ransomware

Malware & Threats

Issued by: CSO

New research from Palo Alto Networks’ Unit 42 has identified four emerging ransomware groups that have the potential to become bigger problems in the future. These are AvosLocker, Hive Ransomware, HelloKitty, and LockBit 2.0. Emerging ransomware threat groups “With major ransomware groups such as REvil and Darkside lying low or rebranding to evade law enforcement…

Vulnerabilities

Issued by: Blog Malwarebytes

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities—CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. These vulnerabilities can be chained together to remotely execute arbitrary code on a vulnerable machine. This set of Exchange vulnerabilities is often grouped under the name ProxyShell. Fixes were available…

Software Security

Issued by: CSO

Recently I spoke with Ryan Chapman of the SANS Institute, author of the upcoming SANS course FOR528: Ransomware for Incident Responders, on how to better prepare for ransomware. That preparation comes in two forms: planning how you would respond to a successful ransomware attack and overcoming barriers to hardening your network against them. Planning for…

Malware & Threats

Issued by: Security Week

The new website, StopRansomware.gov, is designed to serve as a central hub that consolidates ransomware resources from all government agencies, including CISA, the FBI, the Secret Service, NIST, the Department of Treasury, and the HHS. Its goal is to provide useful resources for individuals, businesses and other organizations. StopRansomware.govStopRansomware.gov provides information on what to do…

Malware & Threats

Issued by: Security Week

Also known as Sodinokibi, REvil has become one of the most prominent ransomware families out there, being involved in a large number of high-profile attacks, including the one on JBS, the world’s largest meat processing company. REvil is offered by an Eastern Europe/Russia-based threat actor tracked as PINCHY SPIDER, which is known for their RaaS…

Malware & Threats

Issued by: Security Week

Scheduling and patient medical records were affected and some cancer patients faced delays in treatment. It took months for the University of Vermont Health Network to recover from the attack, estimated to cost upwards of $63 million. The network is insured for $30 million and officials are continuing to negotiate with the insurance companies, but…

Malware & Threats

Issued by: Security Week

“It is the position of the U.S. government that we strongly discourage the payment of ransoms,” Eric Goldstein, a top cybersecurity official in the Department of Homeland Security, told a congressional hearing last week. But paying carries no penalties and refusing would be almost suicidal for many companies, especially the small and medium-sized. Too many…

Malware & Threats

Issued by: Security Week

Speaking after the two leaders’ first summit in Geneva, Biden said he laid down the line on Moscow not taking action against hackers who have extorted hundreds of millions of dollars from western governments, companies, and organisations from the safety of Russian soil. “I pointed out to him we have significant cyber capability and he…

Malware & Threats

Issued by: Security Week

In a communiqué issued after the conclusion of the summit, G7 countries vowed to work together to “further a common understanding of how existing international law applies to cyberspace” and collaborate to “urgently address the escalating shared threat from criminal ransomware networks.” The G7 called on all states to “urgently identify and disrupt ransomware criminal networks operating…