April 9, 2024 at 10:09AM The US government is offering bounties for information on ransomware gangs, but challenges remain in collecting information due to rigorous conditions and low payouts. Concerns are raised about the effectiveness of a criminal law enforcement approach in addressing ransomware attacks, compounded by the potential involvement of adversarial nations like Russia. … Read more
April 8, 2024 at 06:23PM Attackers target over 92,000 unpatched end-of-life D-Link NAS devices with a critical remote code execution vulnerability. Exploiting a hardcoded account and command injection flaw, threat actors deploy a Mirai malware variant to create botnets for large-scale DDoS attacks. D-Link has ceased support for these devices, advising owners to retire or … Read more
March 21, 2024 at 10:26AM Ransomware attacks are impacting organizations across all sectors, with recent high-profile incidents involving Change Healthcare and Veolia North America. These attacks have highlighted the need for lessons learned and strategies to limit ransomware risk, including enhancing email and endpoint security, properly encrypting sensitive data, establishing a solid backup strategy, and … Read more
March 18, 2024 at 06:45AM Moldovan national Sandu Boris Diaconu, 31, has been sentenced to 42 months in prison in the US for operating the illicit E-Root Marketplace, selling more than 350,000 compromised credentials. The marketplace facilitated the sale of stolen information, offering buyers access to victim computers and facilitating ransomware attacks and stolen identity … Read more
March 15, 2024 at 12:12PM Sandu Boris Diaconu, a Moldovan national, has been sentenced to 42 months in prison for operating E-Root, an online marketplace selling access to hacked computers globally. Faces supervised release and extradition, and has been linked to more than 350,000 credentials for sale, impacting global victims. The illicit platform facilitated cybercriminal … Read more
March 13, 2024 at 10:45AM Ransomware attacks on the healthcare sector continue and are unlikely to decrease due to the industry’s susceptibility to exploitation. The sector’s reliance on diverse OT devices controlled by IT systems over WiFi, coupled with challenges in patching and device management, poses a significant security risk. Segmentation is recommended to mitigate … Read more
March 11, 2024 at 11:45AM Recent disclosure of a critical TeamCity vulnerability, CVE-2024-27198, led to ransomware attacks after Rapid7 and JetBrains controversy. Rapid7 publicly detailed the vulnerabilities to ensure transparency, after JetBrains fixed them without informing Rapid7. Threat actors launched attacks soon after disclosure, with some servers compromised and files encrypted. JetBrains blamed Rapid7 for … Read more
March 7, 2024 at 07:56AM The FBI’s 2023 Internet Crime Report reveals a 22% increase in reported losses, totaling $12.5 billion, with 880,000 complaints submitted. People over 60 were the most vulnerable, and trends since 2019 show rising complaints and losses. Notably, BEC, investment fraud, and ransomware caused significant financial losses, totaling billions. IC3’s Recovery … Read more
March 4, 2024 at 12:36AM U.S. cybersecurity agencies have issued warnings about Phobos ransomware targeting government and critical infrastructure entities. The ransomware, operated as a service model, has targeted various sectors and has earned millions in ransom. The attackers use various tactics and have been actively targeting entities since May 2019, posing a significant ongoing … Read more
February 27, 2024 at 01:54PM Black Basta and Bl00dy ransomware gangs are targeting unpatched ScreenConnect servers with a critical vulnerability (CVE-2024-1709), allowing admin account creation and takeovers. Exploited since last Tuesday, alongside a path traversal vulnerability (CVE-2024-1708). CISA added CVE-2024-1709 to exploited vulnerabilities, with Trend Micro observing attacks and deployment of ransomware by the gangs. … Read more