Security Affairs

APRIL 10, 2023

.” DEV-1084 presented itself as cybercrime group likely as an attempt to hide its real motivation of a nation-state actor. Both groups used MULLVAD VPN. The attackers were able to interfere with security tools using Group Policy Objects (GPO). DEV-1084 used Rport and a customized version of Ligolo.

Ransomware 86

Ransomware Cybercrime VPN Education 86

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. ru , a site which marketed dedicated Web servers to individuals involved in various cybercrime projects. Vpn-service[.]us

Ransomware 260

Ransomware Accountability Cybercrime Passwords 260

eSecurity Planet

AUGUST 23, 2021

“Historically, ransomware has been delivered via email attachments or, more recently, using direct network access obtained through things like unsecure VPN accounts for software vulnerabilities,” Crane Hassold, director of threat intelligence at Abnormal Security, wrote in a blog post.

Ransomware 124

Ransomware Social Engineering Engineering VPN 124

SecureList

APRIL 27, 2021

On February 24, the National Security Defense Council of Ukraine (NSDC) publicly warned that a threat actor had exploited a national documents circulation system (SEI EB) to distribute malicious documents to Ukrainian public authorities. In November and December 2020, two public blog posts were published about this campaign.

Malware 142

Malware Spyware Government Social Engineering 142