WASHINGTON — A ransomware attack paralyzed the networks of at least 200 U.S. companies on Friday, according to a cybersecurity researcher whose company was responding to the incident. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals…
Fraud Management & Cybercrime , Governance & Risk Management , Privacy Social Media Platform Says No Private Data Exposed Rashmi Ramesh • July 1, 2021 Some 700 million records of LinkedIn users have been offered for sale on the hacker forum RaidForum, the news website PrivacySharks reports. The social media platform, and several…
After the Babuk ransomware operators have announced that they decided to close the affiliate program and move to data theft extortion, the group seems to have returned to their previous methods of encrypting corporate systems. At this time, the hackers are employing a new version of their file-encrypting malware and have shifted the operation to…
Just in time to ruin the holiday weekend, ransomware attackers have apparently used Kaseya — a software platform designed to help manage IT services remotely — to deliver their payload. Sophos director and ethical hacker Mark Loman tweeted about the attack earlier today, and now reports that affected systems will demand $44,999 to be unlocked….
Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say Mathew J. Schwartz (euroinfosec) • July 2, 2021 Sodinokibi/REvil ransom note (Source: Malwarebytes) Just as cloud services have taken the business world by storm, the same can be said for ransomware, including one of…
Written by Tim Starks Jun 29, 2021 | CYBERSCOOP A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year. What’s more, it has taken additional steps in an apparent bid to baffle investigators who…
Application Security , Governance & Risk Management , Identity & Access Management Agency Warns of Impact on National Security Dan Gunderman (dangun127) • July 2, 2021 Failure to take very basic security steps – such as avoiding using end-of-life software and default passwords – can create serious national security risks, the Cybersecurity and…
Softpedia News / Security 1. July 2021 This article has been indexed from Softpedia News / Security Cybercriminals commonly employed this double-encryption service when attempting to evade identification while engaged in destructive actions. Law enforcement has successfully gained access to DoubleVPN’s servers and customer logs, according to Cybersecurity News. Dual-encryption data transfer is one of…
A hot potato: It’s not the first time IT admins and users have been alerted to a flaw in the Windows Print Spooler service. The latest 0-day vulnerability in this Windows component was apparently meant to be detailed in the upcoming annual Black Hat security conference, however, security researchers accidentally posted a proof-of-concept prematurely, and…
Cyber Hassan, Cornyn float bill to create new federal cybersecurity training programs By Natalie Alms Jun 29, 2021 Sens. Maggie Hassan (D-N.H.) and John Cornyn (R-Texas) introduced a bill on Thursday that would create two new cybersecurity training programs aimed at increasing the federal government’s cyber workforce. The bill, called the Federal Cybersecurity…
