To gain access to a corporate network, ransomware gangs are increasingly turning to initial access brokers (IABs) and dark web marketplaces instead of breaching targets themselves. By analyzing ransomware gang’s want ads, it is possible to understand the types of companies that are being targeted for attacks. KELA, a cybersecurity intelligence company, compiled a list […]
Home Depot is increasing its investment in cloud computing to expand its range of digital tools that have helped it meet the surging demand from both professional contractors and DIY customers during the Covid-19 pandemic. The home-improvement chain plans to extend its existing multiyear cloud-services contract with Google Cloud, which will allow the company to […]
Kaseya announced a breach detection tool for clients of its VSA remote monitoring and management product, amid a weekend-long ransomware scare. The tool is not currently on the website, but can be obtained by emailing support@kaseya.com with the subject “Compromise Detection Tool Request.” On Friday, a REvil ransomware affiliate began exploiting a zero-day vulnerability in […]
On Friday, a flood of ransomware hit hundreds of companies around the world. A grocery store chain, a public broadcaster, schools, and a national railway system were all hit by the file-encrypting malware, causing disruption and forcing hundreds of businesses to close. The victims had something in common: a key piece of network management and […]
Bad news comes in threes, most particularly for Western Digital customers. As if things weren’t bad enough for the untold number of Western Digital customers whose data blinked out of existence last month, there’s another zero-day waiting for whoever can’t or won’t upgrade its My Cloud storage devices. The latest zero-day entails an attack chain […]
Attackers could use critical firmware vulnerabilities discovered by Microsoft in some NETGEAR router models as a stepping stone to move laterally within enterprise networks. The security flaws impact DGN2200v1 series routers running firmware versions before v1.0.0.60 and compatible with all major DSL Internet service providers. They allow unauthenticated attackers to access unpatched routers’ management pages […]
The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year. The Internet Crime Complaint Center (IC3) received last year 791,790 complaints – up by 69% from 2019 – of suspected internet crime causing […]
A company that fell victim to a ransomware attack and paid cyber criminals millions for the decryption key to restore their network fell victim to the exact same ransomware gang under two weeks later after failing to examine why the attack was able to happen in the first place. The unnamed company fell victim to […]
Requesting ransoms in cryptocurrency like Bitcoin and Monero gives cybercriminals a stateless, decentralized, and anonymized method of transferring funds. This makes payments easier to facilitate than a wire transfer or international payment in fiat currencies and reduces the risk of apprehension. Unlike bank accounts, crypto wallets can be anonymously created and accessed by anyone who […]
The U.S. Department of Homeland Security’s Office of Intelligence and Analysis assess that ransomware attacks targeting US networks are likely to increase in the near and long term because cybercriminals have developed effective business models to increase their financial gain, likelihood for operational success, and anonymity. Growing demand for ransomware-as-a-service (RaaS) and the use of […]