Credit to Author: Giusy Martin| Date: Tue, 10 Sep 2024 06:29:56 +0000
Un EDR killer che Sophos X-Ops ha monitorato per tre anni continua a tormentare le organizzazioni prese di mira dalle bande di ransomware
Read more
Credit to Author: Andrew Brandt| Date: Tue, 27 Aug 2024 16:33:35 +0000
An EDR killer Sophos X-Ops has tracked for three years continues to bedevil organizations targeted by ransomware gangs.
Read more
Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.
Read moreLockBit claimed to have breached Federal Reserve but in fact the data came from Evolve Bank & Trust
Read moreLockBit claimed to have breached Federal Reserve but in fact the data came from Evolve Bank & Trust
Read more
Credit to Author: BrianKrebs| Date: Thu, 30 May 2024 15:19:44 +0000
Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.
Read more
Credit to Author: BrianKrebs| Date: Thu, 23 May 2024 23:32:43 +0000
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.
Read more
Credit to Author: BrianKrebs| Date: Mon, 13 May 2024 11:26:27 +0000
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.
Read more
Credit to Author: BrianKrebs| Date: Wed, 06 Mar 2024 00:22:56 +0000
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV”) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data that Change reportedly paid the group to destroy. Meanwhile, the affiliate’s disclosure appears to have prompted BlackCat to cease operations entirely.
Read more