Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

foresiet

Busting the SugarLocker Syndicate: Syndicate's Secrets and Takedown Tactics

Feb 28, 2024 By Foresiet In Foresiet
Sugarlocker Summary On February 23, 2022, the operator linked to the SugarLocker ransomware, utilizing the pseudonym "gustavedore," was conspicuously seeking new partnerships on the Dark Web. SugarLocker operates through a highly flexible Ransomware-as-a-Service (RaaS) framework, facilitating extensive customization for its users in the clandestine corners of the Dark Web.
Read Post
bitsight

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Feb 27, 2024 By André Tavares In BitSight
Since July 2022, Bitsight has been tracking PrivateLoader, the widespread malware downloader behind the Russian Pay-Per-Install (PPI) service called InstallsKey. At the time, this malware was powering the now decommissioned ruzki PPI service. Figure 1 presents a brief description of the service, which was found in their sales telegram channel. Fig. 1 - Service description on telegram channel profile (Russian and English).
Read Post
knowbe4

Annual Ransomware Payments Surpass $1 Billion

Feb 27, 2024 By Stu Sjouwerman In KnowBe4
For the first time, analysis of ransomware payments made in a single year tops $1,000,000,000. This signals a massive return to more frequent, sophisticated, and successful attacks. Each year, blockchain analysis company, Chainalysis, reports on ransomware payments based on the payments made to digital wallets known to belong to cybercriminals and cybercriminal gangs.
Read Post
Razorthorn

The Billion Dollar Cost of Cybercrime: Lessons from the LockBit Takedown

Feb 27, 2024 By James Rees In Razorthorn
The recent LockBit group take down has shown the world at large the cost of cybercrime. Initially it was reported that just over $100 million had been gathered through the nefarious acts of this particular group but, as I suspected, that initial figure was just a drop in the ocean. It turns out that the real figure was in excess of $1 billion dollars over the last four years, and I still suspect this may be more.
Read Post
splunk

Unveiling Phemedrone Stealer: Threat Analysis and Detections

Feb 27, 2024 By Teoderick Contreras In Splunk
Recently, the cybersecurity world has been abuzz with discussions about Phemedrone, a newly emerged stealer exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. The project was most recently available on GitHub; however, the project was taken down, and the associated account was removed. Active development still occurs via Telegram.
Read Post

The 443 Podcast - Episode 281 - Locking Up LockBit

Feb 26, 2024 By WatchGuard In WatchGuard
This week on the podcast, we cover an international law enforcement takedown of the LokBit ransomware group's infrastructure. After that, we cover a novel malware delivery vector involving an IoT "toy." We end the podcast by covering the latest White House Executive Order addressing cybersecurity in critical infrastructure. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.