Tag: double | Page 2

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

December 23, 2022/in Internet Security

The danger of being hit by a ransomware attack is scary enough, but in many cases, criminals can still extort your business after the ransom has been paid and things have seemingly returned to normal. Double and even triple extortions are becoming increasingly common, with ransomware gangs now demanding additional payments to keep the private information captured in their attacks from being leaked. These added threats are driving up the collective cost of ransomware, which is forecast to reach $265 billion by 2031, according to some sources.

In traditional ransomware attacks, the attackers hijack and encrypt valuable data to force organizations to pay a ransom in exchange for the safe restoration of data and network functionality. CISOs have responded by adopting stronger cyber protections, such as creating secure offsite backups and segmenting their networks, and attackers have quickly evolved to subvert these methods.

One Extortion, Two Extortion, Three

The cat-and-mouse game that is ransomware took an ugly turn over the past year or so as attackers realized the value that organizations put on not releasing their sensitive information publicly: The brand and reputation hit can sometimes be just as damaging as being locked out of files and systems. Capitalizing on this unfortunate reality, attackers began adding the threat of leaking sensitive data as a follow-up to successful or even unsuccessful ransomware attacks when organizations were able use backups to restore their systems.

With double extortion being so successful, attackers figured: Why stop there? In cases of triple extortion, attackers threaten to release data about downstream partners and customers to extract additional ransom payments, potentially putting the initial organization at risk of lawsuits or fines.

Some bad actors have even created a search function that allows victims to find leaked data about partners and clients as proof of the data‘s damaging value. A ransomware operation known as ALPHV/BlackCat may have started this trend in June, when cybercriminals posted a searchable database containing the data of nonpaying victims. The BlackCat gang went as far as to index the data repositories and give…

Source…

Double shooting leaves 1 dead • Comerica Park’s new lights • Racial slur at DSO performance

December 12, 2022/in Mobile Security

1 killed in double shooting on Detroit’s west side

One person died and another’s condition is unknown after Detroit police say a double shooting took place on the city’s west side Monday morning.

MONDAY NEWS HIT – Officers could be seen with flashlights and cameras in the upstairs floor of a home where a double shooting occurred early Monday morning.

Detroit police say at least one of the victims died from their injuries while the second’s condition remains unknown after gunfire was exchanged in a home on the city’s west side.

Police haven’t released much information on the nature of the shooting, but did say they started getting calls around 3:30 a.m. about reports of shots being fired.

The scene remains active inside the home, located on the 13600 block of Santa Rosa. It’s near Oakman Boulevard and Livernois.

It’s unclear what motive might be at play regarding the shooting.

Police are expected to canvass for witnesses and any home surveillance footage that could tell them anything about what happened.

DSO investigating racial slur incident

The Detroit Symphony Orchestra said it is investigating an incident during one of the group’s performances last week involving a racial slur. In a Facebook post over the weekend, the DSO said it was “deeply disappointed by an incident that took place towards the end of Friday night’s concert when an audience member shouted a racial slur.”

“Racism and bigotry have no place in Orchestra Hall, and behavior like this is unacceptable. We are currently investigating and will enact a permanent ban once we identify the ticketholder,” wrote the post.

The DSO is currently performing many holiday-themed series with Christmas around the corner. On Dec. 9, the night of the incident, the orchestra put on a show that included music from A Charlie Brown Christmas.

“Live music is a profoundly human experience that taps into our emotions and provides us all with a sacred space for listening. We apologize that this space was violated. We appreciate our audiences so much and hope to see you back at Orchestra Hall soon.”

Read the Facebook post here.

Comerica Park getting new lights

While it’s the Detroit Lions making waves in Motor City sports, the…

Source…

Ransomware variants almost double in six months – FortiGuard

August 21, 2022/in Computer Security

Ransomware variants have almost doubled in the past six months, with exploit trends demonstrating the endpoint remains a target as work-from-anywhere continues, according to the latest semiannual FortiGuard Labs Global Threat Landscape Report.

“Cyber adversaries are advancing their playbooks to thwart defence and scale their criminal affiliate networks,” says Derek Manky, chief security strategist and VP global threat intelligence, FortiGuard Labs.

“They are using aggressive execution strategies such as extortion or wiping data as well as focusing on reconnaissance tactics pre-attack to ensure better return on threat investment,” he says.

“To combat advanced and sophisticated attacks, organisations need integrated security solutions that can ingest real-time threat intelligence, detect threat patterns, and correlate massive amounts of data to detect anomalies and automatically initiate a coordinated response across hybrid networks.”

Glenn Maiden, director of threat intelligence, Australia and New Zealand, Fortinet, adds, “The FortiGuard Labs Global Threat Landscape 1H 2022 report has found the number of ransomware variants has almost doubled over the previous six months while the volume of ransomware, which spiked in 2021, has remained steady.

“This means FortiGuard Labs has seen the same amount of ransomware attacks; however, there is double the diversity of ransomware variants,” he says.

One of the drivers for this increase in diversity is the popularity of Ransomware-as-a-Service (RaaS). RaaS can enable even a relatively unsophisticated criminal to execute a lucrative ransomware attack.

As organisations maintain remote and hybrid working models, cyber adversaries are focusing on concealing activity from end point security systems. Looking at the top tactics and techniques from the past six months of endpoint detection and response (EDR) telemetry, defence evasion is the top tactic employed by malware developers. Attackers are likely to use techniques like system binary proxy execution to hide malicious intentions.

Cyber affiliates are now much more sophisticated in selecting their targets. An attacker that conducts deeper pre-attack reconnaissance will lead…

Source…

NFT, DeFi and crypto hacks abound — Here’s how to double up on wallet security

June 25, 2022/in Internet Security

The explosiveness and high dollar value of nonfungible tokens (NFTs) seem to either distract investors from upping their operational security to avoid exploits, or hackers are simply following the money and using very complex strategies to exploit collectors’ wallets.

At least, this was the case for me way back when after I fell for a classic message sent to me over Discord that caused me to slowly but all too quickly lose my most valuable assets.

Most of the scams on Discord occur in a very similar fashion where a hacker takes a roster of members on the server and then sends direct messages to them in hopes they will bite at the bait.

BEWARE: Several scams happening on Discord tonight. QUESTION EVERYTHING. Before clicking on links, quadruple check who it’s from and if it’s legitimate. Then check 12 more times on Twitter via trusted sources.

— Farokh (@farokh) October 27, 2021

“It happens to the best of us,” are not the words you want to hear in relation to a hack. Here are the top three things I learned from my experience on how to double-up on security, starting with minimizing the use of a hot wallet and simply ignoring DM’d links

A quick crash course in hardware wallets

After my hack, I was immediately reminded and I cannot reiterate it enough, never share your seed phrase. No one should be asking for it. I also learned that I could no longer forego security at the privilege of convenience.

Yes, hot wallets are much more seamless and quicker to trade with, but they do not have the added security of a pin and a passphrase like they do on a hardware, or cold, wallet.

Hot wallets like MetaMask and Coinbase are plugged into the internet, which makes them more vulnerable and susceptible to hacks.

Contrary to hot wallets, cold wallets are applications or devices whereby the user’s private keys are offline and do not connect to the internet. Since they operate offline, hardware wallets prevent unauthorized access, hacks and typical vulnerabilities by systems, something which are susceptible to when they are online.

4/ USE A HARDWARE WALLET

A hardware based wallet stores the keys off of your main device. Your device that could have malware, key loggers, screen capture…

Source…

Tag Archive for: double

One Extortion, Two Extortion, Three

1 killed in double shooting on Detroit’s west side

DSO investigating racial slur incident

Comerica Park getting new lights

A quick crash course in hardware wallets