The State of Ransomware in Critical Infrastructure 2024
The latest annual Sophos study of the real-world ransomware experiences of energy, oil/gas and utilities sector – a core element of the critical infrastructure supporting businesses – explores the full victim journey, from attack rate and root cause to operational impact and business outcomes. This year’s report sheds light on new areas of study for…
Cisco Talos analyzes attack chains, network ransomware tactics
As ransomware continues to be the scourge of enterprise security teams, Cisco’s Talos security intelligence group recently analyzed ransomware groups to identify common techniques and offer recommendations to help security team better protect their businesses. Cisco Talos reviewed 14 prominent ransomware groups between 2023 and 2024 and studied volume of attacks, impact on customers, and…
Akira Ransomware: Lightning-Fast Data Exfiltration in 2-Ish Hours
Akira ransomware actors are now capable of squirreling away data from victims in just over two hours, marking a significant shift in the average time it takes for a cybercriminal to move from initial access to information exfiltration. That’s the word from the BlackBerry Threat Research and Intelligence Team, which today released a breakdown of…
Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm
The Justice Department has announced the seizure of two domain names as well as nearly 1,000 social media accounts used by Russian actors to create and spread disinformation in the United States. US agencies including the FBI and Cyber National Mission Force (CNMF), alongside agencies in Canada and the Netherlands, released a joint advisory detailing…
Trojanized JQuery Packages Spread via ‘Complex’ Supply Chain Attack
Once again, cyberattackers are targeting JavaScript developers — this time in a “complex and persistent supply chain attack” that’s distributing Trojanized packages for the popular JavaScript library jQuery across GitHub, Node Package Manager (npm), and jsDelivr repositories. Each package contains a copy of jQuery with one small difference: the end function, a part of the…
What’s the Best Strategy for Exploiting Flaws in Ransomware?
What’s the best strategy for handling a known vulnerability in ransomware that helps victims decrypt their files for free? Security researchers and law enforcement have two options: stealth or reach. Stealth prolongs the life of the vulnerability and the ability of security teams to exploit it. Reach makes sure that more people know about it,…
New Golang-based Zergeca Botnet appeared in the threat landscape
Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusTotal. The file was packed with a modified UPX and had a unique magic number, 0x30219101,…
Infinidat Revolutionizes Enterprise Cyber Storage Protection to Reduce Ransomware and Malware Threat Windows
Infinidat, a leading provider of enterprise storage solutions, has introduced a new automated cyber resiliency and recovery solution that will revolutionize how enterprises can minimize the impact of ransomware and malware attacks. Infinidat’s InfiniSafe® Automated Cyber Protection (ACP) is a first-of-its-kind cybersecurity integration solution that is designed to reduce the threat window of cyberattacks, such…
Optiv Report Shows Nearly 60% Increase in Security Budgets as Most Organizations Report Cyber Breaches and Incidents
Optiv, the cyber advisory and solutions leader, has published its 2024 Threat and Risk Management Report, which examines how organizations’ cybersecurity investments and governance priorities are keeping up with the evolving threat landscape. Based on an independent Ponemon Institute survey, the report reveals a 59% increase in cyber budgets year-over-year. Additionally, 63% of organizations with…
Indonesia Refuses to Pay $8M Ransom After Cyberattack
A cybercrime group is demanding $8 million after compromising Indonesia’s national data center — an amount the government is refusing to pay. More than 200 government agencies have been disrupted by the cyberattack since June 20, according to Samuel Abrijani Pangerapan, director general of informatics applications with the Communications and Informatics Ministry. He told the…
