March 2024

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Mar 29, 2024 By Stu Sjouwerman In KnowBe4

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans. This new campaign spotted by security analysts at BlueVoyant demonstrates how effective spear phishing can be — even when the phishing execution itself is relatively basic. According to the analysis, threat actors impersonate well-known law firms and send out PDF attachments with the filename "Invoice_.pdf." Simple enough, right?

Read Post

KnowBe4

Read more about Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Shamane Tan on bouncing back - Cyber Security Decoded

Mar 29, 2024 By Rubrik In Rubrik

With #data growing at an enormous rate and cyberattacks becoming widespread, a #CyberSecurity strategy based around preventing attacks just simply won’t cut it anymore. Prevention alone isn’t enough, so experts are emphasizing the importance of a strategy based on cyber resilience. In other words, it’s important to build a strategy that enables your team to identify threats from bad actors quickly so you can recover your data right away and bounce back.

View Video

Rubrik

Read more about Shamane Tan on bouncing back - Cyber Security Decoded

New Malware Loader Delivers Agent Tesla Remote Access Trojan Via Phishing

Mar 29, 2024 By Stu Sjouwerman In KnowBe4

A new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with malicious attachments. “The threat begins with a fake bank payment email designed to deceive recipients,” the researchers write.

Read Post

KnowBe4

Read more about New Malware Loader Delivers Agent Tesla Remote Access Trojan Via Phishing

Emerging Threats: What's New in the Cybersecurity Landscape?

Mar 28, 2024 By SecuritySenses In SecuritySenses

In a time where sensitive information is increasingly moving online, AI systems are developing and we are increasingly relying on the internet in our day-to-day activities, cybersecurity threats loom larger than ever. A recent study found that cyber attacks are escalating at an unprecedented rate, with a new attack now occurring every 39 seconds. While a startling statistic, this shouldn't come as a surprise, in 2024 just about everyone is inundated with hacking attempts and scams whether the attack is a phone call, text, email or malicious software.

Read Post

SecuritySenses

Read more about Emerging Threats: What's New in the Cybersecurity Landscape?

German Authorities Dismantle the Nemezis Market Dark Web Marketplace

Mar 28, 2024 By Key Dutch In ImmuniWeb

Read also: KuCoin and founders face charges, Tornado Cash dev charged with money laundering, and more.

Read Post

ImmuniWeb

Read more about German Authorities Dismantle the Nemezis Market Dark Web Marketplace

Over 100 Malicious Packages Target Popular ML PyPi Libraries

Mar 28, 2024 By Tom Abai In Mend

Early on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.

Read Post

Mend

Read more about Over 100 Malicious Packages Target Popular ML PyPi Libraries

The Number of New Pieces of Malware Per Minute Has Quadrupled in Just One Year

Mar 27, 2024 By Stu Sjouwerman In KnowBe4

The threat of novel malware is growing exponentially, making it more difficult for security solutions to identify attachments and links to files as being malware. According to BlackBerry’s new Global Threat Intelligence Report, the problem of novel malware has been continually growing over the last year. At the beginning of last year, BlackBerry was detecting new malware at a rate of just one per minute. By the next month, it was 1.5, 2.9 pieces per minute by August of last year.

Read Post

KnowBe4

Read more about The Number of New Pieces of Malware Per Minute Has Quadrupled in Just One Year

CrowdStrike and Rubrik Join Forces to Defend Attacks on Data

Mar 27, 2024 By Mike Tornincasa In Rubrik

With the growing volume of data and increasing cost of breaches, organizations must find ways to manage and protect their ever-expanding datasets. To address this escalating threat landscape, Rubrik and CrowdStrike have joined forces to redefine cyber defense, with several integration points between our platforms. This partnership is not about bolting on more security tools; rather, it's about gaining more leverage out of what customers already have.

Read Post

Rubrik

Read more about CrowdStrike and Rubrik Join Forces to Defend Attacks on Data

Unveiling the Latest Ransomware Threats Targeting the Casino and Entertainment Industry

Mar 27, 2024 By Trustwave In Trustwave

Anyone who has visited a casino knows these organizations go to a great deal of expense and physical effort to ensure their patrons do not cheat. Still, there is a large group of actors who are uninterested in card counting or using loaded dice at the craps table. In fact, these adversaries don't bother going into the building or even visiting the country where the casino is located. Cyber threat groups.

Read Post

Trustwave

Read more about Unveiling the Latest Ransomware Threats Targeting the Casino and Entertainment Industry

Defending Your Critical Data With Rubrik & CrowdStrike Falcon LogScale

Mar 27, 2024 By Rubrik In Rubrik

Your backup data hosts useful information that can be used to identify potential attacks. In this quick demo, we'll show you how easy it is to share insights from Rubrik Security Cloud with your Security Operations team to help detect, respond to and recover from cyberattacks.

View Video

Rubrik

Read more about Defending Your Critical Data With Rubrik & CrowdStrike Falcon LogScale

Browser Security in 2024: Technologies and Trends

Mar 26, 2024 By Gilad David Maayan In Tripwire

Browser security is a set of measures and processes intended to protect users and their data when using web browsers. This includes mechanisms to prevent unauthorized access, safeguard against malicious software and other browser security threats, and ways to protect the privacy of online activities.

Read Post

Tripwire

Read more about Browser Security in 2024: Technologies and Trends

Rubrik Expands Unstructured Data Protection to On-Premises S3-Compatible Object Stores

Mar 26, 2024 By Srujana Puttagunta In Rubrik

You are the CISO of a leading financial services firm serving a large number of clients with substantial assets. You process a massive volume of data every day, and much of it is sensitive: customer account information, social security numbers, and other PII.

Read Post

Rubrik

Read more about Rubrik Expands Unstructured Data Protection to On-Premises S3-Compatible Object Stores

Agent Tesla's New Ride: The Rise of a Novel Loader

Mar 26, 2024 By Trustwave In Trustwave

Malware loaders, critical for deploying malware, enable threat actors to deliver and execute malicious payloads, facilitating criminal activities like data theft and ransomware. Utilizing advanced evasion techniques, loaders bypass security measures and exploit various distribution channels for extensive impact, threat groups enhance their ability to download and execute various malware types as demonstrated by Smoke Loader and GuLoader, highlighting their role in extensive malware distribution.

Read Post

Trustwave

Read more about Agent Tesla's New Ride: The Rise of a Novel Loader

Cybersecurity Awareness: Protecting Your Profile from Online Threats

Mar 25, 2024 By SecuritySenses In SecuritySenses

Have you ever considered how vulnerable your online profile might be to cyber threats? A study by the University of Maryland showed that hackers attack at least every 39 seconds. From the moment you log into your social media accounts to the instant you make an online purchase, you're constantly at risk of falling victim to cyberattacks. The big question is: is there a way to prevent this from happening?

Read Post

SecuritySenses

Read more about Cybersecurity Awareness: Protecting Your Profile from Online Threats

Notorious Nemesis Market Seized by German Police

Mar 25, 2024 By Graham Cluley In Tripwire

Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems. Germany's Federal Criminal Police (known as the BKA) has announced that it has seized the infrastructure of Nemesis and taken down its website. At the same time, cryptocurrency worth 94,000 Euros was seized by police.

Read Post

Tripwire

Read more about Notorious Nemesis Market Seized by German Police

What is ransomware - a quick guide with videos

Mar 25, 2024 By Ayisha Bari In Bulletproof

If you’ve heard of ransomware attacks in the news, you’ll know they can result in big losses for big businesses. But the fact is that organisations of any size can fall victim to an attack, and often the smaller your business is, the more severe the impact.

Read Post

Bulletproof

Read more about What is ransomware - a quick guide with videos

Kill Ransomware: A New Entrant Strikes, Breaching Kerala Police and Beyond

Mar 22, 2024 By Foresiet In Foresiet

In the ever-evolving landscape of cybersecurity threats, new players emerge with alarming frequency, and the latest to make waves is "Kill Ransomware." With a formation date in 2023, this group wasted no time in announcing its presence on the dark web, enticing skilled hackers to join its ranks. Leveraging sophisticated tactics, Kill Ransomware has swiftly executed four notable breaches, sending shockwaves through the digital realm.

Read Post

Foresiet

Read more about Kill Ransomware: A New Entrant Strikes, Breaching Kerala Police and Beyond

Cyber Security Decoded: Sherrod DeGrippo on Optimism

Mar 22, 2024 By Rubrik In Rubrik

Amazing segment from Sherrod DeGrippo: The right attitudes and correct level of cynicism is vital for pushing forward and innovating, ESPECIALLY in #CyberSecurity. Listen to Sherrod’s full episode of Cyber Security Decoded on Spotify now.

View Video

Rubrik

Read more about Cyber Security Decoded: Sherrod DeGrippo on Optimism

Ransomware Group "RA World" Changes Its' Name and Begins Targeting Countries Around the Globe

Mar 21, 2024 By Stu Sjouwerman In KnowBe4

The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion. I don’t like it when I hear about ransomware groups growing, but that's the case in TrendMicro’s new analysis of RA World ransomware. What was once through to be a smaller operation focused on attacks targeting organizations in South Korea and the U.S.

Read Post

KnowBe4

Read more about Ransomware Group "RA World" Changes Its' Name and Begins Targeting Countries Around the Globe

Unmasking the Silent Threat: Info Stealer Malware and the Danger of Stealer Logs

Mar 21, 2024 By Foresiet In Foresiet

Info stealer malware, also known as information stealers, are a growing menace in the cybersecurity landscape. These malicious programs lurk in the shadows, siphoning sensitive data from unsuspecting victims' devices. While data breaches often grab headlines, info stealer attacks can be just as devastating, silently compromising personal information and causing significant financial losses. This blog post sheds light on the world of info stealer malware and the chilling reality of stealer logs.

Read Post

Foresiet

Read more about Unmasking the Silent Threat: Info Stealer Malware and the Danger of Stealer Logs

Building Resiliency in the Face of Ransomware

Mar 21, 2024 By SafeBreach In SafeBreach

Ransomware remains one of the biggest security threats in 2024. This follows a concerning resurgence in 2023, where more than $450 million in ransomware payments were reported in the first half of the year alone. The proliferation of Ransomware-as-a-Service (RaaS) and the subsequent attacks against a variety of businesses—from the smallest start-up to the most powerful multinational—reinforce what security professionals already know: ransomware is not going away.

Read Post

SafeBreach

Read more about Building Resiliency in the Face of Ransomware

How To Remove Adware From Your Computer

Mar 21, 2024 By Tim Tran In Keeper

Adware can cause performance issues and unwanted ads on your computer. Some types of adware can even collect your personal information. To protect your personal information, you need to remove as much adware from your computer as possible. To remove adware from your computer, you should back up your files, download adware removal software and remove any unnecessary programs.

Read Post

Keeper

Read more about How To Remove Adware From Your Computer

Hunt of the Month: Detecting AsyncRAT Malware Over HTTPS

Mar 20, 2024 By Corelight Labs Team In Corelight

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

Read Post

Corelight

Read more about Hunt of the Month: Detecting AsyncRAT Malware Over HTTPS

The Real Impact of the Lockbit Ransomware Takedown | Razorthorn Security

Mar 20, 2024 By Razorthorn In Razorthorn

Welcome to Razorwire, the cutting-edge podcast for cybersecurity professionals, where we unravel the world of information security and peek into the future of technology. I'm your host, Jim, and in today's episode, we're joined by our esteemed guests, Richard Cassidy and Oliver Rochford. We’re taking a deep dive into the recent Lockbit takedown, dissecting the movements in the global cybercrime landscape, and analysing the ongoing conflicts within the commercial industry.

View Video

Razorthorn

Read more about The Real Impact of the Lockbit Ransomware Takedown | Razorthorn Security

The Dangers of Double and Triple Extortion in Ransomware

Mar 19, 2024 By Sule Tatar In Arctic Wolf

The 2023 ransomware attack at the University of Manchester didn’t stop once the threat actors had successfully exfiltrated the personal identifiable information (PII) for faculty and staff, plus 250 GB of other data. When the university showed hesitation toward paying the ransom, they turned to a tactic that is becoming increasingly popular among cybercriminals — triple extortion.

Read Post

Arctic Wolf

Read more about The Dangers of Double and Triple Extortion in Ransomware

Detect malware in your containers with Datadog Cloud Security Management

Mar 19, 2024 By Parag Baxi In Datadog

Detecting malware in container environments can be a major challenge due to the rapid development of malicious code, the proliferation of insecure container images, and the multilayered complexity of container stacks. Staying ahead of attackers means tracking the constant evolution of malware and rooting out threats in your codebase at the expense of considerable compute.

Read Post

Datadog

Read more about Detect malware in your containers with Datadog Cloud Security Management

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

Mar 18, 2024 By Stu Sjouwerman In KnowBe4

A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions. ALPHV is a big enough problem that Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health and Human Services (HHS) all are getting together to put healthcare organizations on notice.

Read Post

KnowBe4

Read more about CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Mar 15, 2024 By Jan Michael Alcantara In Netskope

Netskope Threat Labs has observed an evasive Azorult campaign in the wild that employs multiple defense evasion techniques from delivery through execution to fly under the defender’s radar as it steals sensitive data. Azorult is an information stealer first discovered in 2016 that steals sensitive information including user credentials, browser information, and crypto wallet data.

Read Post

Netskope

Read more about From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Cyber Security Decoded: Sherrod DeGrippo on Perspectives

Mar 15, 2024 By Rubrik In Rubrik

This advice from Sherrod DeGrippo applies not just to #CyberSecurity, but to all industries. Diverse perspectives and opinions will help cover your bases and see the world from many angles.

View Video

Rubrik

Read more about Cyber Security Decoded: Sherrod DeGrippo on Perspectives

LockBit affiliate jailed for almost four years after guilty plea

Mar 14, 2024 By Graham Cluley In Tripwire

An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges. 34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that started in March 2020.

Read Post

Tripwire

Read more about LockBit affiliate jailed for almost four years after guilty plea

Iron Mountain Data Centers' Proactive Approach to Modern Threats with Rubrik

Mar 14, 2024 By Rubrik In Rubrik

As a part of Iron Mountain Inc., a global leader in secure data and asset management trusted by 95% of the Fortune 1000, Iron Mountain Data Centers is uniquely positioned to protect, connect, and activate high-value customer data. Historically, Iron Mountain Data Centers took a defensive posture when it came to data security, focused on keeping bad actors out. Given the continually evolving nature of modern threats, the service provider had ambitious plans to elevate their cyber security platform, future-proofing their data security with Rubrik.

View Video

Rubrik

Read more about Iron Mountain Data Centers' Proactive Approach to Modern Threats with Rubrik

Dental DDoS? No. Cameras and Ransomware? Oh yeah.

Mar 13, 2024 By Ben Edwards In BitSight

We’re back again with a monthly-ish blog reflecting on major goings on in the security world. I am writing the first draft on the rarest of holidays, leap day1! February gets extended by a day every four years, and if we had to guess Ivanti wishes this month would end.

Read Post

BitSight

Read more about Dental DDoS? No. Cameras and Ransomware? Oh yeah.

CTI Roundup: Linux Servers Target of New Malware Campaign

Mar 13, 2024 By Tanium In Tanium

New Linux malware campaign targets misconfigured servers, ransomware actors diversify their exfiltration tools, and Cado reveals its top cloud threat findings report for 2H23.

Read Post

Tanium

Read more about CTI Roundup: Linux Servers Target of New Malware Campaign

New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

Mar 13, 2024 By Alok Agrawal In Rubrik

Hackers move fast. The cybersecurity industry works hard to move as fast (or faster) than hackers. And regulators work to keep pace. In 2017, the New York Department of Financial Services enacted the sector’s most ambitious set of cybersecurity regulations: 23 NYCRR Part 500. These “Part 500” rules have been updated to reflect the evolving threat landscape, the most recent change (“Amendment 2”) implemented in December 2023 to address emerging cybersecurity needs.

Read Post

Rubrik

Read more about New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

LESLIELOADER - Undocumented Loader Observed

Mar 13, 2024 By Kroll In Kroll

Kroll observed the use of SPARKRAT in conjunction with a previously undocumented loader written in Golang. The loader assists in the initial infection and deployment of the malicious payload, enabling SPARKRAT to execute on a system. This process allows the payload to reach the target system undetected and unquarantined. The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance.

Read Post

Kroll

Read more about LESLIELOADER - Undocumented Loader Observed

CASB vs DSPM with DDR

Mar 12, 2024 By Filip Verloy In Rubrik

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?

Read Post

Rubrik

Read more about CASB vs DSPM with DDR

GitHub "besieged" by malware repositories and repo confusion: Why you'll be ok

Mar 12, 2024 By Liran Tal In Snyk

As open source software development continues to evolve, so does its susceptibility to cybersecurity threats. One such instance is the recent discovery of malware repositories on GitHub. In this cybersecurity attack, threat actors managed to upload malicious code onto GitHub, a platform that hosts millions of code repositories and is used by developers worldwide.

Read Post

Snyk

Read more about GitHub "besieged" by malware repositories and repo confusion: Why you'll be ok

GuLoader Downloaded: A Look at the Latest Iteration

Mar 11, 2024 By Adi Bleih In Cyberint

GuLoader stands out as a prominent downloader founded on shellcode that has been used in many attacks aimed at spreading a diverse array of highly sought-after malware strains. For over three years, GuLoader has maintained its activity and is continuously evolving through ongoing development efforts. The latest iteration introduces novel anti-analysis techniques, making its analysis extremely difficult.

Read Post

Cyberint

Read more about GuLoader Downloaded: A Look at the Latest Iteration

FBI's 2023 Internet Crime Report Highlights Alarming Trends on Ransomware

Mar 11, 2024 By Stu Sjouwerman In KnowBe4

The specter of cybercrime continues to grow, with losses soaring to $12.5 billion in 2023, according to the recently released Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3). The revelations underline an alarming surge in cybercrime, affecting both business and personal interests alike, with the main attack vectors being investment fraud, business email compromises and an increased surge of ransomware attacks on nearly every critical infrastructure sector.

Read Post

KnowBe4

Read more about FBI's 2023 Internet Crime Report Highlights Alarming Trends on Ransomware

The 443 Podcast, Ep. 282 - A Wild Month in Ransomware

Mar 11, 2024 By WatchGuard In WatchGuard

This week on #the443podcast, we’re joined by Ryan Estes, a member of WatchGuard’s Zero-Trust Application Service classification team and resident ransomware expert, to discuss the wild month in ransomware news. We start the episode with a story about a fake ransom operator who scammed cybercriminals out of tens of thousands of dollars before discussing two major Ransomware-as-a-Service operators that have had a rough couple of weeks.

View Video

WatchGuard

Read more about The 443 Podcast, Ep. 282 - A Wild Month in Ransomware

7 Ways to Quickly Detect Malicious Websites

Mar 8, 2024 By Zach Lakovics In Memcyco

Navigating the internet today can be a minefield. With the rise of malicious websites, customers and employees must now think twice before clicking on unfamiliar links or sites. Attackers often try to spoof and ‘brandjack’ well-reputed organizations and lure users into giving away personal info, money or letting hackers into their systems.

Read Post

Memcyco

Read more about 7 Ways to Quickly Detect Malicious Websites

Protecting Amazon S3 with Rubrik Security Cloud

Mar 8, 2024 By Rubrik In Rubrik

AWS S3 object storage is one of the most adopted services in the cloud. At the same time, cyberattacks are on the rise, with the cloud becoming the preferred target and often specifically focusing an organization’s data like in S3. With Rubrik, you can ensure your S3 data is resilient and recoverable from cyberattacks and operational failures while taking advantage of.

View Video

Rubrik

Read more about Protecting Amazon S3 with Rubrik Security Cloud

AI and Ransomware Top the List of Mid-Market IT Cyber Threats

Mar 7, 2024 By Stu Sjouwerman In KnowBe4

A recent report reveals a significant discrepancy in the priorities of mid-market IT departments when it comes to addressing cyber threats. It's somewhat ironic that IT professionals find themselves entangled in a logical paradox when responding to surveys, as demonstrated by Node4’s Mid-Market IT Priorities Report 2024.

Read Post

KnowBe4

Read more about AI and Ransomware Top the List of Mid-Market IT Cyber Threats

Lockbit Disrupted: Ransomware Trends Update

Mar 6, 2024 By Sean Moran In JUMPSEC

Faced with year-on-year rising attack figures, law enforcement have struggled to adapt to the immense task of preventing ransomware and cyber extortion. By tracking and analysing attacker reported victim data, we seek to explore the significance of Lockbit’s recent takedown in the context of prior disruption efforts.

Read Post

JUMPSEC

Read more about Lockbit Disrupted: Ransomware Trends Update

New Malware Attributed to Russian Hacking Group APT28

Mar 6, 2024 By SecurityScorecard In SecurityScorecard

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper.

Read Post

SecurityScorecard

Read more about New Malware Attributed to Russian Hacking Group APT28

CTI Roundup: CVEs on the Rise, TimbreStealer Malware, and a New Phishing Report

Mar 6, 2024 By Tanium In Tanium

Researchers predict a 25% rise in CVEs, TimbreStealer malware spreads through phishing, and Proofpoint releases its 2024 State of the Phish report.

Read Post

Tanium

Read more about CTI Roundup: CVEs on the Rise, TimbreStealer Malware, and a New Phishing Report

Unraveling the True Cost of Ransomware Attacks and Essential Strategies for Mitigation

Mar 6, 2024 By Barry O'Connell In Trustwave

A ransomware attack can demoralize or debilitate organizations quite like no other. Not only does ransomware strike a company's morale, but it also causes massive financial losses along with reputational damage that could prove difficult to repair. Cybersecurity Ventures predicted global ransomware damage costs to reach $20 billion annually in 2021, up from $325 million in 2015. In eight years from now, the costs will exceed $265 billion.

Read Post

Trustwave

Read more about Unraveling the True Cost of Ransomware Attacks and Essential Strategies for Mitigation

Resurgence of BlackCat Ransomware

Mar 6, 2024 By Trustwave In Trustwave

In today's rapidly evolving cyber landscape, modern adversaries constantly advance their methods to circumvent traditional defenses. At Trustwave, recent observations have unveiled the resurgence of the BlackCat group following its disruption by the US Justice Department on December 19, 2023.

Read Post

Trustwave

Read more about Resurgence of BlackCat Ransomware

Veritas, Cohesity, and Rubrik: Backup or Go Forward.

Mar 5, 2024 By Mike Tornincasa In Rubrik

An alternate point of view to the one you are hearing My first reaction when I heard the news of the merger between Veritas and Cohesity was one of jubilation. I've personally battled Cohesity and Veritas. I thought to myself, this is actually great news for all three companies.

Read Post

Rubrik

Read more about Veritas, Cohesity, and Rubrik: Backup or Go Forward.

TODDLERSHARK: ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant

Mar 5, 2024 By Kroll In Kroll

The Kroll CTI team observed a campaign using a new malware that appears to be very similar to BABYSHARK, previously reported to have been developed and used by the APT group Kimsuky (KTA082). The malware was deployed as part of an attempted compromise that was detected and stopped by the Kroll Responder team. The activity started with exploitation of a recently addressed authentication bypass in the remote desktop software ScreenConnect, developed by ConnectWise.

Read Post

Kroll

Read more about TODDLERSHARK: ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant

Proactive Strategies to Prevent Ransomware Attacks

Mar 4, 2024 By SecurityScorecard In SecurityScorecard

In today’s digital age, ransomware attacks have emerged as one of the most formidable threats to organizations worldwide. These malicious software attacks encrypt files on a device, rendering them inaccessible to users, and demand a ransom for decryption keys. The impact of ransomware can be devastating, leading to significant financial losses, operational downtime, and reputational damage.

Read Post

SecurityScorecard

Read more about Proactive Strategies to Prevent Ransomware Attacks

Cyber Security Decoded: Sherrod DeGrippo on Threat Models

Mar 1, 2024 By Rubrik In Rubrik

If you want to stay on Sherrod DeGrippo’s good side…cool it with the threat models!

View Video

Rubrik

Read more about Cyber Security Decoded: Sherrod DeGrippo on Threat Models

Active Directory Ransomware Attacks

Mar 1, 2024 By Jonathan Blackwell In Netwrix

Organizations worldwide use Active Directory (AD) as their primary identity service, which makes it a top target for ransomware attacks. This article explains how adversaries exploit Active Directory during ransomware attacks and provides strategies and tools for defending against this modern menace.

Read Post