Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

2023 was a lucrative year for ransomware actors, with victim organizations paying $449.1 million in the first six months alone. Maintaining this cash stream requires frequent technique shifts, which may be why more attackers are exploiting legitimate software to propagate their malware. Abusing organizations’ existing enterprise tools can help attackers blend in while they’re doing reconnaissance, and also aids them with privilege escalation and persistence.

Over sixty credit unions across the United States have been taken offline following a ransomware attack at one of their technology providers - demonstrating once again the damage that can be caused by a supply-chain attack. There are a few moving parts here, so here’s a quick summary: Trellance - A provider of solutions and services used by credit unions, and the parent company of FedComp. FedComp - a provider of software and services that enable credit unions to operate around the world.

Malicious browser extensions are a common attack vector used by threat actors to steal sensitive information, such as authentication cookies or login credentials, or to manipulate financial transactions.

Not only is ransomware on the rise, but this type of malware is also growing more sophisticated and professionalized, which is a cause for concern for both organizations and users.

Researchers at Sophos have found that the criminal market for malicious generative AI tools is still disorganized and contentious. While there are obvious ways to abuse generative AI, such as crafting phishing emails or writing malware, criminal versions of these tools are still unreliable. The researchers found numerous malicious generative AI tools on the market, including WormGPT, FraudGPT, XXXGPT, Evil-GPT, WolfGPT, BlackHatGPT, DarkGPT, HackBot, PentesterGPT, PrivateGPT.

With Atlassian ending support in February 2024 for Jira Software Server – an on-premises deployment of Jira Software - what’s your plan for data protection if you choose to migrate to the cloud? While Atlassian has plenty of tools in place out of the box to protect your data, there’s always more you can do to help prevent data loss.

Recovering from a Ransomware attack requires a systematic approach to minimise damage and restore normal operations efficiently. The following steps are crucial in the recovery process.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including NoEscape ransomware, AvosLocker ransomware, and Retch ransomware, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

Rubrik Zero Labs’ recent study accentuated several hard truths we think are important and warrant a response from Rubrik’s CISO Advisory Board. First, let’s confirm what many of us have already discussed: It’s not fun to be a CISO right now. There’s an overwhelming amount of expectation—from the board to business unit owners—to figure out how to grow and use data, but also keep it secure, and figure out what happens when it’s not.