Cyber Security Informer

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. Google TAG researchers reported that the same group, tracked as Zinc ,” also targeted security researchers in past campaigns.

Malware

Malware Phishing Antivirus Hacking

Lab Walkthrough?—?The WannaCry Ransomware

Pentester Academy

FEBRUARY 23, 2023

Lab Walkthrough — The WannaCry Ransomware In our lab walkthrough series, we go through selected lab exercises on our INE Platform. Introduction In May 2017, a worldwide ransomware attack infamously known as WannaCry was set in motion. Lab Link: [link] The user is going to get access to a Kali GUI instance and Windows Server 2019.

Ransomware

Ransomware Encryption Cryptocurrency Banking

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

In March, researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. Pierluigi Paganini.

Cybersecurity

Cybersecurity Engineering Software Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

North Korea steals $620m Ethereum from US Video Game maker

CyberSecurity Insiders

APRIL 17, 2022

US Treasury has endorsed the news and tagged it as one of the biggest cryptocurrency heists of all time. NOTE 2- Microsoft, the Windows OS tech giant, identifies the group as Zinc and labeled it as a confirmed nation behind the launch of May 2017 WannaCry Ransomware Attack that infected over 250,000 computers across the world.

Cryptocurrency

Cryptocurrency Government Education Cyber Attacks

GUEST ESSAY: The drivers behind persistent ransomware — and defense tactics to deploy

The Last Watchdog

SEPTEMBER 7, 2022

You may remember ransomware incidents that made the news in recent years, such as the Colonial Pipeline attack in 2021 that crippled national infrastructure or WannaCry in 2017 that exploited a Windows vulnerability. Sometimes ransom payments are recovered, but not always. The impact of ransomware.

Ransomware

Ransomware Education Financial Services Phishing

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. ” This week, Google Threat Analysis Group (TAG) also warned of North Korea-linked hackers targeting security researchers through social media.

Malware

Malware Antivirus Hacking Accountability

How we protect our users against the Sunburst backdoor

SecureList

DECEMBER 23, 2020

While the vast majority of the high-profile incidents nowadays include ransomware or some sort of destructive payload (see NotPetya, Wannacry) in this case, it would appear the main goal was espionage. Was this just espionage or did you observe destructive activities, such as ransomware? That’s a good question!

Malware

Malware Telecommunications DNS Government

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

Adaptive Monitoring and Tagging. This includes active tagging of workloads, threat hunting , and virus assessments, and consistent evaluation of traffic for mission-critical applications, data, or services. Once your micro-perimeters surround your most sensitive segments, there’s a need for ongoing monitoring and adaptive technology.

Ransomware

Ransomware Backups Software Encryption

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Krebs on Security

JUNE 3, 2019

On May 25, The New York Times cited unnamed security experts briefed on the attack who blamed the ransomware’s spread on the Eternal Blue exploit, which was linked to the global WannaCry ransomware outbreak in May 2017. The account also began tagging dozens of reporters and news organizations on Twitter.

Ransomware

Ransomware Accountability Malware Government

Sunburst: connecting the dots in the DNS requests

SecureList

DECEMBER 18, 2020

While the vast majority of the high-profile incidents nowadays include ransomware or some sort of destructive payload (see NotPetya, Wannacry) in this case, it would appear the main goal was espionage. Was this just espionage or did you observe destructive activities, such as ransomware? That’s a good question!

DNS

DNS Telecommunications Malware Encryption

How to trace ransomware payments end-to-end

Elie

AUGUST 31, 2017

This was a titanesque task as there were 34 families (as shown in the tag cloud above) and hundreds of variants. Decryption Once payment is confirmed by the ransomware group, the victim receives decryption keys and is able to recover their files. Most ransomware criminals do honor their promises to recover files and provide decryption keys.

Ransomware

Ransomware Backups Encryption Scams

Top 5 G Suite Security Concerns for 2019

Spinone

DECEMBER 30, 2018

WannaCry , Petya, and other high-profile ransomware attacks have gained widespread attention. In the matter of a few short hours, ransomware variants such as these have rendered thousands of businesses incapacitated or otherwise unable to carry on normal business operations.

Backups

Backups Ransomware Encryption Accountability

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

RaaS quickly became a major force in the world of cybercrime thanks to both Petya and other major ransomware like LeakerLocker and WannaCry. WannaCry is especially notable for both its 2017 attack on users worldwide and its method of propagation. NHS hospitals in the United Kingdom were among the largest organizations hit by WannaCry.

Malware

Malware Ransomware Antivirus Internet

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Last June, Google’s TAG team released a blog post documenting attacks on Italian and Kazakh users that they attribute to RCS Lab, an Italian offensive software vendor. The next WannaCry. Statistically, some of the largest and the most impactful cyber epidemics occur every 6-7 years.

Firmware

Firmware Surveillance Mobile Telecommunications

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The next WannaCry Fortunately for us, a new cyber epidemic did not happen. The US Cybersecurity and Infrastructure Security Agency (CISA) provided additional IoCs associated with exploitation of CVE-2023-2868. Verdict: prediction fulfilled ✅ 3. Verdict: prediction not fulfilled ❌ 4.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Lab Walkthrough?—?The WannaCry Ransomware

Webinars

Trending Sources

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Webinars

North Korea steals $620m Ethereum from US Video Game maker

GUEST ESSAY: The drivers behind persistent ransomware — and defense tactics to deploy

Microsoft: North Korea-linked Zinc APT targets security experts

How we protect our users against the Sunburst backdoor

Ransomware Protection in 2021

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Sunburst: connecting the dots in the DNS requests

How to trace ransomware payments end-to-end

Top 5 G Suite Security Concerns for 2019

The History of Computer Viruses & Malware

Advanced threat predictions for 2023

Advanced threat predictions for 2024

Stay Connected