Key Findings In Q2 2021, 73% of ransomware detections in Q2 2021 were related to the REvil/Sodinokibi family DarkSide Q2 ransomware attacks extended beyond Oil, Gas and Chemical sector to Legal Services, Wholesale and Manufacturing Government was the sector most targeted by ransomware Financial Services targeted most among reported cloud incidents SAN JOSE, Calif.–(BUSINESS WIRE)–McAfee […]
Cyber experts believe cyber criminal gang, DarkSide has rebranded causing what some call a giant "game of whack-a-mole."
Cyber experts believe cyber criminal gang, DarkSide has rebranded causing what some call a giant “game of whack-a-mole.”
DarkSide, the group behind the Colonial Pipeline ransomware attack. has reportedly quit after its funding and servers were seized.
The group behind the ransomware attack of Colonial Pipeline that led to huge spikes in fuel prices across the country has reportedly quit after its servers and cryptocurrency was seized. Cybersecurity researcher Brian Krebs wrote last Friday that Darkside, the gang behind the ransomware of the same name, announced on a cybercrime forum that it […]
Microsoft is warning of ZLoader attacks— here's how to spot it and defend against the disabling security and antivirus trojan.
Microsoft 365 Defender Threat Intelligence Team has released details and a warning about the ZLoader Trojan. The ZLoader trojan, known for its ability to evolve and change from campaign-to-campaign, is said to be derived from the Zeus banking trojan first discovered in 2007. Microsoft says ZLoader is an attacker’s tool of choice— it has defense […]
VMware Threat Analysis Unit (TAU) details how cybercriminals are targeting Linux-based systems with ransomware and cryptojacking attacks.
With 90% of multi-cloud environments running on Linux-based systems and current malware countermeasures mostly focused on addressing Windows-based threats, attackers have found a golden opportunity to strike as cybercriminals are increasingly targeting Linux-based operating systems, according to latest research from VMware. The company’s new report, “Exposing Malware in Linux-based Multi-Cloud Environments,” shows ransomware is evolving […]
VMware report finds more than half of Cobalt Strike users are using the tool illicitly PALO ALTO, Calif.–(BUSINESS WIRE)–As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving […]
Cybersecurity firm Tenable rounds up the top vulnerabilities in 2021, noting increases in ransomware attacks, data breaches, zero-days and more.
Tenable’s 2021 Threat landscape retrospective report looks back at year unlike any other. Dozens of groups, like REvil, Conti, DarkSide and more, dominated the headlines and continued to wreak havoc across a wide range of industries. Tenable’s research team noted a surge in ransomware attacks, data breaches, zero-days and much more in 2021. Top vulnerabilities […]
Trellix Sees Advanced Persistent Threat Actors and Ransomware Groups Focus on Financial Services in Third Quarter of 2021
Key Findings In Q3 2021, the financial sector was the most targeted seeing 22% of ransomware and 37% of APT detections Publicly reported cyber incidents in the financial sector increased 21% compared to Q2 2021 Nearly half of APT activity monitored appears to originate from Russian and Chinese backed groups Cobalt Strike attack suite abused […]
By gaining control of an organization’s AD, the adversary seizes the power to deploy ransomware to all systems through several mechanisms.
It’s no secret that most major enterprises across the globe use Microsoft Active Directory (AD) for identity and access management. This ubiquity is also one of the predominant reasons AD is such a popular and attractive target for adversaries. What remains a mystery to many enterprises, however, is how adversaries – including the malicious actors […]
Russia's FSB says it arrested more than a dozen members of the REvil ransomware operation and seized nearly $7 million in assets.
Russia says it has shut down the REvil ransomware gang, arrested several individuals and seized a total of about $7 million from the well-organized cybercrime operation that has plagued businesses in the U.S. and abroad for years. In a press release, the FSB, Russia’s principal security agency, says it carried out the operation at the […]