Advertisements


BlackByte affiliates use new encryptor and new TTPs

BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypte.....»»

Category: securitySource:  netsecurityAug 28th, 2024

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed

The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ransomwar.....»»

Category: securitySource:  netsecurityRelated NewsOct 2nd, 2024

How RansomHub went from zero to 210 victims in six months

RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare ins.....»»

Category: securitySource:  netsecurityRelated NewsAug 30th, 2024

Pioneer Kitten: Iranian hackers partnering with ransomware affiliates

A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomwar.....»»

Category: securitySource:  netsecurityRelated NewsAug 28th, 2024

BlackByte affiliates use new encryptor and new TTPs

BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypte.....»»

Category: securitySource:  netsecurityRelated NewsAug 28th, 2024

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals

The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools su.....»»

Category: securitySource:  netsecurityRelated NewsAug 9th, 2024

Black Basta target orgs with new social engineering campaign

Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access tools. Black Basta TTPs and newest initial access attempts According to a cybers.....»»

Category: securitySource:  netsecurityRelated NewsMay 13th, 2024

Behavioral patterns of ransomware groups are changing

Q1 saw substantial shifts in activity from some of the most prolific Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security. RaaS groups attempt to recruit disaffected or displaced affiliates In addition to revealing a nearly 20% yea.....»»

Category: securitySource:  netsecurityRelated NewsApr 23rd, 2024

GSMA releases Mobile Threat Intelligence Framework

GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they u.....»»

Category: SSSSSSource:  netsecurityRelated NewsApr 23rd, 2024

GSMA releases Mobile Threat Intelligence Framework

GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they u.....»»

Category: SSSSSSource:  netsecurityRelated NewsApr 23rd, 2024

GSMA releases Mobile Threat Intelligence Framework

GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they u.....»»

Category: SSSSSSource:  netsecurityRelated NewsApr 23rd, 2024

GSMA releases Mobile Threat Intelligence Framework

GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they u.....»»

Category: SSSSSSource:  netsecurityRelated NewsApr 23rd, 2024

GSMA releases Mobile Threat Intelligence Framework

GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they u.....»»

Category: SSSSSSource:  netsecurityRelated NewsApr 23rd, 2024

RaaS groups increasing efforts to recruit affiliates

Smaller RaaS groups are trying to recruit new and “displaced” LockBit and Alphv/BlackCat affiliates by foregoing deposits and paid subscriptions, offering better payout splits, 24/7 support, and other “perks”. Cybercriminals w.....»»

Category: securitySource:  netsecurityRelated NewsMar 20th, 2024

The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have swit.....»»

Category: securitySource:  netsecurityRelated NewsMar 14th, 2024

LockBit registered nearly 200 "affiliates" over the past two years

New details about LockBit operations are emerging, and the focus is now on the group's affiliates......»»

Category: topSource:  marketingvoxRelated NewsFeb 23rd, 2024

How LockBit used Citrix Bleed to breach Boeing and other targets

CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,&.....»»

Category: securitySource:  netsecurityRelated NewsNov 22nd, 2023

Cisco VPNs with no MFA enabled hit by ransomware groups

Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. “In some cases, adversaries have conducted credential stuffing attacks th.....»»

Category: securitySource:  netsecurityRelated NewsAug 31st, 2023

APTs use of lesser-known TTPs are no less of a headache

APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone i.....»»

Category: securitySource:  netsecurityRelated NewsAug 14th, 2023

SAS expanding foothold in SiC semiconductor market

Sino-American Silicon Products (SAS), which has affiliates such as Actron Technology, GlobalWafers, and Globitech, is extending its footprint in the silicon carbide (SiC) semiconductor sector......»»

Category: itSource:  digitimesRelated NewsMay 25th, 2023

The WhatsApp of secure computation

A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver. This might seem an obvious requirement, but not all so-ca.....»»

Category: securitySource:  netsecurityRelated NewsMay 8th, 2023