October 13, 2023 at 07:06AM AvosLocker ransomware gang has been linked to recent attacks on critical infrastructure sectors in the U.S. The gang uses legitimate software and open-source remote administration tools to compromise networks and exfiltrate data. AvosLocker leverages sophisticated techniques to avoid detection and affects Windows, Linux, and VMware environments. The attacks rely on … Read more
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software … Read more
October 12, 2023 at 04:59PM A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a malware associated with information theft, keylogging, cryptocurrency mining, and ransomware. The campaign targets organizations in the Americas, and the developer of DarkGate is advertising it on underground forums and leasing it out as a service … Read more
October 12, 2023 at 03:33PM Simpson Manufacturing has reported a cyberattack that caused disruptions to its IT infrastructure on Oct. 10. Some systems have been taken offline while the company investigates the nature and scope of the attack. Third-party cybersecurity experts have been enlisted to assist. Operations will be disrupted until the incident is resolved. … Read more
October 12, 2023 at 09:57AM The Everest ransomware group is seeking to recruit corporate insiders to gain access to corporate networks directly. The group is offering a percentage of the profits from successful attacks to those who assist in the initial intrusion, promising transparency and confidentiality. Everest is specifically targeting organizations in the US, Canada, … Read more
October 12, 2023 at 07:00AM Simpson Manufacturing Company has experienced a cyberattack that has caused disruptions to its IT infrastructure and applications. The company has taken steps to contain the attack and is working on responding to and addressing the issue. It is currently unclear if the attack involved ransomware. The construction industry is increasingly … Read more
October 11, 2023 at 05:08PM The BianLian extortion group claims to have stolen 210GB of data from Air Canada, including technical and operational information, employee personal data, vendor and supplier information, and confidential documents. The group has shared screenshots of the stolen data as proof. Air Canada has acknowledged the threats but has not confirmed … Read more
October 11, 2023 at 01:01PM Cyberattacks are on the rise, with a 38% increase in global incidents last year. Businesses need to focus on prevention and mitigation, which requires having plans in place. These plans include a business continuity plan, a crisis communications plan, and an incident response plan. It is crucial to align and … Read more
October 10, 2023 at 12:16PM North Korean APT groups have increased collaboration and coordination during the COVID-19 pandemic. The lines are blurring between individual groups, making it difficult to determine responsibility for specific threat activities. North Korean actors are diversifying attacks, sharing tools and code, and targeting the supply chain. Collaboration between defenders, governments, and … Read more
October 10, 2023 at 04:33AM A study conducted by Secureworks revealed that cyber attackers are now deploying ransomware within 24 hours of gaining initial access to a victim’s environment. In nearly two-thirds of cases, ransomware was deployed within a day, and in over 10% of incidents, it was deployed within five hours. This marks a … Read more