Credit to Author: Malwarebytes Labs| Date: Fri, 17 Jun 2022 18:01:31 +0000
ALPHV, also known as BlackCat, created a leak site on the regular web, betting it can squeeze money out of victims faster than a dark web site.
The post ALPHV squeezes victim with dedicated leak site for employees and customers appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jovi Umawing| Date: Wed, 20 Apr 2022 13:55:22 +0000
Federal agencies have discovered tools created by a nation-state actor to compromise US critical infrastructure.
The post US warns of APT groups that can “gain full system access” to some industrial control systems appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Thu, 14 Apr 2022 11:41:19 +0000
The Zloader botnet is a malware as a service provider for a few notorious ransomware gangs. But now it has taken a serious blow to its infrastructure.
The post Zloader, another botnet, bites the dust appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Thu, 14 Apr 2022 11:41:19 +0000
The Zloader botnet is a malware as a service provider for a few notorious ransomware gangs. But now it has taken a serious blow to its infrastructure.
The post Zloader, another botnet bites the dust appeared first on Malwarebytes Labs.
Read more
Credit to Author: Tilly Travers| Date: Thu, 17 Mar 2022 09:13:50 +0000
A collection of Sophos threat research articles and security operations reports related to new or prevalent ransomware groups from 2018 to the present. The content will be updated as new research is published
Read more
Credit to Author: BrianKrebs| Date: Fri, 28 Jan 2022 13:18:36 +0000
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant.
Read more
Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000
The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.
Read more
Credit to Author: BrianKrebs| Date: Wed, 12 Jan 2022 05:17:31 +0000
In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene.
Read more