Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-03-29 13:59:07 |
(Déjà vu) CyberheistNews Vol 12 #13 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online (lien direct) |
[Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online
Email not displaying? |
CyberheistNews Vol 12 #13 | Mar. 29th., 2022
[Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online
The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, and how the tech still needs to improve.
While much of the headlines today around the Russian invasion of Ukraine focus on the war on the ground and in the air, a cyberwar is being waged behind the scenes. It began with wiper ransomware attacks on Ukrainian businesses and government agencies and has culminated so far with a newly released deepfake video of Ukrainian president Zelenskyy asking his troops to lay down their weapons and surrender.
|
Ransomware
|
|
|
|
2022-03-24 14:20:53 |
Initial Access Broker Group Relies on Social Engineering (lien direct) |
Google's Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang. EXOTIC LILY uses phishing attacks to gain access to organizations' networks, then sells this access to other gangs for further exploitation. |
Ransomware
Threat
|
|
|
|
2022-03-17 12:43:59 |
[Heads Up] New Evil Ransomware Feature: Disk Wiper if You Don\'t Pay (lien direct) |
There is a new ransomware-as-a-service (RaaS) strain called LokiLocker, researchers at Blackberry warn. The malware uses rare code obfuscation and includes a file wiper component that attackers can deploy if their victims don't pay. "It shouldn't be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. |
Ransomware
Malware
|
|
|
|
2022-03-16 14:25:21 |
Backups Become the Focus as Three-Fourths of Organizations Experienced Ransomware Attacks (lien direct) |
New data puts the spotlight on how most organizations unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response. |
Ransomware
|
|
|
|
2022-03-15 13:41:15 |
(Déjà vu) CyberheistNews Vol 12 #11 [Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs (lien direct) |
[Heads Up] FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs
Email not displaying? |
CyberheistNews Vol 12 #11 | Mar. 15th., 2022
[Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs
The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors.
|
Ransomware
|
|
|
|
2022-03-15 12:43:58 |
Cybercrime-as-a-Service: Its Evolution and What You Can Do to Fight Back (lien direct) |
The cybercrime market has skyrocketed in a frightening way. With threats such as ransomware to Business Email Compromise (BEC), the stakes are higher than ever for organizations across all industries. |
Ransomware
|
|
|
|
2022-03-09 15:58:22 |
83% of all Successful Ransomware Attacks Featured Double and Triple Extortion (lien direct) |
With 2021 being the “testing ground” for ransomware extortion, 2022 is showing signs of ransomware gangs settling in on proven extortion tactics to ensure payment. |
Ransomware
|
|
|
|
2022-03-08 13:02:39 |
(Déjà vu) FBI: Ransomware gang breached 52 US critical infrastructure orgs (lien direct) |
The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. |
Ransomware
|
|
|
|
2022-03-04 13:34:08 |
CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks (lien direct) |
New advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its' impact. |
Ransomware
|
|
|
|
2022-02-17 15:08:55 |
Conti Ransomware Attacks Reap in $180 Million in 2021 as Average Ransomware Payments Rise by 34% (lien direct) |
New analysis of ransomware attacks shows growth in the number of active strains, ransoms collected, and use of third-party services all adding up to a more organized and profitable industry. |
Ransomware
|
|
|
|
2022-02-15 14:24:51 |
CyberheistNews Vol 12 #07 [Heads Up] FBI Warns Against New Criminal QR Code Scams (lien direct) |
[Heads Up] FBI Warns Against New Criminal QR Code Scams
Email not displaying? |
CyberheistNews Vol 12 #07 | Feb. 15th., 2022
[Heads Up] FBI Warns Against New Criminal QR Code Scams
QR codes have been around for many years. While they were adopted for certain niche uses, they never did quite reach their full potential. They are a bit like Rick Astley in that regard, really popular for one song, but well after the boat had sailed. Do not get me wrong, Rick Astley achieved a lot. In recent years, he has become immortalized as a meme and Rick roller, but he could have been so much more.
However, in recent years, with lockdown and the drive to keep things at arms length, QR codes have become an efficient way to facilitate contactless communications, or the transfer of offers without physically handing over a coupon. As this has grown in popularity, more people have become familiar with how to generate their own QR codes and how to use them as virtual business cards, discount codes, links to videos and all sorts of other things.
QRime Codes
As with most things, once they begin to gain a bit of popularity, criminals move in to see how they can manipulate the situation to their advantage. Recently, we have seen fake QR codes stuck to parking meters enticing unwitting drivers to scan the code, and hand over their payment details believing they were paying for parking, whereas they were actually handing over their payment information to criminals.
The rise in QR code fraud resulted in the FBI releasing an advisory warning against fake QR codes that are being used to scam users. In many cases, a fake QR code will lead people to a website that looks like the intended legitimate site. So, the usual verification process of checking the URL and any other red flags apply.
CONTINUED with links and 4 example malicious QR codes on the KnowBe4 blog:
https://blog.knowbe4.com/qr-codes-in-the-time-of-cybercrime
|
Ransomware
Data Breach
Spam
Malware
Threat
Guideline
|
APT 15
APT 43
|
|
|
2022-02-09 15:00:56 |
Updated Ransomware Hostage Rescue Manual (lien direct) |
Ransomware is one of the most damaging types of cyber attacks of all time, and the one feared the most by business owners and cybersecurity defenders.
This worry is not without reason. In an instant, an organization's critical IT infrastructure can be brought down for weeks to months, completely stopping all business. Some data and systems may be lost forever. Complete recovery may take over a year. Customer impacts may last long past the technical recovery process. |
Ransomware
|
|
|
|
2022-02-08 23:25:24 |
Average Ransomware Ransoms Jump 130% While Use of Data Exfiltration Grows (lien direct) |
With pressures by law enforcement on ransomware gangs in 2021, and more stringent security requirements by cyber insurers, cybercriminals are changing their tactics to ensure a payoff. |
Ransomware
|
|
|
|
2022-02-08 18:04:46 |
The Evolution and Future of Ransomware (lien direct) |
The history of ransomware spans over 30 years. The first specimen, known as the AIDS Trojan, was delivered via physical media using the postal system, and, upon its discovery, was quickly remediated by the security industry. More recent examples have proven comparatively more devastating, most notably the Colonial Pipeline incident, which caused fuel shortages and widespread disruption to much of the US East Coast. |
Ransomware
|
|
|
|
2022-02-03 20:15:47 |
U.K. Snack Manufacturer Expects Months of Delays After Ransomware Attack (lien direct) |
Orders of top-selling snack brands from KP Snacks are on hold in the aftermath of a Conti ransomware attack that includes data theft of confidential information. |
Ransomware
|
|
|
|
2022-02-02 20:51:37 |
1 in 7 Ransomware Extortion Leaks Include Sensitive Operational Technology Details (lien direct) |
New analysis of published data from ransomware attacks puts the spotlight on the potential that some of your most critical data stolen puts you materially at risk of another attack. |
Ransomware
|
|
|
|
2022-02-01 14:37:29 |
CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential (lien direct) |
|
Ransomware
Malware
Hack
Tool
Threat
Guideline
|
NotPetya
NotPetya
Wannacry
Wannacry
APT 27
APT 27
|
|
|
2022-01-26 13:37:30 |
Ransomware Operators Try to Recruit Insiders (lien direct) |
Sixty-five percent of organizations report that their employees have been contacted by ransomware attackers in an attempt to recruit insider threats, according to researchers at Pulse and Hitachi ID. |
Ransomware
|
|
|
|
2022-01-25 14:17:54 |
CyberheistNews Vol 12 #04 [FBI HEADS UP] US Defense Industry Targeted with New USB-Based Ransomware Attacks (lien direct) |
|
Ransomware
|
|
|
|
2022-01-21 13:24:40 |
FBI: US Defense Industry Organizations Targeted with USB-Based Ransomware Attacks (lien direct) |
Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains. |
Ransomware
|
|
|
|
2022-01-20 14:25:55 |
Half of All Organizations Hit by Ransomware Experience Productivity Loss (lien direct) |
According to new data, ransomware is expected to be a larger and more likely threat in the next year, making the impacts felt today very relevant as the impetus for improved cybersecurity. |
Ransomware
Threat
|
|
|
|
2022-01-14 13:27:37 |
Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse (lien direct) |
We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is beginning to happen now and will make us wish for the good, old days of Ransomware 2.0. |
Ransomware
|
|
|
|
2022-01-12 14:37:15 |
Over 200 Ransomware Strains Detected in Last Part of 2021 (lien direct) |
With the news focused on just a few key ransomware strains, it's understandable to think you'll never be a target. But newly-released data shows who's doing the attacking and who's being targeted. |
Ransomware
|
|
|
|
2022-01-06 19:20:00 |
Hive Ransomware-as-a-Service Races to the Top as Affiliates Breach 350 Organizations in Just 4 Months (lien direct) |
A mere blip on the ransomware radar a quarter ago, the massive onslaught of attacks using Hive Ransomware demonstrates how dangerous the “as-a-Service” model really is. |
Ransomware
|
|
|
|
2021-12-29 16:01:00 |
Conti Ransomware Affiliate Attacks Australian Utilities Giant\'s Corporate Network (lien direct) |
While news reports indicate no impact to the utilities company's ability to deliver electricity to its' customers, this could be the start of attacks on critical infrastructure in Australia. |
Ransomware
|
|
|
|
2021-12-23 16:38:50 |
Canadian Government Urges Organizations to Take Additional Steps to Protect Against Ransomware Attacks (lien direct) |
Citing upticks in attacks, Canada's Centre for Cyber Security asks organizations to step up protective measures, offering guidance and a playbook to improve security. |
Ransomware
|
|
|
|
2021-12-20 20:13:47 |
Double Extortion Ransomware Attacks That Publish Victim Data Increase 935% (lien direct) |
According to new data, the number of victim companies impacted by double extortion has jumped from 229 by the first half of 2020 to nearly 2400 by the first half of 2021. |
Ransomware
|
|
|
|
2021-12-07 15:52:59 |
Half of All Organizations Have Had Employees Approached to Aid in Ransomware Attacks (lien direct) |
Partially due to the shift to working remotely, cybercriminals are finding some resemblance of success in getting internal assistance, begging the question of what to do about it. |
Ransomware
|
|
|