2019, Cybercrime, Encryption and System Administration

2019

Cybercrime

Encryption

System Administration

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. “The command requires Windows system administrators,” Truniger’s ads explained. “Experience in backup, increase privileges, mikicatz, network.

Ransomware

Ransomware Accountability Cybercrime Backups

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. Hladyr also controlled the organization’s encrypted channels of communication.”

System Administration

System Administration Penetration Testing Malware Banking

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

Their operations are based on the human operator ransomware practice where most of the intrusion is handled by hands-on keyboard criminals, even in the encryption stage. The Makop criminals were recently using version 2.5.3869 of the tool, which dates back to 2019. Advanced_Port_Scanner_2.5.3869.exe

Ransomware

Ransomware Software System Administration Encryption

FIN7 sysadmin behind “billions in damage” gets 10 years

Malwarebytes

APRIL 20, 2021

In 2018 three high-ranking members of a sophisticated international cybercrime group operating out of Eastern Europe were arrested and taken into custody by US authorities. Hladyr also controlled the organization’s encrypted channels of communication. The conviction. According to acting US Attorney Tessa M.

System Administration

System Administration Banking Malware Penetration Testing

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software used to manage and monitor customers’ infrastructure. Consequently, it makes sense for them to encrypt the compromised networks and demand a ransom to restore them.

Ransomware

Ransomware Encryption Cryptocurrency System Administration

Ransomware Gangs and the Name Game Distraction

Krebs on Security

AUGUST 5, 2021

Reinvention is a basic survival skill in the cybercrime business. But a little more than a month later, a new ransomware affiliate program called BlackMatter emerged, and experts quickly determined BlackMatter was using the same unique encryption methods that DarkSide had used in their attacks.

Ransomware

Ransomware Cybercrime Malware System Administration

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

The final payload is a remote administration tool that provides full control over the victim machine to its operators. Communication with the server can take place either over raw TCP sockets encrypted with RC4, or via HTTPS. The ransomware supports two encryption modes: one generated dynamically and one using a hardcoded key.

Ransomware

Ransomware Malware Banking Encryption

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. Bots “public-key” and “private-key” are randomly generated at process startup time.

Malware

Malware Social Engineering Encryption Marketing

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Brian Krebs | @briankrebs.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

.” I wrote about the pending Cyber Security Enhancement Act of 2002 (CSEA) and said: “ The problem with this legislation is that it's often very difficult to determine who is responsible for any given cybercrime. Who is responsible? Is it the hospital, which should have had a power backup? And they were gone like the first day.

Hacking

Hacking Technology InfoSec Media

Cyber Security Informer

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

A Closer Look at the Snatch Data Ransom Group

Trending Sources

A member of the FIN7 group was sentenced to 10 years in prison

Dissecting the malicious arsenal of the Makop ransomware gang

FIN7 sysadmin behind “billions in damage” gets 10 years

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Ransomware Gangs and the Name Game Distraction

IT threat evolution Q2 2021

Updates from the MaaS: new threats delivered through NullMixer

Top Cybersecurity Accounts to Follow on Twitter

The Hacker Mind Podcast: Ethical Hacking

Stay Connected