To solve crime, the old saying still holds: “Follow the money.” But how do you do that for cybercrimes when the money itself is decentralized and anonymous—as is the case with cryptocurrency? In today’s threat environment, it’s becoming increasingly crucial for enterprises to boost their cybersecurity maturity. Over a decade ago,
A newly discovered cyberattack panel dubbed TeslaGun has been discovered, used by Evil Corp to run ServHelper backdoor campaigns. Data gleaned from an analysis by the Prodraft Threat Intelligence (PTI) team shows the Evil Corp ransomware gang (aka TA505 or UNC2165, along with half a dozen other colorful tracking names) has
The paper, “An Anatomy of Crypto-Enabled Cybercrimes,” takes a detailed look at how highly sophisticated criminal organizations, mainly based in Russia and North Korea, extort money from corporations worldwide. The majority of these victimized firms are in the United States. “This was actually a difficult decision to do this paper because
The FBI and Justice Department recently disrupted the activities of a hacking group that was sponsored by the North Korean government and that targeted U.S. hospitals with ransomware. The FBI and Justice Department recently disrupted the activities of a hacking group that was sponsored by the North Korean government and that
The ransomware landscape has evolved considerably since WannaCry dramatically drove home the potential severity of the threat five years ago on May 12. What has changed somewhat less over the same period is enterprise preparedness in the face of ransomware attacks. Ransomware emerged and has remained entrenched as one of the
Joint Cybersecurity Advisory Released by CISA, FBI, AUS CSC and UK NCSC Regarding Iranian Government-Sponsored APT
An advanced persistent threat (APT) group since March of 2021, has been exploiting Fortinet vulnerabilities and, since October 2021, a Microsoft Exchange ProxyShell vulnerability “to gain initial access to systems in advance of follow-on operations, which include deploying ransomware.” This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC).
The Joint Cybersecurity Advisory was released this morning at approx. 11 AM EST.
The cybercrime group REvil has doubled the extortion ransom against compromised law firm Grubman, Shire, Meiselas and Sacks. The law firm represents clients such as Lady Gaga, Drake, Elton John, Madonna, Robert De Niro, LeBron James, The Weeknd, and Priyanka Chopra. Despite the fact that President Trump was not a
In 2016, one American citizen and one Canadian national teamed up to compromise the systems of Uber and LinkedIn in order to steal user information, which they subsequently used in order to extort the two companies, the two admitted in court this week. The threat actors used a custom tool
Threat actors are impersonating the notorious state-backed Russian hacking group Fancy Bear (aka Sofacy, APT28 and Sednit) as part of a distributed denial-of-service (DDoS) extortion campaign targeting organizations in the financial sector. According to Daniel Smith of Radware, the threat actors launch “large scale, multi-vector demo DDoS attacks” against a
Threat actors are holding 1.2 million sensitive files belonging to Mexican bookseller Librería Porrúa for ransom. On July 15, a security researcher discovered the records in an unprotected MongoDB database. Three days later, threat actors also stumbled upon the unsecured server and proceeded to replace all records in it with