#RansomwareProtection

Cloud Ransomware Flexes Fresh Scripts Against Web Apps

by

November 14, 2024 at 12:48PM Cloud-targeting ransomware is shifting focus to unprotected web applications, particularly PHP, exploiting vulnerabilities to encrypt data. New scripts, like “Pandora,” use advanced tactics for attack and data exfiltration. Protecting against these threats requires assessing cloud environments, managing permissions, and enforcing strong identity management practices, including MFA. ### Takeaways from the … Read more

5 BCDR Oversights That Leave You Exposed to Ransomware

by

November 14, 2024 at 07:15AM Ransomware poses a significant threat to businesses, with increasing sophistication and frequency of attacks. Organizations must implement effective backup and disaster recovery (DR) strategies, focusing on data audits, system resilience, and comprehensive recovery testing. Common oversights leave businesses vulnerable, necessitating robust solutions like Unitrends Unified Backup for enhanced protection against … Read more

Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz

by

November 8, 2024 at 12:05PM Recent research indicates that cybercriminals are targeting Australians interested in Bengal cats using Gootloader malware. By optimizing search results related to Bengal cat legality, they trick users into downloading malicious files. Sophos warns of rising attacks utilizing this method, urging users to be cautious of suspicious links and downloads. **Meeting … Read more

Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data

by

November 5, 2024 at 02:48AM Golang ransomware abuses Amazon S3 Transfer Acceleration to exfiltrate victim files to attacker-controlled buckets, leveraging hard-coded AWS credentials. It disguises itself as LockBit ransomware to manipulate victims. AWS confirmed that this activity violates their policy, leading to account suspensions, highlighting the importance of monitoring cloud security. ### Key Takeaways from … Read more

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA

by

October 24, 2024 at 07:38AM The article emphasizes the urgent need for organizations to adopt phishing-resistant multifactor authentication (MFA) as ransomware payments soar, with an average increase of 500%. Legacy MFA systems prove inadequate against evolving cyber threats fueled by Generative AI. Implementing advanced, biometric-based solutions is essential to combat this growing risk. ### Meeting … Read more

Avast Releases Free Decryptor for Mallox Ransomware

by

October 23, 2024 at 10:07AM Avast has launched a free decryptor for the Mallox ransomware following the discovery of a vulnerability in its cryptographic system. **Meeting Takeaways:** 1. **Release Announcement**: Avast has launched a free decryptor specifically for the Mallox ransomware. 2. **Reason for Release**: The decryptor was developed after Avast identified a vulnerability in … Read more

Akira ransomware is encrypting victims again following pure extortion fling

by

October 22, 2024 at 11:36AM Akira ransomware is returning to traditional encryption tactics after a hiatus from double extortion. Researchers note a shift towards operational efficiency and tactical adaptability, suspecting the development of a new encryptor. Akira targets vulnerabilities, particularly on ESXi and Linux systems, leveraging compromised credentials and phishing techniques to exploit networks. ### … Read more

SolarWinds Web Help Desk flaw is now exploited in attacks

by

October 16, 2024 at 03:57PM CISA added three vulnerabilities to its ‘Known Exploited Vulnerabilities’ catalog, including a critical SolarWinds flaw (CVE-2024-28987) due to hardcoded credentials, actively exploited by attackers. Federal agencies must update by November 5, 2024. Additional flaws in Windows and Mozilla Firefox are also noted, with active exploitation confirmed. ### Meeting Takeaways 1. … Read more

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

by

October 15, 2024 at 10:55AM Cyber threats targeting the 2024 US elections are escalating, with phishing kits, malicious domains, and ransomware attacks on the rise. Cybercriminals are leveraging AI and personal data to spread misinformation and undermine public trust. Vigilance and strong cybersecurity measures are crucial for stakeholders to protect the election process. **Meeting Takeaways … Read more

Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly

by

October 14, 2024 at 04:15PM Microsoft’s report highlights the rising cybersecurity risks faced by K-12 and higher education institutions, often targeted due to their valuable private data. Challenges include limited security staffing, vulnerable IT systems, and young users’ lack of cybersecurity awareness. Effective protective measures include enhancing cyber hygiene and centralized technology monitoring. ### Meeting … Read more