gangs
-
Blog
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the “Fast Flux” cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs. Although the technique isn’t new, its effectiveness has been documented and proven repeatedly in actual cyberattacks. How Fast Flux helps with evasion Fast Flux is a DNS technique used for evading…
Read More » -
Blog
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Healthcare organizations are facing serious threats from ransomware groups, with nearly nine-in-ten (89%) found to have medical devices that are vulnerable to exploits. That’s according to research from Claroty, which examined the state of security among healthcare organizations — and the diagnosis isn’t good. The report found that effectively all (99%) of healthcare organizations have at least one known, actively…
Read More » -
Blog
US seizes domain of Garantex crypto exchange used by ransomware gangs
The U.S. Secret Service has seized the domain of the sanctioned Russian cryptocurrency exchange Garantex in collaboration with the Department of Justice’s Criminal Division, the FBI, and Europol. Other law enforcement authorities involved in this action include the Dutch National Police, the German Federal Criminal Police Office, the Frankfurt General Prosecutor’s Office, the Estonian National Criminal Police, and the Finnish…
Read More » -
Blog
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. The vulnerable drivers were exploited in ‘Bring Your Own Vulnerable Driver’ (BYOVD) attacks where threat actors drop the kernel driver on a targeted system to elevate privileges. “An attacker with local access to a device can exploit these vulnerabilities…
Read More » -
Blog
Black Basta ransomware gang’s internal chat logs leak online
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. ExploitWhispers, the individual who previously uploaded the stolen messages to the MEGA file-sharing platform, which are now removed, has uploaded it to a dedicated Telegram channel. It’s not yet clear if ExploitWhispers is a security researcher who…
Read More » -
Blog
Two Illinois school districts disclose data breaches claimed by ransomware gangs
Two school districts north of Chicago this week confirmed they notified thousands of people about data breaches claimed by ransomware gangs, according to public disclosures. Community High School District 117 says it notified 18,830 people about a June 2024 data breach. Ransomware gang BlackSuit claimed responsibility. “We recently discovered unauthorized access to our network between approximately June 2 and June…
Read More » -
Blog
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. Cryptocurrency mixers allow the mixing of deposited crypto assets among many wallet addresses to help obfuscate their source. The services then take a commission from all laundered crypto deposited before…
Read More » -
Blog
Russia arrests cybercriminal Wazawaka for ties with ransomware gangs
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. While the prosecutor’s office has yet to release any details on the individual’s identity (described as a “programmer” in court documents), the individual is Matveev, according to an anonymous…
Read More » -
Blog
US Marshals Service disputes ransomware gang’s breach claims
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group’s leak site on Monday. “USMS is aware of the allegations and has evaluated the materials posted by individuals on the dark web, which do not appear to derive from any new or undisclosed…
Read More » -
Blog
Ransomware gangs are rolling in cash, with hackers taking home $459.8 million in the first half of 2024 alone
It’s been a good year for ransomware gangs, new research shows, with threat actors having made more money so far this year than ever before. A new report from Chainalysis puts the sum at $459.8 million for the first six months of 2024.This, the report noted, is largely down to ‘big game hunting’ – criminals carrying out fewer attacks, but…
Read More »