Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2020

tripwire

The NHS has suffered only six ransomware attacks since the WannaCry worm, investigation reveals

Jan 30, 2020 By Graham Cluley In Tripwire

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since. A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware attacks against the NHS.

Read Post
tripwire

Ransomware: The average ransom payment doubled in just three months

Jan 23, 2020 By Graham Cluley In Tripwire

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.

Read Post
alienvault

Alien Labs 2019 Analysis of Threat Groups Molerats and APT-C-37

Jan 15, 2020 By Fernando Martinez In AT&T Cybersecurity

In 2019, several industry analyst reports confused the threat groups Molerats and APT-C-37 due to their similarity, and this has led to some confusion and inaccuracy of attribution. For example, both groups target the Middle East and North Africa region (with a special emphasis on Palestine territories). And, they both approach victims through the use of phishing emails that contain decoy documents (mostly in Arabic) and contain themes concerning the political situation in the area.

Read Post
spambrella

Travelex Still Offline Following Ransomware Attack

Jan 10, 2020 By Spambrella In Spambrella

Not only have Global banks stopped customers transacting or ordering currency from Travelex, many have stopped transactions with third party currency providers altogether. Lloyd’s, Royal Bank of Scotland, Tesco and Sainsbury’s all receive their currency from Travelex. It has been reported by Travelex that no customer data has been compromised although no report has been publicly provided to explain how this has been determined.

Read Post
alienvault

AT&T Alien Labs analysis of an active cryptomining worm

Jan 9, 2020 By Fernando Dominguez In AT&T Cybersecurity

This blog post provides an overview of the AT&T Alien Labs™ technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence, and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described below are historical, we at Alien Labs are continuing to see new attacks, which can be further researched on the Alien Labs Open Threat Exchange™ (OTX).

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.