting into Smaller Groups
Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down their infrastructure in favor of migrating their criminal activities to other ancillary operations, including Karakurt and BlackByte. "From the negotiations site, chatrooms, messengers to servers and proxy hosts - the Conti brand, not the … [Read more...] about Conti Ransomware Operation Shut Down After Splitting into Smaller Groups
Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks
A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion … [Read more...] about Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks
S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]
![Emotet, an FBI hoax, Samba bugs, and a hijackable suitcase [Podcast] – Naked Security](http://www.ihash.eu/wp-content/uploads/2021/11/Emotet-an-FBI-hoax-Samba-bugs-and-a-hijackable-suitcase.png)
Latest episode - listen now! Source link … [Read more...] about S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]
Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak
The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is one of the most prevalent malware strains in the ransomware landscape, accounting for 19% of all attacks during the … [Read more...] about Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak
Researchers Share In-Depth Analysis of PYSA Ransomware Group
An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows. This included a user-friendly tool like a full-text search engine to facilitate the extraction of metadata and enable the … [Read more...] about Researchers Share In-Depth Analysis of PYSA Ransomware Group