On June 24, 2022, the New York State Department of Financial Services announced it had entered into a $5 million settlement with Carnival Corp., the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. Continue Reading
Tag: ransomware
Uncategorized
AMD held to ransom by gang that claims 450GB of data has been stolen
by Graham Cluley •
Semiconductor giant AMD says that it is investigating what claims to be a major data breach of its network, that saw a group of online criminals steal 450GB of data from its systems.
Read more in my article on the Hot for Security blog.
Security Vendor News
[New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network
by Stu Sjouwerman •
As of May 2022, MedusaLocker has been observed predominantly exploiting vulnerable Remote Desktop Protocol (RDP) configurations to access victims’ networks, according to a new joint Cybersecurity Advisory (CSA) from the Federal Bureau of Inves…
Uncategorized
Black Basta ransomware – what you need to know
by Graham Cluley •
Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations.
Read more in my article on the Tripwire State of Security blog.
Security Bloggers, Security Vendor News
Black Basta ransomware – what you need to know
by Graham Cluley •
What is Black Basta? Black Basta is a relatively new family of ransomware, first discovered in April 2022. Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations – fir…
Security Vendor News
How to Find Extra Cybersecurity Budget
by Nik Hewitt •
Risk is up and budgets are down Organizational cybersecurity is a business issue, one could even say a finance issue, not just an IT issue. Gone are the days when cybersecurity was a luxury investment. Worldwide attacks are growing daily in frequency and complexity, regardless of the business size, and strong, preventative cybersecurity is now […]
The post How to Find Extra Cybersecurity Budget appeared first on Blog.
Uncategorized
Smashing Security podcast #281: Debug ransomware and win $1,000,000, period-tracking apps, and AI gets emotional
by Graham Cluley •
A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft’s facial recognition tech no longer wants to know how you’re feeling.
All this and …
Security Vendor News
Bad News to Ransom Payers: 80% of You Will Face a Second Attack Within 30 Days
by Stu Sjouwerman •
New insight into what happens during and after a ransomware attack paints a rather dismal picture of what to expect from attackers, your executives, and your operations.
Malware Indicators (IoCs), Vulnerabilities
LockBit 3.0 Ransomware Launches ‘Bug Bounty Program’
by Abeerah Hashim •
While businesses have yet to recognize the importance of running bug bounty programs fully, cybercriminals…
LockBit 3.0 Ransomware Launches ‘Bug Bounty Program’ on Latest Hacking News.
Europe, Global Security News, North America
Detection, Isolation, and Negotiation: Improving Your Ransomware Preparedness and Response
by Flashpoint Team •
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so.
The post Detection, Isolation, and Negotiation: Improving Your Ransomware Preparedness and Response appea…
Uncategorized
Carnival Cruises bruised by $6.25 million fine after series of cyberattacks
by Graham Cluley •
Carnival Cruises, the world’s largest travel leisure firm which operates over 100 ships for millions of vacationing customers, has been fined a total of $6.25 million following a series of security mishaps.
Read more in my article on the Hot for Sec…
Global IT News
Black Basta ransomware gang claims to have already hit 50 organizations
by Howard Solomon •
Report calls new gang “one of the most prominent” ransomware thr
Europe, Global Security News, North America
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
by Joseph Edwards •
ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.
Executive Summary
ReversingLabs recently discovered of a new version of the AstraLocker ransomware…
Exploits, Global Security News
Black Basta Ransomware Emerging From Underground to Attack Corporate Networks
by GURUBARAN S •
Two months have passed since the Black Basta Ransomware first surfaced. Nearly 50 victims have already been reported from the following countries:- The U.S. Canada The U.K. Australia New Zealand This ransomware is a ransomware-as-a-service, which means…
Security Bloggers, Security Vendor News
What are the Legal Implications from a Ransomware Attack?
by Anthony M. Freed •
Picture the scene: you are the chief counsel at a large, multinational corporation, and as you attempt to log on to your system on Monday morning, you notice that your email box isn’t updating, and you can’t log on to your computer using the c…
Global Security News, North America
Detection, isolation, and negotiation: Improving your ransomware preparedness and response
by Help Net Security •
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so. Ransomware attacks have proliferated in the last decade. The numbers are staggering if not overwhelming, …
Security Bloggers, Security Vendor News
Are Protection Payments the Future of Ransomware? How Businesses Can Protect Themselves
by Tripwire Guest Authors •
Ransomware has matured significantly over the previous decade or so. Initially thought to be a relatively basic virus that could be contained on a floppy disk, it can now damage global business infrastructures, stop healthcare systems dead in their tra…
Security Bloggers, Security Vendor News
Webinar July 14th 2022: Ransomware Labs
by Cybereason Team •
Learn how ransomware behaves so you can better defend against it. Ransomware operations have transformed dramatically over the last few years from a small cottage industry conducting largely nuisance attacks to a highly complex business model …
Exploits, Global Security News
Hackers Delivered a Lockbit Ransomware Through Fake Copyright Claim E-mail
by BALAJI N •
One of the interesting tricks used by LockBit affiliates is disguising their malware as copyright claims in order to trick users into infecting their devices with ransomware. There is a copyright violation notice sent through email to these users, appa…
Global IT News
This week in Ransomware – Friday June 24th, 2022
by Jim Love •
The real target isn’t always obvious A recent report from Telus noted that “Cyberattacks are on the rise in Canada, with 98 per cent of Canadian organizations reporting a cyberattack in the last 12 months. Attacks are frequent, with 25 per cent of organizations experiencing at least one attack per day and most organizations experiencing
Security Bloggers, Security Vendor News
Cybereason vs. Black Basta Ransomware
by Cybereason Nocturnus •
The Black Basta ransomware is a new strain of ransomware discovered in April of 2022. Although active for just two months, the group already rose to prominence claiming attribution of nearly 50 victims as of the publication of this report.&nbs…
Global Security News, North America
Conti effectively created an extortion-oriented IT company, says Group-IB
by Help Net Security •
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in its latest report detailing the workings of one of the most prolific ransomwar…
Global Security News, North America
Automotive hose manufacturer hit by ransomware, shuts down production control system
by Zeljka Zorz •
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down of the subsidiary’s network and production control system. What happen…
Eurasia
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
by Nikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov •
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.
Europe, Global Security News, North America
The Million-Dollar Question: To Pay or Not to Pay Ransom?
by Aamir Lakhani •
Ransomware is one of the most serious threats to businesses today. In fact, a recent survey found that 85% of enterprises are more concerned about the prospect of ransomware attacks than any other kind of attack. The decision of whether or not to pay …
Europe, Global Security News, North America
Machine Learning Tackles Ransomware Attacks
by Sue Poremba •
There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take some time to prepa…
North America
The C-Suite Is Optimistic About Ransomware. Are They Right?
by Jonathan Reed •
The majority of C-suite executives are confident in their organization’s protection against ransomware attacks. At least, that’s what a recent research report from ISC2 shows. In fact, just 15% express a lack of confidence. Does this confidence take into account the nearly 53% rise in double extortion ransomware attacks between January and February? Are the […]
The post The C-Suite Is Optimistic About Ransomware. Are They Right? appeared first on Security Intelligence.
Global Security News, North America
After being breached once, many companies are likely to be hit again
by Help Net Security •
Cymulate announced the results of a survey, revealing that two-thirds of companies who have been hit by cybercrime in the past year have been hit more than once, with almost 10% experiencing 10 or so more attacks a year. Research taken from 858 securit…
Security Vendor News
Less Than 40% of Asia-Pacific Organizations Are Confident to Stop Cyber Threats as 83% Experience At Least One Ransomware Attack a Year
by Stu Sjouwerman •
With exactly half of cybersecurity incidents caused by organizations having an outdated security posture, the ability to stop breaches involves some re-investment in measures that really work.
Global Security News, North America
QNAP NAS devices hit by DeadBolt and ech0raix ransomware
by Zeljka Zorz •
Taiwan-based QNAP Systems is warning consumers and organizations using their network-attached storage (NAS) appliances of a new DeadBolt ransomware campaign. There also appears to be a new ech0raix/QNAPCrypt campaign in progress, according to various s…
Europe, Global Security News, North America
BlackCat Ransomware That Breached Over 60 Organizations
by Naimisha •
The BlackCat ransomware that caused headaches for over 60 organizations worldwide is now decryptable, thanks to the effort of security researchers. Yes, you read that correctly. The ransomware, first spotted in the wild in October 2019, can now be decr…
Global IT News
This week in ransomware – Friday, June 17, 2022
by Jim Love •
Ransomware on the rise again, doing even more damage. Palo Alto Networks’ Unit 42 released their report on ransomware this week. Among the findings, the group noted that they had seen a 144 per cent increase in ransom demands. The report also noted three prominent “areas of attack” contributing to the growth of ransomware as
Europe, Global Security News, North America, Vulnerabilities
The Analyst Prompt #11: Exploitation of Atlassian and Microsoft’s Major Vulnerability
by EclecticIQ Threat Research Team •
Exploit Tools and Targets: Threat Actors Continue to Leverage the Follina Exploit
Multiple threat actors are leveraging the Microsoft Office vulnerability CVE-2022-30190 dubbed “Follina”, with first samples identified in public repositories on April 1…
Uncategorized
QNAP warns of new DeadBolt ransomware attack locking up NAS devices
by Graham Cluley •
Owners of NAS drives manufactured by QNAP have been advised that the company is “thoroughly investigating” reports that a new variant of the DeadBolt ransomware is targeting devices, locking up data and demanding victims pay a fee to extortionists.
…
Global Security News, North America
Which stolen data are ransomware gangs most likely to disclose?
by Zeljka Zorz •
If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more likely to end up being disclosed as you debate internally on whether you should…
Exploits, Global Security News
Beware!! BlackCat Ransomware Gang Attack Unpatched Microsoft Exchange Servers
by BALAJI N •
In a recent Microsoft advisory, the company warned that the operators of BlackCat ransomware (aka ALPHV) is using exploits to gain access to target networks by exploiting unpatched Exchange server vulnerabilities. Threat actors can exploit the compromi…
Global Security News, North America
72% of middle market companies expect to experience a cyberattack
by Help Net Security •
Middle market companies face an increasingly volatile cybersecurity environment, with threats coming from more directions than ever before and more skilled criminals targeting the segment, according to an RSM US and U.S. Chamber of Commerce report. How…
Europe, Global Security News, North America
How Risk Management Increases MSSP Value to Customers
by Cyber Insights Team •
How Risk Management Increases MSSP Value to Customers
Small and mid-sized businesses (SMBs) face a gamut of risks for daily operations, and unfortunately, many just don’t have the skilled staff, time, or resources to identify, mitigate, and mana…
Security Bloggers, Security Vendor News
How AI-Driven XDR Defeats Ransomware
by Anthony M. Freed •
In June 2021, we detailed the ways that ransomware can end up costing organizations in our report, Ransomware: The True Cost to Business. The report revealed that two-thirds of ransomware victims report significant revenue loss following an at…
Global Security News, North America
Ransomware gang publishes stolen victim data on the public Internet
by Zeljka Zorz •
The Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with sensitive data about the employees and customers stolen from a victim organization. A…