Displaying items by tag: WannaCry

GUEST RESEARCH: Bitdefender has released its September 2022 Threat Debrief analysing the most popular malware and cyber attack techniques.

GUEST RESEARCH: Bitdefender has released key data from its August Bitdefender Threat Debrief, a monthly series analysing threat news, trends, and research from the previous month.

GUEST RESEARCH: Venafi investigation of 35 million dark web URLs shows macro-enabled ransomware is widely available at bargain prices.

Security vendor Bitdefender has released its Threat Debrief for July 2022, highlighting the prevalence of ransomware, Android trojans and domain spoofing.

Police in the UK have arrested seven teenagers who are allegedly connected to the attack group Lapsus$ that has been in the news recently over attacks on Samsung, Microsoft and Okta.

Details about a spying tool, claimed to be developed by the American NSA and able to reside in a Linux machine in order to steal information, has been reported by Global Times, a Chinese newspaper which has a pro-government tilt.

In what is an unusual turn of events, a Chinese security firm has revealed details about malware that it says emanated from the portals of the US National Security Agency.

GUEST RESEARCH: Threats against the manufacturing sector continue to persist—from ransomware groups that steal victim’s data before encrypting it to nation-state attackers seeking technology secrets and to company insiders looking for information to grab and sell to the highest bidder. Crippling ransomware attacks can even halt assembly lines and disrupt supply chains.

GUEST OPINION by Hayley Turner Director of Industrial Security - APAC at Darktrace: “Double Extortion” might sound like the title of a cheap airport thriller, but it’s a fast-growing component of the current ransomware explosion. While a year and a half ago, only one knownthreat actor used the tactic, there are now more than 16 ransomware groups actively using it.

A second case of NSA exploits being customised and used for attacks, before they were leaked on the Web by a group known as the Shadow Brokers in 2017, has come to light, this time following research by the Israel-based cyber security firm Check Point Research.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

It's surprising that global cyber security firm Sophos has hidden from public view the fact that it has suffered a security breach which is said to have taken place during the week.

The US National Security Agency says it has no information on the probe into a leak of exploits by a group known as the Shadow Brokers back in 2016. The investigation was reported to have been going on for 15 months in November 2017.

After what seems like an eternity, a security company has dared to mention the unmentionable: the US does have advanced persistent threats or nation-state attack groups which are active.

Microsoft appears to have bungled the release of details of flaws in its operating systems and application software this month, with details of a wormable flaw in the SMB protocol leaking online even though the company did not release a fix for it as part of its normal monthly patch Tuesday.

Last week, Microsoft chief executive Satya Nadella visited Australia and it is fair to say that he received such a lot of puffs in the media that he could well have thought he had landed in a bakery.

The infamous ransomware WannaCry, which burst on to the world stage in May 2017, is still very much alive and infecting Windows PCs, but a zipped portion appears to have gotten corrupted, preventing its encryption and ransom note creation components from working.

British security researcher Marcus Hutchins has been freed by authorities in the US, having been adjudged to have already served the one year jail time that was imposed on him, and only subject to a further year of supervision.

The row between information security professionals and The New York Times, over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue, has moved in a different direction, with some of the infosec people themselves coming under attack – from their peers.

A number of information security professionals in the US have sharply criticised The New York Times over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue.