Private US companies targeted by Stonefly APT 2024-10-03 at 14:01 By Zeljka Zorz Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About Stonefly Also known as Andariel and OnyxFleet, Stonefly has been linked to […]
React to this headline:
Private US companies targeted by Stonefly APT Read More »
Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers
React to this headline:
Record-breaking $75 million ransom paid to cybercrime group 2024-08-02 at 07:01 By Help Net Security Ransomware attacks have reached new heights of ambition and audacity over the past year, marked by a notable surge in extortion attacks, according to a Zscaler. The findings from the report uncovered a record-breaking ransom payment of $75 million to
React to this headline:
Record-breaking $75 million ransom paid to cybercrime group Read More »
The changes in the cyber threat landscape in the last 12 months 2024-07-23 at 14:31 By Zeljka Zorz When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable. Europol’s recently released Internet Organised Crime Threat Assessment (IOCTA) 2024 report covers
React to this headline:
The changes in the cyber threat landscape in the last 12 months Read More »
Medibank breach: Security failures revealed (lack of MFA among them) 2024-06-18 at 17:31 By Zeljka Zorz The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by
React to this headline:
Medibank breach: Security failures revealed (lack of MFA among them) Read More »
The number of known Snowflake customer data breaches is rising 2024-06-10 at 15:46 By Zeljka Zorz LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to
React to this headline:
The number of known Snowflake customer data breaches is rising Read More »
Snowflake denies breach, blames data theft on poorly secured customer accounts 2024-06-01 at 23:32 By Zeljka Zorz Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of stolen customer login credentials. “We are aware of recent
React to this headline:
Snowflake denies breach, blames data theft on poorly secured customer accounts Read More »
Snowflake compromised? Attackers exploit stolen credentials 2024-05-31 at 22:17 By Zeljka Zorz Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 organizations around the world as customers. “From an
React to this headline:
Snowflake compromised? Attackers exploit stolen credentials Read More »
Organizations struggle to defend against ransomware 2024-05-17 at 07:01 By Help Net Security In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims
React to this headline:
Organizations struggle to defend against ransomware Read More »
Global ransomware crisis worsens 2024-05-09 at 07:31 By Help Net Security Ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings’ 2024 Global Threat Intelligence Report. Global ransomware crisis After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims were detected or posted
React to this headline:
Global ransomware crisis worsens Read More »
Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! 2024-04-19 at 15:46 By Zeljka Zorz More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%,” ransomware incident
React to this headline:
Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! Read More »
Ransomware group maturity should influence ransom payment decision 2024-04-11 at 16:16 By Zeljka Zorz Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers’ servers, and/or not leaked online. The decision will depend on
React to this headline:
Ransomware group maturity should influence ransom payment decision Read More »
NHS Scotland confirms ransomware attackers leaked patients’ data 2024-03-28 at 14:31 By Zeljka Zorz NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data including patient and staff-identifiable information,” and has published “clinical data relating to a small number of patients.”
React to this headline:
NHS Scotland confirms ransomware attackers leaked patients’ data Read More »
LockBit takedown: Infrastructure disrupted, criminals arrested, decryption keys recovered 2024-02-20 at 14:32 By Zeljka Zorz In the wake of yesterday’s surprise law enforcement takeover of LockBit’s leak site, the UK National Crime Agency (NCA) and Europol have shared more information about the extent of the takedown. “Today, after infiltrating the group’s network, the NCA has
React to this headline:
Ransomware recap 2023 highlights cybersecurity crisis 2024-01-30 at 07:02 By Help Net Security In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally,
React to this headline:
Ransomware recap 2023 highlights cybersecurity crisis Read More »
Poorly secured PostgreSQL, MySQL servers targeted by ransomware bot 2024-01-18 at 17:03 By Zeljka Zorz Users exposing poorly secured PostgreSQL and MySQL servers online are in danger of getting their databases wiped by a ransomware bot, Border0 researchers are warning. The attackers asks for a small sum to return / not publish the data, but
React to this headline:
Poorly secured PostgreSQL, MySQL servers targeted by ransomware bot Read More »
“Security researcher” offers to delete data stolen by ransomware attackers 2024-01-09 at 12:32 By Zeljka Zorz When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets
React to this headline:
“Security researcher” offers to delete data stolen by ransomware attackers Read More »
Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims 19/12/2023 at 19:04 By Zeljka Zorz The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. FBI develops ALPHV/Blackcat decryptor Over the past 18 months, ALPHV/Blackcat has emerged as the
React to this headline:
Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims Read More »
Vulnerability disclosure: Legal risks and ethical considerations for researchers 27/11/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must perform when navigating the interests of
React to this headline:
Vulnerability disclosure: Legal risks and ethical considerations for researchers Read More »
The shifting sands of the war against cyber extortion 21/11/2023 at 14:33 By Zeljka Zorz Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter many other
React to this headline:
The shifting sands of the war against cyber extortion Read More »