Cybercrime, Ryuk ransomware actors evolve their TTPs
Advintel cybersecurity experts: Malware operators now target exposed RDP connections to gain an initial foothold and exploit CVE-2018-8453 and CVE-2019-1069.
The Netherlands Police chases cybercrime actors on hacker forums
“We aim at botnets and related malware like Ryuk, Trickbot and many more. Everyone makes mistakes, we are waiting for yours”.
Cybercrime, FIN7 and RYUK groups are cooperating
Truesec cybersecurity experts: Maybe the first one sold its TTPs to the ransomware gang, probably they are closely affiliated and may be part of the same network.
Cybercrime, ransomware actors deploy SystemBC as a backdoor
Sophos cybersecurity experts: It has being used for communications, data exfiltration and the download and execution of malicious modules.
Cybercrime, Conti ransomware group asks Advantech a huge ransom: 13 mln
The cybersecurity expert Pierluigi Paganini: On November 26, leaking the data stolen begun: an archive of 3.03GB that accounts for 2% of the total amount of stolen data.
Cybercrime, TrickBot now uses an obfuscated batch script launcher
Bleeping Computer cybersecurity experts: The malware increased its advanced evasive capabilities.
Cybercrime, imminent threat to U.S. hospitals and healthcare providers
It has been denounced by FBI and the U.S. Department of Homeland Security cybersecurity experts: It could arrive from Russian Ryuk ransomware gang.
Cybercrime boost attacks on the maritime industry
Sea News: aggressions increased by 900% over the last 3 years and in 2020 they will be more than 500. OT systems are the malware targets, but their breaches are not covered by insurances.
Ransomware, cybercrime earned $144.35 million in six years
FBI supervisory special agent DeCapua: The Top Ten of malware variants sees Ryuk as the winner with $61.26 million, followed by Crysis/Dharma ($24.48 million) and Bitpaymer ($8.04 million).
Cybercrime, also New Orleans hit by Ryuk ransomware
The cyber security experts find the malware, thanks to files uploaded to VirusTotal and a memory dump found by Colin Cowie of Red Flare Security. Maybe Emotet and TrickBot are involved.