%term

Key insights from the Conti ransomware playbook leak: establishing a foothold

Aug 20, 2021 By George Glass In Redscan

Following a leak of a cache of documents relating to the Conti ransomware group by one of its own affiliates, in the first of a two-part blog series we analyse some of the main findings and outline steps to mitigate against Conti and other ransomware variants.

Read Post

Redscan

Read more about Key insights from the Conti ransomware playbook leak: establishing a foothold

Cybersecurity experts are currently drowning in ransomware attacks

Aug 19, 2021 By Nahla Davies In AT&T Cybersecurity

U.S. President Joe Biden is under pressure to take a stand against a relentless pace of cybersecurity attacks. Russian-speaking hackers have claimed accountability for a recent ransomware assault on IT management software provider Kaseya VSA. The group of Russian threat actors also referred to as the Revil Group, launched a bombshell supply-chain hit during the weekend of July 4th, 2021 against Kaseya VSA and multiple managed service providers.

Read Post

AT&T Cybersecurity

Read more about Cybersecurity experts are currently drowning in ransomware attacks

Redline Stealer

Aug 18, 2021 By Cyberint Research In Cyberint

First observed in 2020 and advertised on various cybercriminal forums as a 'Malware-as-a-Service' (MaaS) threat, Redline is an information stealer mainly targeting Windows' victim credentials and cryptocurrency wallets, as well as Browser information, FTP connections, game chat launchers, and OS information such as system hardware, processes names, time zone, IP, geolocation information, OS version, and default language.

Read Post

Cyberint

Read more about Redline Stealer

The Importance Of Trust In The Fight Against Ransomware

Aug 18, 2021 By JUMPSEC In JUMPSEC

The industry consensus today is that the only way to reliably end the threat of ransomware for good is to stop paying ransoms. Some have even gone so far as to suggest that they should be banned altogether. But because of a lack of public knowledge and transparency, it’s almost impossible to know the full scale of the problem to understand the right solution.

Read Post

JUMPSEC

Read more about The Importance Of Trust In The Fight Against Ransomware

Brain Break from Fal.Con for Public Sector: Wizard Spider Threat Intel Highlight

Aug 16, 2021 By CrowdStrike In CrowdStrike

Wizard Spider is a criminal group behind the core development and distribution of a sophisticated arsenal of criminal tools that allow them to run multiple different types of operations. This interview with Nina Padavil, Strategic Threat Advisor, CrowdStrike, and Robert Bruno, Commercial Illustrator, will highlight Wizard Spider’s targets, tactics and motivations. You don't have a malware problem, you have an adversary problem – stay ahead of the adversaries and learn more at the Adversary Universe.

View Video

CrowdStrike

Read more about Brain Break from Fal.Con for Public Sector: Wizard Spider Threat Intel Highlight

LockBit Ransomware hits again

Aug 15, 2021 By Cyberint Research In Cyberint

Launched in September 2019 and formerly known as 'ABCD', LockBit is a ransomware-as-a-service (RaaS) threat that was updated in June 2021 and improved on the group’s earlier claims of having the fastest encryption process on the ransomware scene (Figure 1). Much like other RaaS offerings, LockBit operates an affiliate profit sharing program in which up-to eighty percent of a ransom payment can be earned whilst the operators claim the remainder.

Read Post

Cyberint

Read more about LockBit Ransomware hits again

Are We Past Peak Ransomware? | Ep 23

Aug 13, 2021 By Tripwire In Tripwire

In this episode, Greg Wilson, CISO of Docupace, discussed the rise of ransomware during uncertain times (i.e. COVID pandemic), whether its here to stay, and how to prevent damage with security hygiene.

View Video

Tripwire

Read more about Are We Past Peak Ransomware? | Ep 23

Netskope Threat Coverage: LockBit

Aug 12, 2021 By Gustavo Palazolo In Netskope

LockBit Ransomware(a.k.a. ABCD) is yet another ransomware group operating in the RaaS(Ransomware-as-a-Service) model, following the same architecture as other major threat groups, like REvil. This threat emerged in September 2019 and is still being improved by its creators. In June 2021, the LockBit group announced the release of LockBit 2.0, which included a new website hosted on the deep web, as well as a new feature to encrypt Windows domains using group policy.

Read Post

Netskope

Read more about Netskope Threat Coverage: LockBit

IOC's identified to hunt Conti Ransomware

Aug 11, 2021 By Cyberint Research In Cyberint

Believed active since mid-2020, Conti is a big game hunter ransomware threat operated by a threat group identified as Wizard Spider and offer to affiliates as a ransomware-as-a-service (RaaS) offering. Following the lead of other big game hunter ransomware groups, Conti adopted the double extortion tactic, also known as 'steal, encrypt and leak', in order to apply additional pressure on victims to pay their ransom demands and avoid sensitive or confidential data being exposed.

Read Post

Cyberint

Read more about IOC's identified to hunt Conti Ransomware

Stories from the SOC - Sodinokibi Ransomware (REvil / BlueCrab)

Aug 10, 2021 By Ken Ng In AT&T Cybersecurity

There’s a saying that nothing can be certain, except death and taxes; in today’s cyber threat landscape, we can add ransomware to that short list. One of the AT&T Managed Threat Detection and Response customers almost had an incident at the crossroads of taxes and ransomware, but thanks to the SentinelOne advanced EDR platform, the attack was quickly detected and stopped automatically.

Read Post