Cybercrime, here are the ransomware groups new strategies
Cybersecurity expert Luca Mella: In the event of non-payment, instead of double extortion, there is a threat of new attacks and info on insurance policies is requested.
Cybercrime, 1.000 ships impacted by a ransomware attack on DNV
The company explains that all vessels can still use the onboard, offline functionalities of the ShipManager software; other systems are not impacted. Eyes on pro-Russia hackers.
Cybercrime, Venus is targeting the Healthcare sector in the USA
HC3 cybersecurity experts: The ransomware operators attack publicly exposed Remote Desktop Services, even on non-standard TCP ports, to encrypt Windows devices.
Cyber Warfare, pro-Russia hackers attack Ukraine with Somnia ransomware
CERT-UA cybersecurity experts: Z-Team exploits Avidar, Netscan and a Cobalt Strike beacon, then it exfiltrate data from corporate networks and encrypt it.
Cybercrime, Mailchimp users can be targeted via Dependency confusion
CloudSEK cybersecurity experts: 2 unclaimed packages can be leveraged to inject malicious code (malware-ransomware) inside the platform.
Cyber Warfare, Prestige is a new ransomware targeting Ukraine and Poland
Microsoft MSTIC cybersecurity experts: The targets are organizations in the transportation and related logistics industries in both countries.
Cybercrime, BlackBasta exploits the “Bring Your Own Driver” technique
Sophos cybersecurity experts: Ransomware group abuses the CVE-2019-16098 to disable a list of over 1,000 drivers on which security products rely to provide protection.
Cybercrime, LockerGoga victims now have a free decryptor
It has been developed by Swiss authorities with NoMoreRansom project and Bitdefender cybersecurity experts. Soon it could arrive also one for MegaCortex.
Cyber Warfare, new US sanctions on Iran following cyber-attacks escalation
OFAC put ten individuals and two entities in the black list. They are affiliated with the IRGC and used ransomware to target businesses and critical infrastructure across the board.
Cybercrime, Ransomware groups start using intermittent encryption
Sentinel Labs cybersecurity experts: The goal is to evade detection and encrypt victims’ files faster. Last malware using this technique is Qyick.