Clustering attacker behavior reveals hidden patterns

Credit to Author: Andrew Brandt| Date: Tue, 08 Aug 2023 10:00:11 +0000

A collection of very specific behaviors, observed by Sophos X-Ops incident response analysts in the lead-up to four separate ransomware attacks in the first quarter of 2023, indicates an unexpected connection between the attacks. In the parlance of the Managed Detection and Response (MDR) team, the peculiarly similar details constitute a threat activity cluster that […]

Read more

Hive! Hive! Hive! Ransomware site submerged by FBI

Categories: News

Categories: Ransomware

Tags: DoJ

Tags: FBI

Tags: Europol

Tags: HIve

Tags: ransomware

Tags: RDP

Tags: Patch management

Tags: Vulnerability

Tags: phishing

The DoJ, FBI, and Europol have released details about a months-long international disruption campaign against the Hive ransomware group

(Read more…)

The post Hive! Hive! Hive! Ransomware site submerged by FBI appeared first on Malwarebytes Labs.

Read more

A week in security (December 5 – 11)

Categories: News

Tags: Lock and Code S03E25

Tags: lock & code

Tags: lock and code

Tags: S03E25

Tags: Dustin Childs

Tags: Eufy

Tags: Snapchat

Tags: Apple

Tags: Apple AirTag

Tags: Google Chrome

Tags: V8 vulnerability

Tags: Hive

Tags: Facebook hoax

Tags: PayPal phish

Tags: Lazarus Group

Tags: SIM swapper

Tags: festive scam

Tags: holiday scams

Tags: Android vulnerability

Tags: Bluetooth

Tags: SaaS

Tags: SaaS best practices

Tags: Epic Games

Tags: Threat Intelligence Reports

The most interesting security related news from the week of December 5 to 11.

(Read more…)

The post A week in security (December 5 – 11) appeared first on Malwarebytes Labs.

Read more

Ransomware review: July 2022

Credit to Author: Threat Intelligence Team| Date: Thu, 04 Aug 2022 20:48:37 +0000

BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared

The post Ransomware review: July 2022 appeared first on Malwarebytes Labs.

Read more

Hive ransomware gets upgrades in Rust

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Tue, 05 Jul 2022 16:00:00 +0000

With its latest variant carrying several major upgrades, Hive proves it’s one of the fastest evolving ransomware payload, exemplifying the continuously changing ransomware ecosystem.

The post Hive ransomware gets upgrades in Rust appeared first on Microsoft Security Blog.

Read more

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Credit to Author: BrianKrebs| Date: Tue, 31 May 2022 19:57:58 +0000

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.

Read more