Ransomware as a Service – Computer Security Articles

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

October 30, 2023 admin adversary-in-the-middle (aitm), credential theft, elevation of privilege, extortion, human-operated ransomware, Ransomware as a Service, tempest

Credit to Author: Microsoft Incident Response and Microsoft Threat Intelligence| Date: Wed, 25 Oct 2023 16:30:00 +0000

Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries.

The post Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction appeared first on Microsoft Security Blog.

Microsoft Security

Hive ransomware gets upgrades in Rust

July 5, 2022 admin cybersecurity, hive, Microsoft security intelligence, mstic, ransomware, Ransomware as a Service

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Tue, 05 Jul 2022 16:00:00 +0000

With its latest variant carrying several major upgrades, Hive proves it’s one of the fastest evolving ransomware payload, exemplifying the continuously changing ransomware ecosystem.

The post Hive ransomware gets upgrades in Rust appeared first on Microsoft Security Blog.

Microsoft Security

The many lives of BlackCat ransomware

June 13, 2022 admin cybersecurity, human-operated ransomware, Microsoft security intelligence, ransomware, Ransomware as a Service

Credit to Author: Paul Oliveria| Date: Mon, 13 Jun 2022 16:00:00 +0000

The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.

The post The many lives of BlackCat ransomware appeared first on Microsoft Security Blog.

Security Sophos

The Active Adversary Playbook 2022

June 7, 2022 admin active adversary, artifacts, attack tools, cobalt strike, cryptomining, cyberattacks, cyberthreats, dwell time, exploit, Featured, initial access broker, malware delivery system, MITRE, proxylogon, proxyshell, ransomware, Ransomware as a Service, security operations, sophos rapid response, Vulnerability

Credit to Author: Tilly Travers| Date: Tue, 07 Jun 2022 11:02:43 +0000

Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021

Microsoft Security

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

May 9, 2022 admin cybersecurity, human-operated ransomware, Microsoft security intelligence, ransomware, Ransomware as a Service

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Mon, 09 May 2022 13:00:00 +0000

Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert humane intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. In this blog, we explain the ransomware-as-a-service affiliate model and disambiguate between the attacker tools and the various threat actors at play during a security incident.

The post Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself appeared first on Microsoft Security Blog.

MalwareBytes Security

It’s business as usual for REvil ransomware

May 5, 2022 admin gandcrab, Jakub Kroustek, jbs, kaseya, raas, ransomware, Ransomware as a Service, rEvil, revil ransomware, Sodin, Sodinokibi

Credit to Author: Jovi Umawing| Date: Thu, 05 May 2022 11:24:03 +0000

A sample of the new REvil ransomware was found in the wild, signaling that, yes, REvil has indeed come back.

The post It’s business as usual for REvil ransomware appeared first on Malwarebytes Labs.

MalwareBytes Security

Ransomware gang hits 49ers’ network before Super Bowl kick off

February 14, 2022 admin 2fa, 49ers, blackbyte ransomware, FBI, proxyshell, proxyshell vulnerability, raas, ransomware, Ransomware as a Service, san franciso 49ers, two-factor authentication

Credit to Author: Jovi Umawing| Date: Mon, 14 Feb 2022 15:52:18 +0000

Just hours before the Super Bowl Sunday kick off, the San Francisco 49ers confirmed it was the victim of a ransomware attack.

Categories: Ransomware

Tags: 2fa 49ers BlackByte ransomware fbi proxyshell ProxyShell vulnerability raas ransomware ransomware-as-a-service San Franciso 49ers two-factor authentication

MalwareBytes Security

Threat spotlight: Phobos ransomware lives up to its name

January 10, 2020 admin brute force, coveware, crysis, crysis ransomware, dharma, Dharma Ransomware, disorganised crime, mfa, Multi-Factor Authorization, Phobos, phobos nextgen, phobos notdharma, phobos ransomware, raas, ransomware, Ransomware as a Service, RDP, Remote Desktop Protocol, server message block, SMB, Sodinokibi, threat spotlight, virtual private networks, VPN

Credit to Author: Jovi Umawing| Date: Fri, 10 Jan 2020 18:04:44 +0000

Phobos, which many believe was named after the Greek god of fear, isn’t as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive into Phobos ransomware and show users how to face their fears and protect against it.

Categories:

Threat spotlight

Tags: brute force coveware crysis crysis ransomware dharma Dharma ransomware disorganised crime mfa Multi-Factor Authorization Phobos Phobos NextGen Phobos NotDharma Phobos ransomware raas ransomware Ransomware as a Service rdp remote desktop protocol Server Message Block SMB Sodinokibi virtual private networks vpn

← Previous