Tag: lockbit
DDoS Attack on Pennsylvania Fails to Halt City Government – February 6th
Officials from the Administrative Office of Pennsylvania Courts announced their website was hit by a Distributed Denial of Service (DDoS) attack, which the city says did not compromise data or halt government operations. The attack is now being investigated by the U.S. Department of Homeland Security and the Federal Bureau of Investigation to uncover the hackers behind the attack and to ensure it is not a symptom of a larger-scale ransomware attack.
Cyber-gangs to launch media offensive in 2024
Cybercrime, which has become a multi-trillion-dollar industry over recent decades, became increasingly sophisticated during 2023, with criminal groups now adopting many of the business practices used by legitimate enterprises. According to a new report from cybersecurity firm, Sophos, leading ransomware gangs now increasingly employ their own internal HR and PR departments. Far from shying away from the media, as criminals always have in the past, some ransomware gangs have been swift to seize the opportunities it affords them. Some regularly issue press releases and take great pains to forge relationships with individual journalists using the same PR methods as those employed by legitimate corporations. Threat actors also offer Frequently Asked Questions (FAQs) and answers for journalists visiting their leak sites, encouraging reporters to get in touch, give in-depth interviews, and recruit writers, reports Sophos.
LockBit Keeps Role as Biggest Global Ransomware Threat in 2023 – December 7th
According to a report by ZeroFox, LockBit was involved in more than a quarter of global ransomware and digital extortion (R&DE) attacks in 2023. The report found 30% of LockBit's attacks target Europe and 25% in North America. Despite remaining the global leader in ransomware, ZeroFox notes there to be a downward trajectory in the number of LockBit's attacks compared to 2022.
EU Cybersecurity Drill Tests Readiness for 2024 Elections – November 22nd
In preparation for the 2024 elections, the European Parliament's services, the European Commission, and the EU Agency for Cybersecurity conducted a cybersecurity exercise. The drill, held in the European Parliament, involved national and EU partners testing crisis plans and responses to potential cybersecurity incidents. Representatives from electoral and cybersecurity authorities participated, aiming to enhance their capacity to address cybersecurity issues and update protocols for securing election technology. The exercise addressed risks such as information manipulation and cyber-attacks, crucial for safeguarding the integrity of the upcoming European Parliament election scheduled for June 6-9, 2024.
CISA Signs Cybersecurity MoU with the Republic of Korea – November 10th
The Cybersecurity and Infrastructure Security Agency (CISA) announced a signed Memorandum of Understanding (MoU) with the Republic of Korea's National Intelligence Service (NIS) to establish collaboration efforts under the bilateral Cyber Framework between the US and the Republic of Korea signed in April. The framework between the Republic of Korea and the US includes sharing technical and operational cyber threat information and best practices in cyber crisis management.
United States to regulate AI
US President Joe Biden has issued an executive order aimed at regulating artificial intelligence (AI), urging Congress to pass the necessary legislation as swiftly as possible. The announcement was made only 48 hours before tomorrow’s Global AI Summit in the UK, which US Vice President Kamala Harris will attend. The push to swiftly legislate indicates that the threat of AI is being taken seriously globally, with governments taking a coordinated approach. A mass of legislation and backroom deals with IT companies is surely set to follow.
Ransomware gangs start to fight dirty
According to cybersecurity company SecureWorks’ annual State of the Threat Report, over the last 12 months, attackers have shortened the time between the initial penetration of the corporate network to the ransomware demand itself from 4.5 days to less than one day. This period, known in the cybersecurity industry as ‘dwell time’, offers well-equipped cybercriminals a leisurely opportunity to drain the company of funds and its most sensitive secrets. In 10 percent of cases, ransomware was even deployed within five hours of initial access.
LockBit threatens another major data leakage – October 11th
The LockBit ransomware gang has threatened to release data stolen from CDW Corp, a major IT reseller and services provider in the US, UK, and Canada after discussions over the ransom fee for the data commenced. The notorious ransomware gang demanded $80 million, with CDW offering just $1.1 million as their ransom counteroffer.
Millions of individuals’ DNA selling for a dollar a piece
At least seven million customers of San Francisco-based DNA company, 23andMe, are now seeing their confidential and highly personal genetic data up for sale on the internet. The hackers are also offering the millions of victims’ personal email addresses for good measure and to best assist potential blackmailers and fraudsters.
HTX falls victim to crypto thieves – September 27th
Cryptocurrency is being increasingly targeted by hackers, with $7.9 million recently stolen in a hack targeting cryptocurrency exchange HTX. The hack attack was identified as soon as it occurred, with HTX authorities stepping up promptly in an innovative way to recover losses. Following the attack, HTX offered a ‘white hat’ ethical hacker a 5% bonus to return the stolen cryptocurrency, amounting to a total bonus of $400,000.
US fleet management systems impacted in ransomware attack – September 19th
ORBCOMM, the US trucking and fleet management software provider, has linked recent service outages across freight transportation firms throughout the US to a ransomware attack. These outages prevented the Blue Tree Electronic Logging Device usage and inventory tracking capabilities of the fleet management software. Investigations continue into the identity of the threat actors.
Russian Threat Actors Target Ukrainian Military – September 5th
In today's roundup; Russian threat actors target the Ukranian Military, browser-hacking malware found on the phones of Xiaomi users, and a LockBit data leak.