Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

knowbe4

"Unknown" Initial Attack Vectors Continue to Grow and Plague Ransomware Attacks

May 14, 2024 By Stu Sjouwerman In KnowBe4
Trend analysis of ransomware attacks in the first quarter of this year reveals a continual increase in the number of "unknown" initial attack vectors, and I think I might understand why. There are two reports that you should be keeping an eye on—the updated Verizon Data Breach Report and ransomware response vendor Coveware’s Quarterly Ransomware Reports. In their latest report covering Q1 of this year, we see a continuing upward trend in “unknown” as the top initial attack vector.
Read Post
knowbe4

[Beware] Ransomware Targets Execs' Kids to Coerce Payouts

May 13, 2024 By Stu Sjouwerman In KnowBe4
Just when you think bad actors cannot sink any lower, they find a way to. In a recent chilling evolution of ransomware tactics, attackers are now also targeting the families of corporate executives to force compliance and payment. Mandiant's Chief Technology Officer, Charles Carmakal, highlighted this disturbing trend at RSA last week: criminals engaging in SIM swapping attacks against executives' children.
Read Post
safebreach

SafeBreach Coverage for AA24-131A (Black Basta Ransomware)

May 13, 2024 By Kaustubh Jagtap In SafeBreach
On May10th, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC) issued an urgent advisory about malicious threat activity involving the Black Basta ransomware variant. Detailed information about these threats and the associated IOCs and TTPs can be seen on #StopRansomware: Black Basta.
Read Post

ESXi Ransomware: Trends, Logging, and Detection | Threat SnapShot

May 11, 2024 By SnapAttack In SnapAttack
Since 2021, ransomware groups have set their sights on VMware ESXi hypervisors, with the SEXi variant, emerging in 2024, being the most recent threat. The Babuk Locker was one of the first to target ESXi, and its leaked source code enabled other strains like ESXiArgs, BlackBasta, and Clop to develop customized variants terminating VMs and encrypting data on ESXi servers. While employing similar tactics like exploiting vulnerabilities and encrypting VM files, these ESXi-focused ransomware exhibit patterns that provide detection opportunities across the board. By analyzing past attacks, we can better prepare for future threats targeting our virtualization environments. Join the SnapAttack community to access in-depth detection content covered in this video and stay ahead of evolving ransomware targeting ESXi.
View Video
knowbe4

Phishing-as-a-Service Platform LabHost Disrupted by Law Enforcement Crackdown

May 10, 2024 By Stu Sjouwerman In KnowBe4
One of the largest phishing-as-a-service platforms, LabHost, was severely disrupted by law enforcement in 19 countries during a year-long operation that resulted in 37 arrests. According to a recent Europol announcement, the folks behind the LabHost Phishing as a Service (PhaaS) platform were arrested last month. In a coordinated search over three days, 37 suspects were apprehended, disrupting the well-known service.
Read Post
knowbe4

[Must Read] How Boeing Battled a Whopping $200M Ransomware Demand

May 10, 2024 By Stu Sjouwerman In KnowBe4
Boeing recently confirmed that in October 2023, it fell victim to an attack by the LockBit ransomware gang, which disrupted some of its parts and distribution operations. The attackers demanded a whopping $200 million not to release the data they had exfiltrated. On Wednesday, Boeing admitted it was the company described as the "multinational aeronautical and defense corporation headquartered in Virginia" in a recently unsealed U.S. Department of Justice indictment.
Read Post
securitysenses

Top 4 Network Security Risks

May 9, 2024 By SecuritySenses In SecuritySenses
Network security integrates different processes, devices, and technologies into a broad plan that safeguards your computer networks' integrity, accessibility, and confidentiality. It keeps your networking infrastructure safe from malicious acts like manipulation and unauthorized access. Network security risks allow malicious actors to cause significant damage to your network while exposing your company's sensitive data. Discussed below are the top four network security risks.
Read Post
knowbe4

9 in 10 Organizations Paid At least One Ransom Last Year

May 8, 2024 By Stu Sjouwerman In KnowBe4
New analysis of cyber attacks shows ransomware attacks are running far more rampant than previously thought, with half of organizations blaming poor cyber hygiene. After last year’s shocking stat that 70% of organizations pay the ransom, it’s really surprising to see that an even greater percentage (91%) have paid a ransom at least once in the last 12 months – this according to Extrahop’s 2024 Global Cyber Confidence Index.
Read Post
cyberint

All About That 8Base Ransomware Group: The Details

May 8, 2024 By Adi Bleih In Cyberint
First Publishied Nov 6th 2023 Updated May 9th 2024 Last seen on this month, 8Base is a ransomware collective that initiated its operations in April 2022. Despite its relatively short time in the cyber landscape, the group has swiftly garnered a reputation for its forceful strategies and the substantial volume of victims it has affected.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.