Ransomware review: July 2022

Credit to Author: Threat Intelligence Team| Date: Thu, 04 Aug 2022 20:48:37 +0000

BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared

The post Ransomware review: July 2022 appeared first on Malwarebytes Labs.

Read more

North Korean APT targets US healthcare sector with Maui ransomware

Credit to Author: Jovi Umawing| Date: Sun, 10 Jul 2022 21:43:29 +0000

CISA warns of an unusual ransomware.

The post North Korean APT targets US healthcare sector with Maui ransomware appeared first on Malwarebytes Labs.

Read more

A week in security (June 20 – June 26)

Credit to Author: Malwarebytes Labs| Date: Mon, 27 Jun 2022 09:30:06 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (June 20 – June 26) appeared first on Malwarebytes Labs.

Read more

Using Python to unearth a goldmine of threat intelligence from leaked chat logs

Credit to Author: Paul Oliveria| Date: Wed, 01 Jun 2022 18:00:00 +0000

Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICpy, for example, is a Python tool dedicated to threat intelligence. It aims to help threat analysts acquire, enrich, analyze, and visualize data.

The post Using Python to unearth a goldmine of threat intelligence from leaked chat logs appeared first on Microsoft Security Blog.

Read more

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Credit to Author: BrianKrebs| Date: Tue, 31 May 2022 19:57:58 +0000

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.

Read more