Malware as a Service is the unlawful lease of software and hardware from the Dark Web to carry out cyber attacks. The threat actors who use this service are provided with botnet services and technical support by the MaaS owners. This service opens doors to anyone with minimal computer skills to use and distribute pre-made malware. The data that is stolen is often sold to the highest bidder or left for the service subscribers. MaaS is an illegal version of Software as a Service (SaaS).

Dish Network is one of the largest American television providers in the country today, offering television service through a direct-broadcast satellite network. The company serves more than 7.4 million customers and maintains over 16,000 employees to keep everything running properly. This huge broadcast network recently suffered from a ransomware attack that interrupted its broadcast service and may have exposed its customers as well.

More and more, people are completing the entire real estate transaction process online. From searching for properties to signing documents, online convenience can make the process easier and more efficient. However, with all of this activity taking place on the internet, it is important to be aware of the potential security risks that come along with it.

Read also: Two suspects in recent $9M Platipus DeFi hack arrested in France, CISA shares advice on how to improve security posture, and more.

High-profile ransomware attacks against large businesses and governments have become increasingly popular. They typically occupy news headlines on a monthly basis. As of writing, the most recent, high-profile attack was launched against Porsche, South Africa, where IT systems and some backups were impacted by ransomware from an unknown attacker. The gangs that perpetrate these attacks typically have carefully-crafted, large public personas and engage in significant posturing.

Once again, Arctic Wolf has taken the temperature of organizations across the globe to determine how the cybersecurity landscape of 2022 is shaping their 2023 concerns and actions. While the survey covered a number of topics, one stood out: ransomware. 48% of organizations ranked ransomware as their number one concern for the coming year. While that’s down from 70% in 2022, it doesn’t mean that ransomware is going away.

Netskope has just published the Monthly Threat Report for February, with this month’s report focused on what is going on in Europe. I don’t intend to summarise the report in this blog, instead I want to zoom in and study a continuing trend that was highlighted in there; one that is unfortunately heading in the wrong direction.

The term ransomware word perfectly captures the idea behind it, i.e. holding a computer system or software captive until a ransom is paid. Traditionally, attackers use ransomware to target individuals but things are different now.

Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command. An adversary can use this command to register a malicious Security Support Provider (SSP) on a Windows member server or domain controller (DC) — and that SSP will log all passwords in clear text for any users who log on locally to that system.