Sophisticated Social Engineering Campaign Linked to Black Basta Ransomware
Penetration Testing
MAY 13, 2024
Rapid7 analysts have uncovered a new, highly targeted social engineering campaign potentially linked to the Black Basta ransomware group.
New cybersecurity data reveals persistent social engineering vulnerabilities
Tech Republic Security
FEBRUARY 8, 2023
Ransomware was down last year, though LockBit led threat actors and employees opened a third of the toxic emails in the last six months of 2022. The post New cybersecurity data reveals persistent social engineering vulnerabilities appeared first on TechRepublic.
Join 29,000+
Insiders
Sign Up for our Newsletter
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Trending Sources
Storm-1811 Exploits Quick Assist for Social Engineering, Paving Way for Black Basta Ransomware
Penetration Testing
MAY 15, 2024
Microsoft Threat Intelligence has uncovered a sophisticated ransomware campaign orchestrated by the cybercriminal group Storm-1811.
What Does Social Engineering Have to Do with Ransomware?
ZoneAlarm
SEPTEMBER 25, 2022
Throughout the hundreds … The post What Does Social Engineering Have to Do with Ransomware? So how is it possible that so many people and organizations continue to fall for whatever cybercriminals throw their way? appeared first on ZoneAlarm Security Blog.
New Black Basta Social Engineering Scheme
Digital Shadows
MAY 15, 2024
"Black Basta" ransomware group uses new email spam and vishing to spread malware. Learn more about protective measures for your organization.
How to protect your small business from social engineering
Malwarebytes
MAY 1, 2023
Both Staffin and his employer were victims of business email compromise (BEC) , also known as CEO fraud, a type of social engineering attack. Social engineering attacks are cyberattacks where a criminal tricks a victim into doing something against their interests, such as revealing sensitive information of making a bank transfer.
Social Engineering 2.0: The Rise of Deepfake Phishing
SecureWorld News
OCTOBER 3, 2023
And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.
BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics
The Hacker News
OCTOBER 11, 2022
The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. Primary targets of the latest
Ransomware gangs move to 'callback' social engineering attacks
Bleeping Computer
AUGUST 10, 2022
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network. [.].
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
The Hacker News
MAY 15, 2024
The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks.
Wanted: Disgruntled Employees to Deploy Ransomware
Krebs on Security
AUGUST 19, 2021
Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Abnormal Security documented how it tied the email back to a young man in Nigeria who acknowledged he was trying to save up money to help fund a new social network he is building called Sociogram. .”
Ransomware 
359
359 
Verizon DBIR: Social Engineering Breaches Double, Leading to Spiraling Ransomware Costs
Dark Reading
JUNE 6, 2023
Ransomware continues its runaway growth with median payments reaching $50,000 per incident.
Morgan Stanley data breach details via social engineering attack
CyberSecurity Insiders
MARCH 25, 2022
Note 1- CLOP Ransomware gang hacked into the systems of Morgan Stanley in July last year and the criminal gang stole personal information from the company servers through an Accellion software vulnerability, existing in Guidehouse, a third-party vendor related to the American Investment firm.
Ransomware realities in 2023: one employee mistake can cost a company millions
Security Affairs
OCTOBER 17, 2023
What is the impact of ransomware on organizations? Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack. One employee’s mistake can cost a company millions of dollars.
What Is Scattered Spider?
Digital Shadows
APRIL 16, 2024
Scattered Spider, notorious for ransomware attacks on global firms, excels in social engineering. Protect your organization with robust defense strategies.
Ransomware: 8 Things That You Must Know
Joseph Steinberg
APRIL 6, 2021
While ransomware may seem like a straightforward concept, people who are otherwise highly-knowledgeable seem to cite erroneous information about ransomware on a regular basis. As such, I would like to point out 8 essential points about ransomware. Many ransomware attacks are now targeted, rather than opportunistic.
Ransomware 288
288 
Mastermind: Social Engineering, BEC Attacks, Millions in Cash and Crypto
SecureWorld News
SEPTEMBER 9, 2021
Business email compromise scheme and social engineering. Social engineering—in person—was the next part of the scheme. Those are some of the highlights, now let's look at a few specifics. Prosecutors say Ghaleb Alaumary, a native of Ontario Canada, confessed to two specific conspiracies. Too many do.
GUEST ESSAY: Defending ransomware boils down to this: make it very costly for cybercriminals
The Last Watchdog
APRIL 11, 2022
From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. Related: Tech solutions alone can’t stop ransomware. Put simply, ransomware attacks are on the rise because of profits. Why the stark increase? Low cost attacks.
Ransomware 235
235 
Known ransomware attacks up 68% in 2023
Malwarebytes
FEBRUARY 6, 2024
Top of the list is “Big Game” ransomware, the most serious cyberthreat to businesses all around the world. The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV.
Ransomware 107
107 
FTC shares ransomware defense tips for small US businesses
Bleeping Computer
NOVEMBER 12, 2021
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [.].
Ransomware review: October 2023
Malwarebytes
OCTOBER 11, 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
Ransomware 120
120 
The Top 4 Ransomware Vulnerabilities Putting your Company in Danger
CyberSecurity Insiders
MAY 17, 2023
By Aaron Sandeen, CEO and co-founder at Securin In 2023, you can divide organizations into two categories: those who have been hit by a ransomware attack and those who will be soon. Ransomware is ubiquitous, inescapable, and—despite widespread efforts to combat it—ever-escalating. Ransomware doesn’t discriminate.
Ransomware 118
118 
GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas
The Last Watchdog
NOVEMBER 19, 2023
That’s largely because the splashy headlines and online buzz created by bringing down the pair of casinos will only motivate more mid-level cybercriminals to follow Scattered Spiders’ model, putting wide-reaching businesses at risk of ransomware attacks due to the rise of ransomware-as-a-service models.
Microsoft Warns about 6 Iranian Hacking Groups Turning to Ransomware
The Hacker News
NOVEMBER 17, 2021
Nation-state operators with nexus to Iran are increasingly turning to ransomware as a means of generating revenue and intentionally sabotaging their targets, while also engaging in patient and persistent social engineering campaigns and aggressive brute force attacks.
Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again
Threatpost
JUNE 3, 2022
Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'.
Octo Tempest cybercriminal group is "a growing concern"—Microsoft
Malwarebytes
OCTOBER 27, 2023
Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier. .” Prevent intrusions.
REvil Ransomware Has Returned
Heimadal Security
SEPTEMBER 13, 2021
REvil ransomware has fully returned and is attacking new victims and publishing stolen files on a data leak site. As my colleague Elena explained in an article, Sodinokibi ransomware is a Ransomware-as-a-Service. The group uses a special social engineering move as the ones who spread the […].
Ransomware 91
91 
Microsoft: Octo Tempest is one of the most dangerous financial hacking groups
Bleeping Computer
OCTOBER 26, 2023
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. [.]
AI likely to boost ransomware, warns government body
Malwarebytes
JANUARY 25, 2024
The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. Reconnaissance and social engineering are specific fields where AI can be deployed. As we at Malwarebytes Labs have tested ourselves, ChatGPT can be used to write ransomware.
Ransomware 83
83 
Ransomware Groups Look for Inside Help
eSecurity Planet
AUGUST 23, 2021
Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source. Evolving Ransomware Scene. million ransomware attacks in the first six months of 2021, compared with 121.5 There were 304.7
Ransomware 127
127 
Ransomware group steps up, issues statement over MGM Resorts compromise
Malwarebytes
SEPTEMBER 17, 2023
Some folks claimed the culprit was ransomware. Well, confirmation is now forthcoming as an affiliate of the BlackCat/ALPHV ransomware group is said to be the one responsible for the attack and subsequent outage. No ransomware was deployed prior to the initial take down of their infrastructure by their internal teams.
Ransomware 129
129 
Ransomware News Headlines Trending on Google
CyberSecurity Insiders
MAY 15, 2023
A new ransomware group dubbed RA Group has been hitting the news headlines for the past two weeks. Security researchers from Cisco Talos have discovered that the RA Group utilizes an encryptor previously seen in the source code of the Babuk Ransomware. It concerns a ransomware operation operating under the same name.
Ransomware 100
100 
Social Engineering Threats Rose 270% in 2021 – Indicating a Shift to Multi-Channel Phishing Attacks as Apps and Browsers Move to the Cloud
Security Boulevard
OCTOBER 15, 2021
The post Social Engineering Threats Rose 270% in 2021 – Indicating a Shift to Multi-Channel Phishing Attacks as Apps and Browsers Move to the Cloud first appeared on SlashNext.
MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era
The Last Watchdog
APRIL 2, 2024
It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Some 74 percent of cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.
Dragos Employee Hacked, Revealing Ransomware, Extortion Scheme
Dark Reading
MAY 11, 2023
Attackers compromised the personal email of a new employee and, when the initial attack failed, attempted through socially engineered messages to get the company to pay them off.
GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks
The Last Watchdog
MAY 5, 2022
Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.
Risk 247
247 
Hive Ransomware group demands £500000 from School in England
CyberSecurity Insiders
JULY 29, 2022
Hive Ransomware group has reportedly locked down a school from digital access and is demanding £500,000 to free up data from encryption. Coming to the other news, a recent study made by Palo Alto Networks states that ransomware groups are targeting companies operating in Real estate and finance sector the most, along with education sectors.
Ransomware 122
122 
Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers
The Hacker News
JULY 30, 2021
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying ransomware on infected systems.
State of Cybersecurity 2024: Filling Skills Gap Should Be Priority for MSPs
CompTIA on Cybersecurity
OCTOBER 26, 2023
Customers want providers to have real-time insights into cyber threats encompassing ransomware, social engineering, malware releases and other attacks.
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
The Hacker News
NOVEMBER 16, 2023
Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their
Microsoft warns of destructive attacks by Lapsus$ cybercrime group
Tech Republic Security
MARCH 23, 2022
Using social engineering rather than traditional ransomware tactics, the Lapsus$ group has already hit multiple organizations, says Microsoft. The post Microsoft warns of destructive attacks by Lapsus$ cybercrime group appeared first on TechRepublic.
Cybercrime 150
150 
FBI warns of ransomware gang – What you need to know about the OnePercent group
CyberSecurity Insiders
OCTOBER 14, 2021
The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email.
How healthcare organizations can combat cyberattacks during the coronavirus
Tech Republic Security
MAY 21, 2020
Cyberattacks against hospitals and medical facilities have risen this year, often via ransomware and social engineering exploits, says IntSights.
Giant health insurer struck by ransomware didn't have antivirus protection
Malwarebytes
OCTOBER 11, 2023
The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.
Antivirus 106
106 
Let's personalize your content