JUMPSEC Ransomware trends update Summer 2024
Ransomware Update An insight into ransomware actor’s changing approaches focus on the issues and developments that matter most.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Ransomware, Supply Chain & Tech Threats Explode - 2024 Trustwave SpiderLabs Report
Trustwave SpiderLabs, in its just-released report 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, has uncovered an increasing number of ransomware, third-party supplier, and technology-based attacks targeting the professional services sector.
Atlas Oil: The Consequences of a Ransomware Attack
Atlas Oil, a major player in the oil and fuel distribution industry, fell victim to a ransomware attack orchestrated by the Black Basta group. This attack not only compromised sensitive company data but also exposed a variety of documents that could potentially harm the company’s operations and reputation. Overall, Black Basta claims to have exfiltrated approximately 730 GB of data.
Emerging Rust Malware Uses PowerShell to Evade UAC and Steal Data
A new Rust-based information-stealing malware named Fickle Stealer has been identified, using multiple attack vectors to compromise systems and extract sensitive information. According to Fortinet FortiGuard Labs, Fickle Stealer is being distributed through four different methods: VBA dropper, VBA downloader, link downloader, and executable downloader. Some of these methods employ a PowerShell script to bypass User Account Control (UAC) and execute the malware.
Novel Technique Combination Used In IDATLOADER Distribution
Kroll’s Managed Detection and Response (MDR) team responded to an incident in which suspected malware was exhibiting strange download behavior. After successfully containing and resolving the incident, Kroll’s Cyber Threat Intelligence (CTI) team investigated further.
Deep Dive into Application Security: Understanding Firewalls, Malware, and APIs
In this week’s episode, we explore how Cloudflare handles application security, current trends, vulnerabilities, and future expectations. Host João Tomé is joined by Michael Tremante, Director of Product from our Application Security team. We discuss the evolution of application security and its increasing relevance today. We also go into specific use cases, covering firewall security, malware, supply chain risks, and the critical task of monitoring various vulnerabilities, including zero-day threats.
Evaluating dependence on NVD
As I mentioned at the beginning of this year, I am trying to do a monthly blog post on what might be termed “Major Security Events”. In particular this year, I’ve written about the Ivanti meltdown, Lockbit ransomware, and the xz backdoor. These events usually emerge cacophonously and suddenly into the cybersecurity landscape, and generally get everyone’s attention “real quick”.
Qilin Ransomware: What You Need To Know
Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid.
Destructive Malware: Threat Detection and Incident Response
Imagine that you have a snack you want to eat while watching a movie on a Friday night. You look in your kitchen, only to find the snack missing. Whether a roommate hid the snack or ate it, you no longer have access to it, disrupting your evening plans. This destructive behavior interrupts your weekend objectives, but it’s pretty low stakes overall.
Featured Post
Why Manufacturers are in the Crosshairs of Threat Actors
In today's modern digitised environment, the manufacturing industry faces multiple interwoven challenges that can have a serious impact on their overall performance and sustainability. These challenges include supply chain disruptions, with events such as natural disasters, geopolitical issues, and pandemics disrupting the global supply chain, affecting the timely delivery of raw materials and components. These disruptions put pressure on manufacturing organisations to better plan for potential supply chain uncertainty, while responding quickly to changes in customer demand, and also trying to keep costs low.