Ransomware with a difference: “Derestrict your software, or else!”
Credit to Author: Paul Ducklin| Date: Wed, 02 Mar 2022 16:33:45 +0000
“Change your code to improve cryptomining”… or we’ll dump 1TB of stolen secrets.
Read moreRansomware
Conti Ransomware Group Diaries, Part I: Evasion
Credit to Author: BrianKrebs| Date: Tue, 01 Mar 2022 20:50:30 +0000
A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.
Read moreThe Conti ransomware leaks
Credit to Author: Threat Intelligence Team| Date: Tue, 01 Mar 2022 20:49:54 +0000
Perhaps one of the most interesting leaks for the threat intelligence community, the Conti data dumps will provide invaluable data for a long time to come.
The post The Conti ransomware leaks appeared first on Malwarebytes Labs.
Read moreConti and Karma actors attack healthcare provider at same time through ProxyShell exploits
Credit to Author: gallagherseanm| Date: Mon, 28 Feb 2022 12:30:19 +0000
An unpatched Microsoft Exchange Server let both ransomware actors in; Karma just stole data, while Conti encrypted.
Read moreTrickBot takes down server infrastructure after months of inactivity
Credit to Author: Pieter Arntz| Date: Mon, 28 Feb 2022 12:15:31 +0000
After months of spam silence, TrickBot has pulled the plug on its server infrastructure. Is this the end of an era?
The post TrickBot takes down server infrastructure after months of inactivity appeared first on Malwarebytes Labs.
Read moreA week in security (February 21 – February 27)
Credit to Author: Malwarebytes Labs| Date: Mon, 28 Feb 2022 11:37:42 +0000
The most important and interesting security stories from the last seven days.
The post A week in security (February 21 – February 27) appeared first on Malwarebytes Labs.
Read morePotential cybersecurity impacts of Russia’s invasion of Ukraine
Credit to Author: David Ruiz| Date: Fri, 25 Feb 2022 22:13:21 +0000
Responding to the crisis in Ukraine must prioritize physical safety, but there are related cyber-risks to consider too.
The post Potential cybersecurity impacts of Russia’s invasion of Ukraine appeared first on Malwarebytes Labs.
Read moreCyber lures and threats in the context of the war in Ukraine
Credit to Author: Threat Intelligence Team| Date: Fri, 25 Feb 2022 20:59:40 +0000
There are many uncertainties with Russia’s invasion and war in Ukraine. In this unpredictable environment, we detail previous, current and expected cyber threats to watch out for.
The post Cyber lures and threats in the context of the war in Ukraine appeared first on Malwarebytes Labs.
Read moreHive ransomware: Researchers figure out a method to decrypt files
Credit to Author: Pieter Arntz| Date: Wed, 23 Feb 2022 13:58:00 +0000
Researchers have found a flaw in the Hive ransomware encryption method that allows them to recover a high percentage of the encrypted files.
The post Hive ransomware: Researchers figure out a method to decrypt files appeared first on Malwarebytes Labs.
Read moreDridex bots deliver Entropy ransomware in recent attacks
Credit to Author: Andrew Brandt| Date: Wed, 23 Feb 2022 11:30:07 +0000
Some code used in the ransomware bear a resemblance to code used in Dridex malware, hinting at a common origin
Read more