#RansomwareDefense

New Eldorado ransomware targets Windows, VMware ESXi VMs

by

July 5, 2024 at 11:57AM A new ransomware-as-a-service (RaaS) called Eldorado has emerged, targeting both Windows and Linux platforms. The ransomware aims to encrypt files and extort victims. Group-IB researchers have noted the malware’s capabilities and provided defense recommendations, including implementing multi-factor authentication, utilizing endpoint detection, taking regular backups, educating employees, and refraining from paying … Read more

Ransomware thieves beware

by

June 25, 2024 at 05:23AM Summary: Ransomware attacks have become a major concern for businesses, with a rise in targeted attacks on backup storage. Object First, in collaboration with Veeam, offers a Zero Trust Data Resilience framework, featuring immutable backup storage and end-to-end encryption to protect against ransomware threats. The solution enhances data protection and … Read more

TellYouthePass Ransomware Group Exploits Critical PHP Flaw

by

June 12, 2024 at 11:50AM TellYouThePass, a ransomware group, is targeting businesses and individuals using open source Web development languages, exploiting a critical PHP vulnerability (CVE-2024-4577) for remote code execution. This allows them to execute arbitrary code on vulnerable servers, posing significant risks. They also use various attack techniques and exploit known vulnerabilities such as … Read more

Virtual Event Today: Threat Detection and Incident Response (TDIR) Summit

by

May 22, 2024 at 07:42AM SecurityWeek’s TDIR Summit on May 22nd is a virtual event focusing on post-incident forensics and tools for combating malware and ransomware attacks. The agenda includes sessions on topics like fortifying cyber defense, ransomware preparedness, and AI-driven malware detection. The event also features demos, resources, and a virtual expo hall. Based … Read more

Windows Quick Assist Anchors Black Basta Ransomware Gambit

by

May 16, 2024 at 09:38AM Microsoft Threat Intelligence revealed that a financially motivated threat actor, Storm-1811, is conducting a vishing campaign using Quick Assist for remote access, posing as trusted contacts. The attacker delivers Black Basta ransomware and additional malware through various means, emphasizing the need for vigilance and user education to combat social engineering … Read more

CISA boss: Secure code is the ‘only way to make ransomware a shocking anomaly’

by

May 8, 2024 at 12:08PM CISA director Jen Easterly stressed the need to improve software security to combat ransomware attacks in critical infrastructure. She urged collective efforts and highlighted the government’s role in pushing for more secure technology. Chris Krebs emphasized the potential levers to enhance technology security, including voluntary efforts, litigation, regulatory action, and … Read more

CISA’s early-warning system helped critical orgs close 852 ransomware holes

by

May 7, 2024 at 04:11PM CISA is launching a Ransomware Vulnerability Warning Pilot program to help healthcare, schools, and critical infrastructure organizations address security flaws exploited by ransomware groups. The system sent 1,754 notifications in its first year, resulting in 49% of organizations taking action. The program is set to become a fully automated warning … Read more

Mimic Launches With New Ransomeware Defense Platform

by

May 3, 2024 at 08:25AM Mimic, a new ransomware defense company, aims to detect, deflect, and recover from ransomware attacks. The software-as-a-service platform can restore an organization’s data within 24 hours without paying a ransom. Backed by industry experts and having secured $27 million in funding, Mimic’s platform works in tandem with existing security controls. … Read more

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

by

May 2, 2024 at 08:45AM Ukrainian national Yaroslav Vasinskyi, also known as Rabotnik, has been sentenced to over 13 years in prison and ordered to pay $16 million in restitution for his involvement in over 2,500 ransomware attacks, part of the REvil group. The attacks saw demands exceeding $700 million in cryptocurrency. Vasinskyi was extradited … Read more

Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit 

by

April 16, 2024 at 12:54PM Join the one-day virtual summit focusing on ransomware attacks and preparing your organization for defense and recovery. Sessions cover battling ransomware before it strikes, building zero trust resilience, demystifying modern ransomware tradecraft, improving preparedness plans, and radical resilience. Register to access all sessions, networking, expo, resources, and more. Sponsored by … Read more