Sophisticated Social Engineering Campaign Linked to Black Basta Ransomware
Penetration Testing
MAY 13, 2024
Rapid7 analysts have uncovered a new, highly targeted social engineering campaign potentially linked to the Black Basta ransomware group.
This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.
Penetration Testing
MAY 13, 2024
Rapid7 analysts have uncovered a new, highly targeted social engineering campaign potentially linked to the Black Basta ransomware group.
Tech Republic Security
FEBRUARY 8, 2023
Ransomware was down last year, though LockBit led threat actors and employees opened a third of the toxic emails in the last six months of 2022. The post New cybersecurity data reveals persistent social engineering vulnerabilities appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Penetration Testing
MAY 15, 2024
Microsoft Threat Intelligence has uncovered a sophisticated ransomware campaign orchestrated by the cybercriminal group Storm-1811.
ZoneAlarm
SEPTEMBER 25, 2022
Throughout the hundreds … The post What Does Social Engineering Have to Do with Ransomware? So how is it possible that so many people and organizations continue to fall for whatever cybercriminals throw their way? appeared first on ZoneAlarm Security Blog.
Digital Shadows
MAY 15, 2024
"Black Basta" ransomware group uses new email spam and vishing to spread malware. Learn more about protective measures for your organization.
Malwarebytes
MAY 1, 2023
Both Staffin and his employer were victims of business email compromise (BEC) , also known as CEO fraud, a type of social engineering attack. Social engineering attacks are cyberattacks where a criminal tricks a victim into doing something against their interests, such as revealing sensitive information of making a bank transfer.
SecureWorld News
OCTOBER 3, 2023
And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.
The Hacker News
OCTOBER 11, 2022
The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. Primary targets of the latest
Bleeping Computer
AUGUST 10, 2022
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network. [.].
The Hacker News
MAY 15, 2024
The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks.
Krebs on Security
AUGUST 19, 2021
Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Abnormal Security documented how it tied the email back to a young man in Nigeria who acknowledged he was trying to save up money to help fund a new social network he is building called Sociogram. .”
Dark Reading
JUNE 6, 2023
Ransomware continues its runaway growth with median payments reaching $50,000 per incident.
CyberSecurity Insiders
MARCH 25, 2022
Note 1- CLOP Ransomware gang hacked into the systems of Morgan Stanley in July last year and the criminal gang stole personal information from the company servers through an Accellion software vulnerability, existing in Guidehouse, a third-party vendor related to the American Investment firm.
Security Affairs
OCTOBER 17, 2023
What is the impact of ransomware on organizations? Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack. One employee’s mistake can cost a company millions of dollars.
Digital Shadows
APRIL 16, 2024
Scattered Spider, notorious for ransomware attacks on global firms, excels in social engineering. Protect your organization with robust defense strategies.
Joseph Steinberg
APRIL 6, 2021
While ransomware may seem like a straightforward concept, people who are otherwise highly-knowledgeable seem to cite erroneous information about ransomware on a regular basis. As such, I would like to point out 8 essential points about ransomware. Many ransomware attacks are now targeted, rather than opportunistic.
SecureWorld News
SEPTEMBER 9, 2021
Business email compromise scheme and social engineering. Social engineering—in person—was the next part of the scheme. Those are some of the highlights, now let's look at a few specifics. Prosecutors say Ghaleb Alaumary, a native of Ontario Canada, confessed to two specific conspiracies. Too many do.
The Last Watchdog
APRIL 11, 2022
From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. Related: Tech solutions alone can’t stop ransomware. Put simply, ransomware attacks are on the rise because of profits. Why the stark increase? Low cost attacks.
Malwarebytes
FEBRUARY 6, 2024
Top of the list is “Big Game” ransomware, the most serious cyberthreat to businesses all around the world. The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV.
Bleeping Computer
NOVEMBER 12, 2021
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [.].
Malwarebytes
OCTOBER 11, 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
CyberSecurity Insiders
MAY 17, 2023
By Aaron Sandeen, CEO and co-founder at Securin In 2023, you can divide organizations into two categories: those who have been hit by a ransomware attack and those who will be soon. Ransomware is ubiquitous, inescapable, and—despite widespread efforts to combat it—ever-escalating. Ransomware doesn’t discriminate.
The Last Watchdog
NOVEMBER 19, 2023
That’s largely because the splashy headlines and online buzz created by bringing down the pair of casinos will only motivate more mid-level cybercriminals to follow Scattered Spiders’ model, putting wide-reaching businesses at risk of ransomware attacks due to the rise of ransomware-as-a-service models.
The Hacker News
NOVEMBER 17, 2021
Nation-state operators with nexus to Iran are increasingly turning to ransomware as a means of generating revenue and intentionally sabotaging their targets, while also engaging in patient and persistent social engineering campaigns and aggressive brute force attacks.
Threatpost
JUNE 3, 2022
Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'.
Malwarebytes
OCTOBER 27, 2023
Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier. .” Prevent intrusions.
Heimadal Security
SEPTEMBER 13, 2021
REvil ransomware has fully returned and is attacking new victims and publishing stolen files on a data leak site. As my colleague Elena explained in an article, Sodinokibi ransomware is a Ransomware-as-a-Service. The group uses a special social engineering move as the ones who spread the […].
Bleeping Computer
OCTOBER 26, 2023
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. [.]
Malwarebytes
JANUARY 25, 2024
The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. Reconnaissance and social engineering are specific fields where AI can be deployed. As we at Malwarebytes Labs have tested ourselves, ChatGPT can be used to write ransomware.
eSecurity Planet
AUGUST 23, 2021
Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source. Evolving Ransomware Scene. million ransomware attacks in the first six months of 2021, compared with 121.5 There were 304.7
Malwarebytes
SEPTEMBER 17, 2023
Some folks claimed the culprit was ransomware. Well, confirmation is now forthcoming as an affiliate of the BlackCat/ALPHV ransomware group is said to be the one responsible for the attack and subsequent outage. No ransomware was deployed prior to the initial take down of their infrastructure by their internal teams.
CyberSecurity Insiders
MAY 15, 2023
A new ransomware group dubbed RA Group has been hitting the news headlines for the past two weeks. Security researchers from Cisco Talos have discovered that the RA Group utilizes an encryptor previously seen in the source code of the Babuk Ransomware. It concerns a ransomware operation operating under the same name.
Security Boulevard
OCTOBER 15, 2021
The post Social Engineering Threats Rose 270% in 2021 – Indicating a Shift to Multi-Channel Phishing Attacks as Apps and Browsers Move to the Cloud first appeared on SlashNext.
The Last Watchdog
APRIL 2, 2024
It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Some 74 percent of cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.
Dark Reading
MAY 11, 2023
Attackers compromised the personal email of a new employee and, when the initial attack failed, attempted through socially engineered messages to get the company to pay them off.
The Last Watchdog
MAY 5, 2022
Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.
CyberSecurity Insiders
JULY 29, 2022
Hive Ransomware group has reportedly locked down a school from digital access and is demanding £500,000 to free up data from encryption. Coming to the other news, a recent study made by Palo Alto Networks states that ransomware groups are targeting companies operating in Real estate and finance sector the most, along with education sectors.
The Hacker News
JULY 30, 2021
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying ransomware on infected systems.
CompTIA on Cybersecurity
OCTOBER 26, 2023
Customers want providers to have real-time insights into cyber threats encompassing ransomware, social engineering, malware releases and other attacks.
The Hacker News
NOVEMBER 16, 2023
Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their
Tech Republic Security
MARCH 23, 2022
Using social engineering rather than traditional ransomware tactics, the Lapsus$ group has already hit multiple organizations, says Microsoft. The post Microsoft warns of destructive attacks by Lapsus$ cybercrime group appeared first on TechRepublic.
CyberSecurity Insiders
OCTOBER 14, 2021
The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email.
Tech Republic Security
MAY 21, 2020
Cyberattacks against hospitals and medical facilities have risen this year, often via ransomware and social engineering exploits, says IntSights.
Malwarebytes
OCTOBER 11, 2023
The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content