attribution – Computer Security Articles

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

August 23, 2023 admin active adversary report, Active Directory, attribution, detection, dwell time, Featured, Incident Response, mfa, mtr, RDP, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 23 Aug 2023 10:01:02 +0000

A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace

Security Sophos

Enough attribution to count

August 8, 2023 admin attribution, detection, sophos x-ops, tac, threat activity cluster, threat research

Credit to Author: Chester Wisniewski| Date: Tue, 08 Aug 2023 10:01:37 +0000

Naming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the way

MalwareBytes Security

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

October 22, 2019 admin Advanced persistent threats, APTs, attribution, Carbanak, cybercriminal groups, dridex, group5, Magecart, malicious domains, malicious websites, skimmer, Threat analysis

Credit to Author: Threat Intelligence Team| Date: Tue, 22 Oct 2019 15:00:00 +0000

Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Categories:

Threat analysis

Tags: advanced persistent threats APTs attribution carbanak cybercriminal groups dridex Group5 Magecart malicious domains malicious websites skimmer

Kaspersky Security

The complexities of public attribution

April 12, 2019 admin #TheSAS2019, APT, attribution, news, SAS, SAS 2019, Security Analyst Summit, Threats

Credit to Author: Jeffrey Esposito| Date: Fri, 12 Apr 2019 15:51:15 +0000

A look at the complexities of public attribution and why nation-states doing it will have real-world implications.

MalwareBytes Security

Ryuk ransomware attacks businesses over the holidays

January 8, 2019 admin attribution, BitPaymer ransomware, christmas, cybercrime, data resolution, dataresolution.net, emotet, exploit, Hermes, Holiday, Lazarus, malicious office documents, malspam, malware, malwarebytes anti-exploit, malwarebytes anti-ransomware, NORTH KOREA, Onslow water and sewer authority, OWASA, protection, ransom, ransomware, ryuk, stats, Tips, tribune publishing, trickbot

Credit to Author: Adam Kujawa| Date: Tue, 08 Jan 2019 19:49:45 +0000

Over the holiday, a little-known ransomware family called Ryuk caused serious damage to numerous organizations. The attacks leave a lot of questions unanswered. What do we know so far?

Categories:

Tags: attribution BitPaymer ransomware Christmas data resolution dataresolution.net emotet exploit Hermes holiday Lazarus malicious office documents malspam malwarebytes anti-exploit malwarebytes anti-ransomware North Korea Onslow water and sewer authority OWASA protection ransom ransomware ryuk stats tips tribune publishing trickbot

MalwareBytes Security

All this EternalPetya stuff makes me WannaCry

July 6, 2017 admin attribution, cybercrime, decryption, DoublePulsar, EternalBlue, EternalPetya, EternalRomance, hasherazade, m.e.doc, malware, NotPetya, NSA, Petya, Petya ransomware, ShadowBrokers, WannaCry, WannaCrypt, WannaCryptor

Credit to Author: Adam McNeil| Date: Thu, 06 Jul 2017 18:15:09 +0000

Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.

Categories:

Tags: attribution decryption DoublePulsar EternalBlue EternalPetya EternalRomance hasherazade m.e.doc NotPetya NSA petya Petya ransomware ShadowBrokers WannaCry WannaCrypt WannaCryptor

(Read more…)

The post All this EternalPetya stuff makes me WannaCry appeared first on Malwarebytes Labs.

MalwareBytes Security

EternalPetya – yet another stolen piece in the package?

June 30, 2017 admin attribution, EternalPetya, hasherezade, hexedit, janus, malware, Malwarebytes, NotPetya, NSA, Petya, psexec, ransomware, Threat analysis

Credit to Author: Malwarebytes Labs| Date: Fri, 30 Jun 2017 16:53:36 +0000

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags: attribution EternalPetya hasherezade hexedit janus Malwarebytes NotPetya NSA petya psexec ransomware