Malware

AMOS Infostealer, BiBi Wiper, FreeWorld Ransomware, and More: Hacker's Playbook Threat Coverage Round-up: November 2023

Nov 29, 2023 By Kaustubh Jagtap In SafeBreach

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including NoEscape ransomware, AvosLocker ransomware, and Retch ransomware, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

Read Post

SafeBreach

Read more about AMOS Infostealer, BiBi Wiper, FreeWorld Ransomware, and More: Hacker's Playbook Threat Coverage Round-up: November 2023

Webinar Replay: Q3 2023 Threat Landscape: Kroll Top 10 Malware Strains

Nov 28, 2023 By Kroll In Kroll

Kroll actively tracks malware command and control infrastructure, submissions to public sandboxes and active incident response (IR) and managed detection and response (MDR) case data to generate lists of the most active malware strains for comparison.

View Video

Kroll

Read more about Webinar Replay: Q3 2023 Threat Landscape: Kroll Top 10 Malware Strains

CISO Advisory Board Response to The State of Data Security: Securing an Uncertain Future

Nov 28, 2023 By Christopher Krebs In Rubrik

Rubrik Zero Labs’ recent study accentuated several hard truths we think are important and warrant a response from Rubrik’s CISO Advisory Board. First, let’s confirm what many of us have already discussed: It’s not fun to be a CISO right now. There’s an overwhelming amount of expectation—from the board to business unit owners—to figure out how to grow and use data, but also keep it secure, and figure out what happens when it’s not.

Read Post

Rubrik

Read more about CISO Advisory Board Response to The State of Data Security: Securing an Uncertain Future

Qlik Sense Exploited in Cactus Ransomware Campaign

Nov 28, 2023 By Stefan Hostetler, Markus Neis, Kyle Pagelow In Arctic Wolf

Arctic Wolf Labs has observed a new Cactus ransomware campaign which exploits publicly-exposed installations of Qlik Sense, a cloud analytics and business intelligence platform.[1] Based on available evidence, we assess that all vulnerabilities exploited were previously identified by researchers from Praetorian [2,3]. For more information on these vulnerabilities, see the advisories published by Qlik (CVE-2023-41266, CVE-2023-41265, and CVE-2023-48365) as well as our Security Bulletin.

Read Post

Arctic Wolf

Read more about Qlik Sense Exploited in Cactus Ransomware Campaign

Unlocking Cyber Resilience: Strategies from the 2023 Global Ransomware Trends Report

Nov 28, 2023 By Opti9 In Opti9

Recent findings from the 2023 Global Ransomware Trends Report, reveal a concerning uptick: 85% of organizations experienced a cyberattack in the past year, up from 76% the previous year. Understanding the nuances of defense and recovery becomes paramount as cyber threats escalate. Join us for this essential discussion based on insights from one of the most extensive independent studies to date, encompassing 1,200 organizations from 14 different countries. All these organizations have one thing in common – they’ve braved cyberattacks.

View Video

Opti9

Read more about Unlocking Cyber Resilience: Strategies from the 2023 Global Ransomware Trends Report

How To Recover From a Ransomware Attack

Nov 27, 2023 By Tim Tran In Keeper

If you’re the victim of a ransomware attack, there are no guarantees that you can recover your stolen data. The best you can do is mitigate the effects of the attack and remove the ransomware from your device. The steps to recover from a ransomware attack include isolating your device, removing the ransomware, restoring your backed-up data and changing any compromised login credentials.

Read Post

Keeper

Read more about How To Recover From a Ransomware Attack

Introducing VM Encryption Detection

Nov 27, 2023 By Rubrik In Rubrik

Cyber attacks on host virtual machines are on the rise! Are you prepared to detect and recover from VM encryption? Let us know what you’re doing to secure your VMs in the comments below! #shorts.

View Video

Rubrik

Read more about Introducing VM Encryption Detection

From Transparency to Coercion, Emerging Threat Actor Tactics

Nov 26, 2023 By Gemma Goldstein In Cyberint

“The evolving threat landscape” sounds like an overused clichè; however, marked shifts in threat actor tactics in the past year are evidence of widespread and brazen growth in confidence among threat actors. Evident in recent incidents, such as ALPHV, AKA Black Cat’s exploitation of legal avenues, and the emergence of “The Five Families” alliance, cybercriminals are stretching their levels of coordination and reach.

Read Post

Cyberint

Read more about From Transparency to Coercion, Emerging Threat Actor Tactics

Your Backup Data: An Untapped Source of Security Intelligence

Nov 21, 2023 By Vir Choksi In Rubrik

It goes without saying that organizations must back up their critical data to ensure business continuity in the event of cyber attacks, disasters, operational failures, or insider threats. But are passive backups enough in today’s environment of sophisticated cyber threats? Despite having backups and various security tools to monitor infrastructure, organizations remain vulnerable to attackers who are still managing to penetrate defenses.

Read Post

Rubrik

Read more about Your Backup Data: An Untapped Source of Security Intelligence

Lessons Learned From the Clark County School District Ransomware Attack

Nov 21, 2023 By Mike Eppes In Keeper

Clark County School District in Nevada, the fifth-largest school district in the United States, recently experienced a massive data breach. Threat actors gained access to the school district’s email servers, which exposed the sensitive data of over 200,000 students. The district is now facing a class-action lawsuit from parents, alleging it failed to protect sensitive personal information and take steps to prevent the cybersecurity attack.

Read Post