Displaying items by tag: Conti

GUEST RESEARCH: On 29 August 2023, US law enforcement announced a multinational operation that disrupted the Qakbot botnet (also known as Qbot) and associated infrastructure. Secureworks Counter Threat Unit (CTU) researchers have long maintained active monitoring of the botnet and detected the disruption activity on 25 August.

GUEST RESEARCH: Zscaler, the leader in cloud security, has released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80% increase in ransomware attacks year-over-year. In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report analyses over a year's worth of data from the largest security cloud in the world, which processes more than 200 billion daily transactions and 150 million daily blocked attacks across the Zscaler Zero Trust Exchange. The report details which industries are being targeted the most by cybercriminals, explains the damage caused by double-extortion and supply chain attacks, and catalogs the most active ransomware groups operating today.

The government of Costa Rica has declared a state of emergency after a number of state agencies, including the finance ministry, were hit by the Windows ransomware strain known as Conti.

Queensland's CS Energy has denied that there was any indication a network attack on the company in November was by a state-based group.

COMPANY NEWS: Cybersecurity company Sophos published its Sophos 2022 Threat Report, detailing how the gravitational force of ransomware’s black hole is pulling in other cyberthreats to form one massive, interconnected ransomware delivery system—with significant implications for IT.

London's Daily Mail does not normally receive praise for the journalism it produces, but it has recently been lauded by an unlikely source: the Conti ransomware gang.

A number of Windows ransomware gangs have reacted to the reported takedown of the REvil gang, with one of them, Darkside, now known as BlackMatter, moving some of the bitcoin it holds, according to a statement from the cryptocurrency tracking firm Elliptic.

A British tech researcher, who quit working as a security threat analyst with Microsoft a few months back, has called on his former employer to act speedily to remove links to ransomware on its Office365 platform.

The Conti ransomware gang has issued a somewhat hilarious warning to media outlets which reported quotes from ransom negotiations between the ransomware gang and one of its victims, JVCKenwood.

Zscaler's latest ransomware report says manufacturing is the industry most targeted by double-extortion ransomware.

New research from Sophos details the "day-by-day unfolding of a human-operated Conti attack using fileless ransomware", with background on the ransomware’s behaviours, and defender advice.

One of the many tools used by multiple ransomware groups in a similar way — suggesting that they are being used by ransomware-as-a-service affiliates — is the Windows backdoor SystemBC, global cyber security vendor Sophos claims.

American payments processing company TSYS, that has global operations, has suffered a hit from the Windows Conti ransomware.

Industrial automation and industrial IoT chip manufacturer Advantech has suffered an attack by cyber criminals using the Windows Conti ransomware.

Security researchers have found that ransomware gangs are keeping in step with IT industry trends, with a new Windows ransomware strain, RegretLocker, able to encrypt data on virtual disks.

The use of improperly secured Remote Desktop Protocol connections on Windows machines has been found to be the biggest entry point for ransomware, according to a quarterly evaluation by Coveware, a company that is intimately involved in handling such attacks.

Webroot has released its annual list of the Nastiest Malware, "revealing phishing, botnet attacks and ransomware as 2020’s most vicious cybersecurity threats".

A total of 809 ransomware attacks have taken place in the last 12 months, according to DarkTracer, a company that develops a dark web intelligence platform.