RaaS Archives - Page 2 of 3 - Cyber Security Minute

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Issued by: The Hacker News

Cybersecurity researchers have detailed the tactics of a “rising” cybercriminal gang called “Read The Manual” (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. “The ‘Read The Manual’ Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang’s…

News

BlackCat Leaking Patient Data and Photos Stolen in Attack

Issued by: DataBreach Today

Russian-speaking ransomware gang BlackCat is leaking data stolen from a Pennsylvania-based healthcare group, including photos of breast cancer patients. On Saturday, the ransomware group posted on its dark leak site a message taunting Lehigh Valley Health Network. “We have been in your network a long time and have had time to study your business,” the…

Malware & Threats

BlackCat, Royal Among Most Worrisome Threats to Healthcare

Issued by: DataBreach Today

Healthcare entities should be on high alert for signs of the BlackCat and Royal ransomware-as-a-service groups, warns the U.S. government, which characterizes the groups as “relatively new but highly capable” threats. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center in a Thursday threat brief warns that BlackCat conducts triple extortion, meaning…

Malware & Threats

Agenda Ransomware Uses Rust to Target More Vital Industries

Issued by: Trend Micro Blog

This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have developed versions of their ransomware in Rust, a cross-platform language that makes it easier to tailor malware to different operating systems like Windows and Linux. In this blog entry, we shed light on Agenda (also known as Qilin), another ransomware group that has started…

Malware & Threats

Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign

Issued by: Dark Reading

The Black Basta ransomware group is using Qakbot malware — also known as QBot or Pinkslipbot — to perpetrate an aggressive and widespread campaign using an .IMG file as the initial compromise vector. More than 10 different customers have been targeted by the campaign in the last two weeks, mostly focused on companies based in…

Malware & Threats

Canadian NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US

Issued by: Security Week

The man, Sebastien Vachon-Desjardins, 35, of Gatineau, Quebec, pleaded guilty in June 2022 to participating in the ransomware scheme. Initially spotted in 2019, NetWalker was being offered under the ransomware-as-a-service (RaaS) business model and has been used in attacks against tens of organizations worldwide, including private and public entities, hospitals and emergency services, law enforcement,…

Malware & Threats

LockBit, ALPHV & Other Ransomware Gang Leak Sites Hit by DDoS Attacks

Issued by: Dark Reading

The ransomware-as-a-service (RaaS) groups LockBit and ALPHV (aka BlackCat), among others, have been the focus of distributed denial-of-service (DDoS) attacks targeting their data leak sites, causing downtime and outages. The attacks have been monitored by Cisco Talos since Aug. 20 and include a wide range of other RaaS groups, including Quantum, LV, Hive, Everest, BianLian,…

Malware & Threats

ALPHV Ransomware Gang Creates Searchable Database With Victim Data

Issued by: Security Week

Also known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Likely tied to the cybercrime group behind the Darkside/Blackmatter ransomware, ALPHV operates under the Ransomware-as-a-Service (RaaS) business model, with their affiliates compromising…

Vulnerabilities

Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

Issued by: Trend Micro Blog

Trend Micro Research recently analyzed several cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. After investigating the chain of events, we found that many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with…

Malware & Threats

FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure

Issued by: Security Week

Available as a Ransomware-as-a-Service (RaaS), BlackByte has been used in attacks against US and foreign businesses, including in critical infrastructure sectors such as government, financial, and food and agriculture, the FBI and USSS warn. BlackByte operators recently claimed to have obtained financial data from the San Francisco 49ers as a result of an attack that…