Tag Archive for: companies

FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies

/in


Sep 30, 2023THNRansomware / Cyber Threat

Ransomware

The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023.

“During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal,” the FBI said in an alert. “Variants were deployed in various combinations.”

Not much is known about the scale of such attacks, although it’s believed that they happen in close proximity to one another, ranging from anywhere between 48 hours to within 10 days.

Cybersecurity

Another notable change observed in ransomware attacks is the increased use of custom data theft, wiper tools, and malware to exert pressure on victims to pay up.

“This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments,” the agency said. “Second ransomware attacks against an already compromised system could significantly harm victim entities.”

It’s worth noting that dual ransomware attacks are not an entirely novel phenomenon, with instances observed as early as May 2021.

Last year, Sophos revealed that an unnamed automotive supplier had been hit by a triple ransomware attack comprising Lockbit, Hive, and BlackCat over a span of two weeks between April and May 2022.

UPCOMING WEBINAR

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

Then, earlier this month, Symantec detailed a 3AM ransomware attack targeting an unnamed victim following an unsuccessful attempt to deliver LockBit in the target network.

The shift in tactics boils down to several contributing factors, including the exploitation of zero-day vulnerabilities and the proliferation of initial access brokers and affiliates in the ransomware landscape, who can resell access to victim systems and deploy various strains in quick succession.

Organizations are advised to strengthen their…

Source…

Protecting Companies and Their Customers According to Realtimecampaign.com

/in


PRESS RELEASE

Published July 22, 2023

With cyber threats abounding, businesses need to be more aware of the dangers they’re facing than ever before. Though numerous cybersecurity solutions are available, antivirus software remains a crucial component in safeguarding businesses against the ever-evolving threat of cyberattacks. In today’s digital age, where businesses heavily rely on technology, data, and interconnected networks, protecting sensitive information and ensuring uninterrupted operations have become paramount.

Understanding the Importance of Antivirus Protection

First and foremost, antivirus software helps detect and prevent malware infections. Malware, such as viruses, worms, Trojans, ransomware, and spyware, can infiltrate systems through various points, including malicious websites, email attachments and infected downloads. Once inside a business network, malware can cause significant damage, leading to data breaches, financial losses, and reputation damage. Antivirus software scans files, programs, and incoming data, identifying and eliminating malicious code before it can wreak havoc. Companies that are concerned about this threat can dig this for further details.

Providing Real-Time Protection

Antivirus software provides real-time protection against ongoing dangers. It constantly monitors systems, proactively identifying and neutralizing emerging threats. With the rapid pace at which new malware variants are created, having up-to-date antivirus software is crucial to stay ahead of cybercriminals. Real-time protection ensures that businesses can detect and respond to threats swiftly, minimizing the potential impact on operations and data integrity.

Preventing Data Breaches

Antivirus software also plays a vital role in mitigating the risk of data breaches. Businesses store vast amounts of sensitive and confidential information, including customer data, financial records, and intellectual property. A successful data breach can have severe consequences, ranging from regulatory penalties to loss of customer trust. Antivirus software helps establish a robust defense mechanism, preventing unauthorized access and safeguarding sensitive data from theft or compromise.

Source…

New third MOVEit software zero day vulnerability used to hack companies

/in


New third MOVEit software zero day vulnerability used to hack companies


web analytics




Source…

RA ransomware gang attacks four companies in less than a month

/in


Leaked source code from cybercriminal gang Babuk continues to wreak havoc, with a new ransomware gang, RA, using it to launch cyberattacks. RA has built malware based on Babuk’s code and used it to steal 2.5 terabytes of data from four victim companies in the US and South Korea. 

RA Ransomware
RA ransomware has struck four companies in less than a month. (Photo by ROB ENGELAAR/ANP/AFP via Getty Images)

RA was first spotted in April, and has already racked up a list of victims according to a report released today by security company Cisco Talos.

RA ransomware gang attacks four companies

The Cisco Talos research says: “RA Group launched their data leak site on April 22, 2023, and on April 27, we observed the first batch of victims, three in total, followed by another one on April 28.

“We also observed the actor making cosmetic changes to their leak site after disclosing the victim’s details, confirming they are in the early stages of their operation.” 

The cybercrime group employs the same tactics as other ransomware gangs, using double extortion to press the victims into paying. This is where a criminal will exfiltrate data from a system before encrypting it so they can blackmail them into paying the ransom as well as charging them for the decryption key.

Victims are also posted onto a dark web blog to leverage the threat of data being released.

The gang is a little more ruthless than most, selling the data after three days, according to the ransom note published in the report: “Your data has been encrypted when you read this letter. We have copied all data onto our server, but don’t worry, your data will not be compromised or made public if you do not want,” it says. Typically criminals give their victims weeks or months to pay up.

“We took your data and encrypted your servers,” it continues. “Contact us, pay for decryption. If there is no contact within three days, we will make the sample file public. If there is no contact within seven days, we will make the file public. Do not contact us through other companies, they just earn the difference.”

Content from our…

Source…