New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

August 23, 2024 at 06:36AM Summary: A recent Qilin ransomware attack involved stealing credentials from Google Chrome browsers, using compromised VPN portal credentials, then editing the default domain policy to harvest credentials and erase evidence after exfiltrating them. Ransomware groups continue to evolve tactics, with Russian-speaking groups earning over $500 million from ransomware proceeds and … Read more

Six ransomware gangs behind over 50% of 2024 attacks

August 13, 2024 at 04:07PM LockBit 3.0 remains the most prominent ransomware gang in 2024, with 325 victims identified in the first half, followed by Play, 8base, Akira, BlackBasta, and Medusa. The report also highlights notable law enforcement takedowns of ransomware groups, leading to disruptions in the criminal ecosystem. It mentions the emergence of new … Read more

Using Threat Intelligence to Predict Potential Ransomware Attacks

July 18, 2024 at 04:03PM Ransomware Awareness Month in July raises awareness of ransomware as a top cyber threat. The recent attacks on CDK Global by the BlackSuit group demonstrate the severity, impacting 15,000 auto retailers. There’s been a 29% increase in ransomware attacks in Q1 2024, emphasizing the urgency for organizations to prioritize good … Read more

Ransomware crews investing in custom data stealing malware

July 10, 2024 at 06:08AM Ransomware groups are evolving beyond encrypting and demanding payments to stealing sensitive information with custom malware. Cisco Talos revealed key tactics and identified 14 prominent ransomware groups, emphasizing their unique goals and activities. These groups employ double-extortion tactics and offer bespoke malware for data exfiltration. They utilize social engineering and … Read more

LockBit dethroned as leading ransomware gang for first time post-takedown

May 22, 2024 at 07:03AM After the takedown of LockBit in February, rival gang Play has surpassed it in attacks, marking a shift after eight months of LockBit dominance. Law enforcement’s disruption claims seem validated as LockBit’s attacks drop significantly. Global ransomware activity decreased by 15% month-on-month, with North America and Europe remaining the top … Read more

FBI: Critical infrastructure menaced by spike in ransomware

March 6, 2024 at 03:55PM The FBI’s 2023 Internet Crime Complaint Center (IC3) report reveals over $12.5 billion in digital crime losses. With 880,418 complaints, representing a 10 percent increase, the monetary loss rose by 22 percent. Notably, only 15 percent of fraud victims report crimes, and ransomware infections and investment scams were prominent, with … Read more

Cyber Insights 2024: Ransomware

February 21, 2024 at 01:57PM SecurityWeek’s Cyber Insights annual series discusses major cybersecurity pain points, including the evolving CISO role and new SEC liability rules. Ransomware, a prevalent cyber extortion method, is anticipated to evolve with new tactics such as encryption-free extortion, AI-powered phishing, and politically motivated attacks. Ransomware-as-a-Service, zero-day vulnerabilities, and geopolitical tensions contribute … Read more

Ransomware payments reached record $1.1 billion in 2023

February 7, 2024 at 09:37AM In 2023, ransomware payments surpassed $1.1 billion, a record high, contrary to the previous decline in 2022. This increase was attributed to major attacks on institutions and infrastructure. Certain threat groups, like Clop, adopted a “big game hunting” strategy, targeting large organizations for substantial payments. Money laundering was done through … Read more

Ransomware payment rates drop to new low – only 29% of victims are forking over cash

January 31, 2024 at 02:20PM Ransomware payments dropped to 29% in Q4 2023, down from 85% in 2019. Coveware attributes the decline to increased awareness and reluctance to trust data kidnappers due to high-profile incidents where payments led to nothing. A payment ban is discouraged, with reporting requirements and changing victim incentives seen as more … Read more

Key Learnings from “Big Game” Ransomware Campaigns

October 26, 2023 at 12:21PM A recent report on crypto crime found that ransomware attacks are increasing in prevalence, targeting major industries such as casinos, manufacturing, retail, and technology. Organizations must take specific steps to address these attacks, including understanding the threat, identifying internal signs of attack, and strengthening infrastructure. Utilizing threat intelligence and effective … Read more