Tag Archive for: comeback

Russian-based LockBit ransomware hackers attempt a comeback | Cybercrime

/in


The LockBit ransomware gang is attempting a comeback days after its operations were severely disrupted by a coordinated international crackdown.

The Russian-based group has set up a new site on the dark web to advertise a small number of alleged victims and leak stolen data, as well as releasing a rambling statement explaining how it had been hobbled by the UK’s National Crime Agency, the FBI, Europol and other police agencies in operation last week.

The group said law enforcement had hacked its former darkweb site using a vulnerability in the PHP programming language, which is widely used to build websites.

“All other servers with backup blogs that did not have PHP installed are unaffected and will continue to give out data stolen from the attacked companies,” said the statement, which was published in English and Russian.

The statement also referred to “my personal negligence and irresponsibility”, declared an intention to vote for Donald Trump in the US presidential election and offered a job to whoever hacked LockBit’s main site.

LockbitSupp, the group’s administrator and presumed author of the statement, does not live in the US, according to law enforcement. The agencies involved in the LockBit operation have also added that “LockbitSupp has engaged with law enforcement”.

In a statement, the NCA said LockBit remains “completely compromised”. A spokesperson said: “We recognised LockBit would likely attempt to regroup and rebuild their systems. However, we have gathered a huge amount of intelligence about them and those associated to them, and our work to target and disrupt them continues.”

The US this month charged two Russian nationals with deploying Lockbit ransomware against companies and groups around the world. Police in Poland made an arrest, and in Ukraine police arrested a father and son they said carried out attacks using Lockbit’s malicious software.

The message on the new LockBit site also threatened to attack US government sites more often. Its revamped website, launched on Saturday, showed a number of purported hacking victims.

Rafe Pilling, director of threat research at the cybersecurity firm Secureworks, said the statement and website showed…

Source…

Fileless Malware Attacks Surge by 900% and Cryptominers Make a Comeback, While Ransomware Attacks Decline

/in


WatchGuard report uncovers massive increases in endpoint attacks, rising encrypted malware rates, new exploits targeting IoT devices, and more

SEATTLE, March 30, 2021 (GLOBE NEWSWIRE) — WatchGuard® Technologies, a global leader in network security and intelligence, multi-factor authentication (MFA), advanced endpoint protection, and secure Wi-Fi, today released its Internet Security Report for Q4 2020. The report includes exciting new insights based on endpoint threat intelligence following WatchGuard’s acquisition of Panda Security in June 2020. Among its most notable findings, the report reveals that fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019. Additionally, the WatchGuard Threat Lab found that Q4 2020 brought a 41% increase in encrypted malware detections over the previous quarter and network attacks hit their highest levels since 2018.

“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections,” said Corey Nachreiner, chief technology officer at WatchGuard. “The attacks are coming on all fronts, as cyber criminals increasingly leverage fileless malware, cryptominers, encrypted attacks and more, and target users both at remote locations as well as corporate assets behind the traditional network perimeter. Effective security today means prioritizing endpoint detection and response, network defenses and foundational precautions such as security awareness training and strict patch management.”

WatchGuard’s quarterly Internet Security Reports inform businesses, their partners and end customers about the latest malware, endpoint and network attack trends as they emerge. Key findings from the Q4 2020 report include:

  • Fileless malware attacks skyrocket – Fileless malware rates in 2020 increased by 888% over 2019. These threats can be particularly dangerous due to their ability to evade detection by traditional endpoint protection clients and because they can succeed without victims doing anything beyond clicking a malicious link or unknowingly visiting…

Source…

Cured DNS hack makes a surprising comeback

/in



As per the group of researchers from Tsinghua University and UC Riverside, the vulnerability affects a majority of the popular DNS services, including Google’s 8.8.8.8 and CloudFlare’s 1.1.1.1.   The …

Source…

Old malware makes a comeback as new players enter cyber warfare – Business Insider India

/in

Old malware makes a comeback as new players enter cyber warfare  Business Insider India
“cyber warfare news” – read more