Tag: Ransomware
November’s Ransomware Leak Victims Reach Record High – December 25th
A record-high 484 ransomware victims were posted on publicly available sites in November 2023, according to a Corvus Insurance report. The spike in ransomware victims' information being leaked reflects a 39.08% increase compared to October 2023 and a staggering 110.43% increase compared to November 2022.
‘Predatory Sparrow’ Cyberattack Shuts Down 70% of Iran’s Gas Stations – December 19th
Threat actor group Gonjeshke Darande, which translates to “Predatory Sparrow” claimed the cyberattacks against Iranian petrol stations, rail networks, and steel factories, according to Iranian State Media. 'Predatory Sparrow', speculated to be linked to Israel, explains the attack to be in response to "the aggression of the Islamic Republic and its proxies in the region".
Fraudulent LinkedIn Profiles Targeting Saudi Workers for Corporate Data Leaks – December 12th
Revealed in a presentation at last month's Black Hat Middle East and Africa conference, was a corporate information leak tactic targeting Saudi Arabian workers using fraudulent LinkedIn profiles. The LinkedIn attacks start with fraudulent accounts pretending to be Muslim women in their 20s who say they work in Southeast Asia. Once the connection is made, attempts to harvest sensitive corporate information through long, seemingly legitimate professional conversations ensue.
LockBit Keeps Role as Biggest Global Ransomware Threat in 2023 – December 7th
According to a report by ZeroFox, LockBit was involved in more than a quarter of global ransomware and digital extortion (R&DE) attacks in 2023. The report found 30% of LockBit's attacks target Europe and 25% in North America. Despite remaining the global leader in ransomware, ZeroFox notes there to be a downward trajectory in the number of LockBit's attacks compared to 2022.
Convicted Russian Pleads Guilty to Ransomware Attacks – December 5th
The Department of Justice announced that the Russian national behind the malware tool Trickbot, used to launch ransomware attacks on American hospitals, pleaded guilty to his role in the malware tool's development. Trickbot was used to facilitate ransomware attacks on a string of American hospitals and health systems, disrupting care delivery and risking patient safety.
US Consumers Receive 2B Spam Calls Monthly – November 29th
According to Truecaller, US consumers were faced with two billion spam calls per month. Truecaller's Monthly US Spam and Scam Report also unveiled that around 195 million hours were wasted by answering these scam calls. The goal of these scam calls is to carry out credit card fraud, identity theft, and sensitive data collection.
Pittsburgh-area Water Authority Hit by Cyber Attack – November 28th
The Municipal Water Authority of Aliquippa reported a cyberattack that shut down their water pressure technology, to the U.S. Department of Homeland Security this past weekend. According to the U.S. Department of Homeland Security, the unassuming cyberattack may come with serious international implications, with the attack suspected to come from an anti-Israeli Iranian threat actor group labeled as "Cyber Av3ngers". This nation-state cyberattack is not the first to disrupt critical water infrastructure.
IT security responsible for 14% of cyber-breaches
A staggering 14 percent of cyber incidents are due to senior IT security staff errors, compounded by a further 15% of errors caused by other IT staff. According to a new study published by cybersecurity firm Kaspersky, over the last two years, 77 percent of companies experienced between one and six cybersecurity breaches, with IT security staff being directly culpable for almost a third of all cybersecurity breaches.
167% Rise in Malicious Bot Attacks Reported – November 23rd
Arkose Labs reported a 167% rise in malicious bot attacks for the first half of 2023. The Arkose Labs report focused on bots also stated that 73% of all website and app traffic measured comprised of malicious bots in order to initiate attack types such as SMS toll fraud, web scraping, card testing, and credential stuffing.
US Congress tries to block new cyber rulings
New cybersecurity rulings due to come into full force less than a month from today are being blocked in the US Congress and the House of Representatives. The new rulings include the mandatory reporting of any ‘material’ cyber-attack within four working days and were drawn up by the Securities and Exchange Commission (SEC). But, according to a statement issued by Congressman Andrew Barbarino, Chairman of Homeland Security’s Cybersecurity and Infrastructure Protection Subcommittee, and Senator Thom Tillis: “This cybersecurity disclosure rule is a complete overreach on the part of the SEC … also increasing cybersecurity risk without a congressional mandate and in direct contradiction to public law that is intended to secure the homeland.”
EU Cybersecurity Drill Tests Readiness for 2024 Elections – November 22nd
In preparation for the 2024 elections, the European Parliament's services, the European Commission, and the EU Agency for Cybersecurity conducted a cybersecurity exercise. The drill, held in the European Parliament, involved national and EU partners testing crisis plans and responses to potential cybersecurity incidents. Representatives from electoral and cybersecurity authorities participated, aiming to enhance their capacity to address cybersecurity issues and update protocols for securing election technology. The exercise addressed risks such as information manipulation and cyber-attacks, crucial for safeguarding the integrity of the upcoming European Parliament election scheduled for June 6-9, 2024.
Ransomware gang turns SEC informant
When a top mob boss turns his co-criminals over to the authorities, the US Federal Bureau of Information labels him a ‘stool pigeon.’ Similarly, the AlphaV ransomware gang is turning informer, not on its rivals but on its victims. In what is a likely portent of things to come, the gang has had the nerve to inform on MeridianLink (MLNK) to the United States Securities and Exchange Commission (SEC) for being slow to report a ransomware attack that they themselves had initiated earlier in the month.