Ransomware

stolen password

Cybercriminals are increasingly turning to stolen credentials as a valuable commodity on the underground market. According to a report by cybersecurity firm Flashpoint, last year saw 4,518 data breaches reported, with attackers stealing or exposing 22.62 billion credentials and personal records.   Over 60% of these were stolen from organizations in the information sector. Flashpoint's database of threat intelligence includes 575 million posts on illegal forums, 3.6...

Read More

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks, per the cybersecurity company,...

Read More

Sandworm Targets Ukraine and its Supporters   In the last months of 2022, Russian Advanced Persistent Threat (APT) group Sandworm continued its data wiping attacks against Ukrainian organizations, but expanded its efforts to organizations from countries that are strong supporters of Ukraine, such as Poland, according to a new report by cybersecurity firm ESET. Sandworm is believed to operate as a unit inside Russia's military intelligence agency,...

Read More

  Security researchers have uncovered a cyber-attack campaign by the North Korean Lazarus Group targeting medical research, energy, and other organizations in an effort to gain intelligence information.   The incident began at the end of August when attackers exploited unknown vulnerabilities in an unpatched Zimbra mail server, leading to the exfiltration of many gigabytes of data. In the following weeks, the attackers moved laterally across the network...

Read More