Ransomware – Page 37 – PossibleThreat Articles

MalwareBytes Security

ALPHV squeezes victim with dedicated leak site for employees and customers

June 17, 2022 0 Comments alphav, alphav ransomware, blackcat, blackcat ransomware, brett callow, darkside, darkside ransomware, noberus, noberus ransomware, Ransomware, rust

Credit to Author: Malwarebytes Labs| Date: Fri, 17 Jun 2022 18:01:31 +0000

ALPHV, also known as BlackCat, created a leak site on the regular web, betting it can squeeze money out of victims faster than a dark web site.

The post ALPHV squeezes victim with dedicated leak site for employees and customers appeared first on Malwarebytes Labs.

Security Sophos

Confluence exploits used to drop ransomware on vulnerable servers

June 16, 2022 0 Comments atlassian, cerber, confluence, cryptoguard, cve-2022-26134, featured, Intercept X, PowerShell, Ransomware, security operations, sophos managed threat response (mtr), SophosLabs Uncut, threat research, tomcat, webshell

Credit to Author: Andrew Brandt| Date: Thu, 16 Jun 2022 11:00:03 +0000

Automated attacks are now widely exploiting the Atlassian vulnerability

Independent Krebs Security

Ransomware Group Debuts Searchable Victim Data

June 14, 2022 0 Comments A Little Sunshine, alphv ransomware, blackcat ransomware, brett callow, emsisoft, Ransomware, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 14 Jun 2022 19:53:12 +0000

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form.

MalwareBytes Security

Karakurt extortion group: Threat profile

June 14, 2022 0 Comments accenture security, advanced intel, anydesk, chainalysis, cirt, cisa, cobalt strike, conti ransomware, cyber incident response team, Cybercrime, cybersecurity and infrastructure security agency, diavol, diavol ransomware, dridex, evil corp, FBI, federal bureau of investigation, FileZilla, karakurt, karakurt extortion group, karakurt lair, karakurt team, kimberly goody, mandiant, mega.io, MFA, mimikatz, multi-factor authentication, ncc, ransomhouse, Ransomware, ransomware syndicate, rclone, tetra defense, virtual private network, vpn, wall street journal

Credit to Author: Jovi Umawing| Date: Tue, 14 Jun 2022 16:00:29 +0000

An obscure group called Karakurt has extorted organizations in the US and elsewhere. Know how to keep it away from your network.

The post Karakurt extortion group: Threat profile appeared first on Malwarebytes Labs.

MalwareBytes Security

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

June 14, 2022 0 Comments APT, atlassian, confluence, Exploits and vulnerabilities, nation-state, Ransomware

Credit to Author: Christopher Boyd| Date: Tue, 14 Jun 2022 12:43:08 +0000

Microsoft has warned of APT groups and ransomware authors exploiting the now patched Confluence vulnerability. We take a look at the dangers.

The post “Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft appeared first on Malwarebytes Labs.

Microsoft Security

The many lives of BlackCat ransomware

June 13, 2022 0 Comments cybersecurity, human-operated ransomware, Microsoft security intelligence, Ransomware, Ransomware as a Service

Credit to Author: Paul Oliveria| Date: Mon, 13 Jun 2022 16:00:00 +0000

The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.

The post The many lives of BlackCat ransomware appeared first on Microsoft Security Blog.

QuickHeal Security

Robin Hood Ransomware ‘GOODWILL’ Forces Victim for Charity

June 13, 2022 0 Comments #ransomwareprevention, Cyber crime, cybersecurity, goodwill, Hacking, Ransomware, Uncategorized

Credit to Author: Tejaswini Sandapolla| Date: Mon, 13 Jun 2022 13:06:21 +0000

Goodwill Ransomware, identified by CloudSEK researchers in March 2022, is known to promote social justice on the internet….

The post Robin Hood Ransomware ‘GOODWILL’ Forces Victim for Charity appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

MalwareBytes Security

A week in security (June 6 – June 12)

June 13, 2022 0 Comments 4chan, A week in security, apple passkeys, asyncrat, b&q father's day contest 2022, blackbasta, blog recap, cloud data breach, decryption tool, dridex, emotet, esxi, facebook, FBI, federal bureau of investigations, Linux, linux malware, makemoney, malvertising, meeting owl, Microsoft, phishing, prometheus, prometheus ransomware, Ransomware, ransomware task force, ssndob, trickbot, ukraine, virtual machines, vm, whatsapp, whiteboard owl, windows autopatch

Credit to Author: Malwarebytes Labs| Date: Mon, 13 Jun 2022 10:29:57 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (June 6 – June 12) appeared first on Malwarebytes Labs.

MalwareBytes Security

BlackBasta is the latest ransomware to target ESXi virtual machines on Linux

June 9, 2022 0 Comments blackbasta, chacha20, hypervisor, linux ransomware, Ransomware, ransomware targeting esxi, virtual machine, vmware, vmware esxi

Credit to Author: Jovi Umawing| Date: Thu, 09 Jun 2022 13:50:41 +0000

BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that targets VMware ESXi virtual machines.

The post BlackBasta is the latest ransomware to target ESXi virtual machines on Linux appeared first on Malwarebytes Labs.