Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.
Who's been launching distributed denial-of-service attacks against ransomware operators' sites and cybercrime markets? Disrupting ransomware operations that rely on Tor-based data leak sites and payment portals for double extortion is an obvious move for cutting into their profits.
The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.
Following an outage of the REvil - aka Sodinokibi - ransomware operation due to coordinated law enforcement efforts involving the U.S. and foreign partners, the operators behind DarkSide ransomware have moved bitcoin worth almost $7 million to multiple new wallets, making it more difficult to track.
In his second Rant of the Day for the CyberEdBoard Profiles in Leadershop blog, Ian Keller, security director at Ericsson and CyberEdBoard executive member, talks about what a CISO does - and what a CISO should do.
While ransomware might be today's top cybercrime boogeyman, attackers aren't infallible. The latest example: Errors in DarkSide - and its BlackMatter rebrand - enabled security experts to quietly decrypt many victims' files for free, saving millions in potential ransom payments.
Researchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.
In the latest weekly update, four ISMG editors discuss: a federal judge imposing the maximum sentences on a hacker who pleaded guilty to conspiracy and aggravated identity theft, regulators getting tougher on cryptocurrency lending platforms and the return to in-person roundtables.
In a busy congressional day for cybersecurity legislation, the U.S. House of Representatives passed several bills on Wednesday, targeting both software supply chain and telecommunication system security. One observer describes them as "a win-win for the government and U.S. citizens."
When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware. It says the attack landscape has seen some notable shifts since the Colonial Pipeline attack.
Researchers at Uptycs Threat Research have uncovered a campaign in which the cloud-focused cryptojacking group TeamTNT is deploying malicious container images hosted on Docker Hub with an embedded script to download testing tools used for banner grabbing and port scanning.
A top leader of the U.S. Cybersecurity and Infrastructure Security Agency has voiced support for a 24-hour timeline for cyber incident reporting involving critical infrastructure, signaling a push by the Biden administration to implement a rapid mechanism for federal response.
Is there any bigger cybercrime soap opera than the life and times of ransomware operators? Take the REvil, aka Sodinokibi, ransomware-as-a-service operation, which feels like it's disappeared and reappeared more times than the secret, identical twin of the protagonist in your favorite melodrama.
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
