Tag: Ransomware
The UK Warns on AI-Generated Malware from Nation-States – January 25th
According to the UK's National Cyber Security Centre (NCSC), AI-generated malware built to avoid detection could be a serious threat inflicted by nation-state threat actors this year. The NCSC further stated that based on their investigations, they believe nation-state groups hold repositories of malware large enough to effectively train an AI model to bolster ransomware attack capabilities.
26 Billion Stolen Record Database Discovered – January 24th
Security Discovery researchers and the Cybernews team discovered the largest data leak ever recorded, containing 26 billion records predominantly stolen from major social media platforms and government agencies. Dubbed "The Mother of All Breaches", the 12 terabytes of compromised records were stolen most notably from Tencent QQ (1.5B), Weibo (504M), MySpace (360M), Twitter (281M), LinkedIn (251M), AdultFriendFinder (220M), among government agency data from the United States, Brazil, Germany, the Philippines, Turkey, among others.
Cybersecurity Experts Question ‘Cyber Scam Warning’ Effectiveness – January 19th
The concern of official cyber scam warnings potentially being ineffective was raised by cybersecurity firms, Praxis Labs, eSentire, stemming from Dubai and Ghana cyber and law enforcement agency reports. After multiple cyber scam warnings issued by the Dubai Police and the Cyber Security Authority of Ghana, reports of victims continuously poured in for these “search engine scams”. Following the incidents, researchers at Praxis Labs and eSentire released statements on human behavior corresponding to cyber, by being on "default mode" and for search engines, the issuance of "implicit trust".
77% of CEOs Believe AI More Risk Than Reward in Cyber – January 16th
Despite the hype of AI in cybersecurity, a PwC survey revealed that 77% of CEOs still believe AI increases the risk of breaches rather than boosts cybersecurity. The PwC survey interviewed 4,700 executives globally, the majority of whom are CEOs. The survey also found that 63% of respondents believed AI to be a misinformation risk, causing a barrier for legal and reputational damage stemming from generative AI.
FNF hack exposes 1.3m customer details
US real estate financial services fat cat, Fidelity National Financial (FNF), has revealed details of a cybersecurity breach that occurred in November, exposing the details of 1.3 million customers. An updated filing to the US Securities and Exchange Commission (SEC) claims the attack, which occurred on November 19, 2023, was detected early on and successfully contained. But despite FNF’s best efforts, over a million customers will wonder if the threat actors behind the breach also believe that their attack has been successfully “contained.” The nature of their target suggests otherwise. A Fortune 500 company, FNF is one of the largest companies of its kind in the US, with an annual revenue of over $10 billion, a market capitalization of $13.3 billion, and a staff of over 23,000 people.
Microsoft’s GitHub: A Growing Platform for Delivering Malicious Payloads – January 12th
A Recorded Future report discloses that Microsoft-owned GitHub is a growing and lucrative platform for threat actors to effectively deliver malicious payloads by blending the payloads with legitimate traffic. The open-source data repository platform's legitimacy is now being leveraged cleverly by threat actors who are "living-off-trusted-sites". However, the limitations in the site's file size and storage stopped large-scale payloads used for data exfiltration from being delivered.
British Library breach highlights new threat
The British Library, which houses about 14 million books plus manuscripts and items dating back to 2000 BC, was forced offline in October after refusing to pay a £600,000 ransomware demand. According to The Financial Times, the digital destruction caused by the “deep and extensive” ransomware attack means that the world-renowned library will now be forced to pay ten times that sum to rebuild its online services at a cost of £6 million to £7 million, taking it offline for up to a year. The British Library breach is further evidence of the devastating speed of the latest generation of ransomware attacks. Cybersecurity firm Sophos’s State of Ransomware 2023 report says that threat actors now succeed in encrypting data in 76 percent of ransomware attacks, up from 65 percent in 2022. According to Sophos, there has also been a 62 percent year-on-year rise in intentional remote encryption attacks since 2022
Cyberattack Shuts Down loanDepot IT Systems – January 8th
In response to complaints regarding its payment portal, loanDepot informed its customers that they fell victim to a cyberattack that shut down its IT systems, disrupting its business operations. Currently in coordination with law enforcement and forensics experts to further investigate the attack. The attack on loanDepot marks the second major cyberattack on a US mortgage loan provider in the past few months, after the cyberattack on Mr. Cooper.
CISA Warns Google Chrome Users of Open Source Vulnerabilities – January 4th
In an announcement addressed to US Federal Agencies, the Cybersecurity and Infrastructure Security Agency (CISA) warned Google Chrome users of a vulnerability (CVE-2023-7101) impacting the web browser's open-source Perl library. The Google vulnerability affects an open-source project, Google Chromium WebRTC, which as a result allows threat actors to cause browser crashes and launch other actions.
$80M in Crypto Stolen from Orbit Chain Cyberattack – January 3rd
Orbit Chain revealed to its users that as a result of a cyber attack, $84.5M worth of Ethereum and DAI (cryptocurrencies) were illicitly transferred to seven wallet addresses on the 1st of January. Orbit Chain is now coordinating with the Korean National Police Agency and the Korea Internet & Security Agency (KISA) to find the threat actors behind the cyber attacks, and to further protect its customers' crypto wallets.
H2 2023 Dominated by AI Malicious Activity and Android Spyware Threats – December 28th
According to an ESET report, the threat landscape of the second half of 2023 was dominated by AI-generated malicious activity and newly emerged Android spyware. Coming from ESET's "Threat Report: H2 2023," based on the firm's recorded incidents, the report also states that a new economy has arisen from OpenAI API keys, especially for cybercriminals.
62% of Top Ransomware Groups Activated Remote Attacks in 2023 – December 27th
According to Sophos' latest report, 62% of the most active ransomware groups in the world deliberately enable remote encryption for their attacks. Sophos' report entitled "CryptoGuard: An Asymmetric Approach to the Ransomware Battle," gathered the data based on Sophos' detected and halted ransomware attacks in 2023. The report further stated that remote encryption is used as a tactic for effective, widespread ransomware attacks within organizations, aiming to steal as much sensitive information as possible.