Graham Cluley

MARCH 23, 2022

AvosLocker is a ransomware-as-a-service (RaaS) gang which first appeared in mid-2021. It has since become notorious for its attacks targeting critical infrastructure in the United States, including the sectors of financial services, critical manufacturing, and government facilities.

Ransomware 122

Ransomware Financial Services Manufacturing Government 122

Heimadal Security

MARCH 29, 2022

This group is a RaaS (Ransomware as a Service) group. SunCrypt doesn’t have a big affiliate program like other RaaS groups. The post SunCrypt Ransomware Still Alive in 2022 appeared first on Heimdal Security Blog. Instead, it has a small and private affiliate program.

Ransomware 111

Ransomware Cybersecurity 111

McAfee

NOVEMBER 7, 2021

In this blog, we take a deeper dive into a Game of Thrones power struggle among Ransomware-as-a-Service bad actors in 2022. Prediction: Self-reliant cybercrime groups will shift the balance of power within the RaaS eco-kingdom. . McAfee Enterprise and FireEye recently released its 2022 Threat Predictions.

Cybercrime 124

Cybercrime Ransomware Cyber threats Advertising 124

Heimadal Security

SEPTEMBER 16, 2022

Ransomware-as-a-Service (RaaS) group Hive claimed to be behind a cyberattack that hit Bell Technical Solutions (BTS), an independent subsidiary of Bell Canada with 4.500 employees, that specializes in Bell services across Ontario and Québec.

Ransomware 107

Ransomware Telecommunications Cybersecurity 107

Webroot

OCTOBER 25, 2023

This post covers highlights of our analysis, including the rise of ransomware as a service (RaaS), the six nastiest malware groups, and the role of artificial intelligence in both cybersecurity and cyberthreats. Their tactics have evolved significantly over the years, with ransomware now the malware of choice for cybercriminals.

Malware 89

Malware Artificial Intelligence Penetration Testing Ransomware 89

Heimadal Security

SEPTEMBER 30, 2022

Royal, a ransomware operation that launched in January 2022, is ramping up quickly, targeting corporations with ransom demands ranging from $250.000 to over $2 million. The group does not operate as a Ransomware-as-a-Service (RaaS), but instead, it’s operating as a private group without […].

Ransomware 95

Ransomware Cybersecurity 95

Heimadal Security

JUNE 15, 2022

ALPHV BlackCat is a RaaS, therefore the ALPHV BlackCat operators recruit affiliates to perform corporate breaches and encrypt devices. ALPHV ransomware executable is written in Rust, a programming language that, while not often used by malware creators, is gaining popularity because of its high efficiency and memory safety.

Ransomware 105

Ransomware Encryption Malware Cybersecurity 105

Security Affairs

APRIL 27, 2023

RTM ransomware-as-a-service (RaaS) started offering locker ransomware that targets Linux, NAS, and ESXi systems. The Uptycs threat research team discovered the first ransomware binary attributed to the RTM ransomware-as-a-service (RaaS) provider. Its initial access vector remains unknown.

Encryption 81

Encryption Ransomware Malware Education 81

Malwarebytes

OCTOBER 27, 2023

In a security blog about Octo Tempest Microsoft states: “Octo Tempest monetized their intrusions in 2022 by selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals to steal their cryptocurrency.” The service is used by criminal gangs called affiliates who actually carry out attacks.

Social Engineering 97

Social Engineering Engineering Ransomware Backups 97

Heimadal Security

JUNE 14, 2021

nuclear weapons contractor, has confirmed it has been affected by a cyberattack that specialists say came from the tenacious REvil aka Sodinokibi Ransomware-as-a-Service (RaaS) group and resulted in data theft. The post Nuclear Contractor Sol Oriens Hit by REvil Ransomware Attack appeared first on Heimdal Security Blog.

Ransomware 119

Ransomware Cybersecurity 119

Heimadal Security

FEBRUARY 7, 2022

BlackCat (alternatively referred to as ALPHV) is a relatively recent ransomware-as-a-service (RaaS) operation that was discovered in December 2021 and that is set apart by a variety of unique qualities that differentiates it from other ransomware campaigns. the owner and/or creator of malicious software) […].

Ransomware 85

Ransomware Architecture Software Cybersecurity 85

The Hacker News

SEPTEMBER 9, 2021

The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4.

Ransomware 103

Ransomware Technology 103

McAfee

SEPTEMBER 20, 2021

Microsoft is warning its users of a zero-day vulnerability in Windows 10 and versions of Windows Server that is being leveraged by remote, unauthenticated attackers to execute code on the target system using specifically crafted office documents. This vulnerability is being actively exploited and protections should be put into place to prevent that.

Ransomware 110

Ransomware Engineering Internet Internet 110

Heimadal Security

OCTOBER 1, 2021

What is Ryuk Ransomware? Widely known for targeting governments, academia, healthcare, manufacturing, and technology organizations’ cybersystems, Ryuk is a ransomware-as-a-service (RaaS) group that’s been active since August 2018. The operators behind Ryuk are known for running a private […].

Ransomware 98

Ransomware Manufacturing Healthcare Encryption 98

Heimadal Security

JULY 29, 2021

The rebranding to Grief ransomware comes following a period of little to no activity and it is still unclear if any of the original developers are still behind this ransomware-as-a-service (RaaS) operation. The post DoppelPaymer Gets a Rebranding appeared first on Heimdal Security Blog.

Ransomware 98

Ransomware Cybersecurity 98

The Last Watchdog

MAY 5, 2022

Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware 247

Ransomware Risk Internet Internet 247

McAfee

SEPTEMBER 9, 2021

These cybercriminals are happy to put aside previous Ransomware-as-a-Service hierarchies to focus on the ill-gotten gains to be made from controlling victim’s networks, rather than the previous approach which prioritized control of the ransomware itself. Cracks in the RaaS model. Introduction.

Marketing 138

Marketing Ransomware Cybercrime Accountability 138

Security Boulevard

NOVEMBER 10, 2023

As Ransomware-as-a-Service (RaaS) models evolve the threat landscape, initial access brokers (IABs) help threat actor groups selling ransomware by supplementing the malicious technology infrastructure with the access necessary to deploy the attack.

Cyber threats 69

Cyber threats Ransomware Technology Risk 69

Heimadal Security

MAY 10, 2021

Ransomware is old news. In fact, according to the FBI’s 2020 Internet Crime Report, the number of ransomware incidents continues to rise, with 2,474 incidents reported in 2020. It even has a name – Ransomware as a Service (RaaS). The term is […]. The term is […].

Ransomware 90

Ransomware Internet Internet Cybersecurity 90

Security Boulevard

JULY 11, 2021

Ransomware is an epidemic that adversely affects the lives of both individuals and large companies, where criminals demand payments to release infected digital assets. For instance, a dissatisfied employee might decide to partner up with a RaaS developer to effectively infect an organization from the inside and then splitting the profit.

Ransomware 119

Ransomware Software Encryption Risk 119

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. Previously, the UNC2165 actors also deployed the HADES ransomware.

Ransomware 124

Ransomware Cybercrime Malware Hacking 124

Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 107

Ransomware Cyber Attacks Manufacturing Healthcare 107

Heimadal Security

JUNE 14, 2021

Avaddon ransomware group made its appearance in 2019 for the first time, serving as a ransomware-as-a-service model (Raas) where 65% of ransomware for affiliates were negotiable, as stated in a report from eSentire. It seems that […]. It seems that […].

Ransomware 74

Ransomware Cybersecurity 74

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Heimadal Security

MAY 20, 2021

MountLocker is a Ransomware as a Service operation, RaaS, that started operating in July 2020. In the RaaS business model, the developers are in charge of programming the ransomware software and payment site, and in order to create revenue, affiliates are recruited to hack and encrypt devices belonging to businesses.

Ransomware 59

Ransomware Encryption Software Hacking 59

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 131

Ransomware Encryption Malware Cybercrime 131

Security Affairs

APRIL 27, 2023

Microsoft revealed that recent attacks against PaperCut servers aimed at distributing Cl0p and LockBit ransomware. The group is known to be an affiliate of the Clop ransomware RaaS affiliate, it has been linked to GoAnywhere attacks and Raspberry Robin infection.

Ransomware 78

Ransomware Education Media Malware 78

CyberSecurity Insiders

OCTOBER 14, 2021

This blog was written by an independent guest blogger. The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. Ransomware is then downloaded and the breach is underway. How do hackers use social engineering? OnePercent Group attacks.

Social Engineering 133

Social Engineering Ransomware Engineering Phishing 133

McAfee

OCTOBER 26, 2021

Ransomware, nation states, social media and the shifting reliance on a remote workforce made headlines in 2021. What cyber security threats should enterprises look out for in 2022? Lazarus Wants to Add You as a Friend. Nation States will weaponize social media to target more enterprise professionals. By Raj Samani. We love our social media.

Cybercrime 118

Cybercrime Ransomware Risk B2C 118

Heimadal Security

MARCH 10, 2021

SEPE, the Spanish government agency for labor systems were taken down following a ransomware attack. Ryuk is a ransomware-as-a-service (RaaS) group that’s been active since August 2018 and is known for running a private affiliate program. Ryuk is at the top of the RaaS […].

Government 52

Government Ransomware Cybersecurity 52

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 107

Healthcare Ransomware Encryption Passwords 107

Malwarebytes

MAY 5, 2022

After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang appears to be back. When REvil’s old Tor infrastructure came back to life in April, it was modified to redirect visitors to URLs owned by a new ransomware group. REvil ransomware: a brief look back.

Ransomware 77

Ransomware Encryption Accountability Software 77

Heimadal Security

MAY 17, 2021

After the XSS Russian-speaking hacking forum announced last week it had completely banned ransomware sales, ransomware rental, and ransomware affiliate programs on their platform, it’s now Exploit’s turn to make the same decision. Source Exploit stated that the […]. Source Exploit stated that the […].

Cybercrime 53

Cybercrime Ransomware Advertising Hacking 53

SC Magazine

FEBRUARY 18, 2021

this month cracked down on the Egregor ransomware gang, shutting down its leak website, seizing computers and arresting individuals who are allegedly linked to ransomware attacks that netted $80 million in illicit profits from more than 150 victimized companies. Law enforcement officials from Ukraine, France and the U.S.

Ransomware 108

Ransomware Cybercrime Media Cyber threats 108

Security Boulevard

JULY 18, 2023

With the rise of Ransomware-as-a-Service (RaaS), less sophisticated attackers have access to payloads and customer service representatives to help them deploy successful attacks. Every day that you prevent an attack is a good day.

Cyber threats 52

Cyber threats Technology Ransomware Risk 52

Duo's Security Blog

FEBRUARY 13, 2023

It just takes on lackadaisical click by an employee to install malware that results in ransomware. Ransomware has gone up 150% since the pandemic , and the U.S. government has deemed ransomware a form of cyber terrorism. What is ransomware? RaaS providers generally take a 20%-30% cut of the ransomware profit generated.

Ransomware 88

Ransomware Insurance Authentication Passwords 88

Thales Cloud Protection & Licensing

DECEMBER 13, 2023

Ransomware Sanctions: Do They Have Any Impact? madhav Thu, 12/14/2023 - 05:37 Ransomware is one of the most high-profile and high-value cybercrimes that organizations need to watch out for. Sanctions can be leveled against criminal organizations, individuals, or groups from certain countries in an effort to curb ransomware attacks.

Ransomware 78

Ransomware Encryption Backups Accountability 78