Tag: joint | SpinSafe

GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

March 6, 2024/in Internet Security

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker.

“TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News.

“GhostLocker and Stormous ransomware have started a new ransomware-as-a-service (RaaS) program STMX_GhostLocker, providing various options for their affiliates.”

Attacks mounted by the group have targeted victims in Cuba, Argentina, Poland, China, Lebanon, Israel, Uzbekistan, India, South Africa, Brazil, Morocco, Qatar, Turkiye, Egypt, Vietnam, Thailand, and Indonesia.

Some of the most impacted business verticals include technology, education, manufacturing, government, transportation, energy, medicolegal, real estate, and telecom.

GhostSec – not to be confused with Ghost Security Group (which is also called GhostSec) – is part of a coalition called The Five Families, which also includes ThreatSec, Stormous, Blackforums, and SiegedSec.

It was formed in August 2023 to “establish better unity and connections for everyone in the underground world of the internet, to expand and grow our work and operations.”

Late last year, the cybercrime group ventured into ransomware-as-a-service (RaaS) with GhostLocker, offering it to other actors for $269.99 per month. Soon after, the Stormous ransomware group announced that it will use Python-based ransomware in its attacks.

The latest findings from Talos show that the two groups have banded together to not only strike a wide range of sectors, but also unleash an updated version of GhostLocker in November 2023 as well as start a new RaaS program in 2024 called STMX_GhostLocker.

“The new program is made up of three categories of services for the affiliates: paid, free, and another for the individuals without a program who only want to sell or publish data on their blog (PYV service),” Raghuprasad explained.

STMX_GhostLocker, which comes with its own leak site on the dark web, lists no less than six victims from India, Uzbekistan, Indonesia, Poland, Thailand, and Argentina.

GhostLocker…

Source…

AUKUS Defense Ministers Meeting Joint Statement > U.S. Department of Defense > Release

December 1, 2023/in Internet Security

Secretary of Defense Lloyd J. Austin III hosted the Honourable Richard Marles MP, Deputy Prime Minister and Minister for Defence, Australia, and the Right Honourable Grant Shapps, Secretary of State for Defence, United Kingdom, at the Defense Innovation Unit Headquarters in California today to discuss the AUKUS enhanced defense and security partnership.

For more than a century, the three nations have stood shoulder-to-shoulder, along with other allies and partners, to help sustain peace, stability and prosperity around the world. The Secretaries and Deputy Prime Minister acknowledged that, in the face of an evolving security environment, AUKUS presents a generational opportunity to modernize and enhance longstanding partnerships and cooperation to address global security challenges and contribute to stability and prosperity in the Indo-Pacific region and beyond. The Secretaries and Deputy Prime Minister reaffirmed that at the core of this partnership is the shared resolve to bolster security and stability and ensure that the Indo-Pacific remains a region free from coercion and aggression.

For Australia’s acquisition of conventionally armed, nuclear-powered submarines (Pillar I), AUKUS partners are collaborating to deliver this capability at the earliest possible date while upholding the highest nuclear non-proliferation standard. For Advanced Capabilities (Pillar II), AUKUS partners are substantially deepening cooperation on a range of security and defense capabilities, making sure that each nation has the capabilities needed to defend against rapidly evolving threats. Through these efforts, AUKUS contributes to integrated deterrence by pursuing layered and asymmetric capabilities that promote increased security and stability.

The Secretaries and Deputy Prime Minister reaffirmed the three nations’ commitment to maximize the strategic and technological advantage of AUKUS by combining national strengths and pooling resources to deliver game-changing capabilities. They agreed that advancing AUKUS requires continued commitment to streamlining defense trade controls and information-sharing while minimizing policy and financial barriers across public and private…

Source…

Joint FBI and CISA advisory warns of Snatch ransomware operation

September 20, 2023/in Internet Security

The U.S. Federal Bureau of Investigation and the Cybersecurity and Infrastructure Agency today released a joint Cybersecurity Advisory warning of the Snatch ransomware operation.

Snatch first appeared in 2018 and operates on a ransomware as a service model. Ransomware as a service is a cybercriminal business model where ransomware operators develop and provide ransomware to affiliates who pay to use it for launching ransomware attacks. The first known victim in the U.S. of a Snatch ransomware attack was ASP.NET hosting provider SmarterASP.NET in 2019.

The joint advisory has been released to disseminate known ransomware indicators of compromise and tactics, techniques and procedures associated with Snatch ransomware identified through FBI investigations as recently as June 1, 2023.

Snatch threat actors are said to be consistently evolving their tactics to take advantage of current trends in the cybercriminal space and have leveraged the successes of other ransomware operations. Affiliates using Snatch have targeted critical infrastructure sectors, including companies and organizations in the defense, food and agriculture and information technology sectors.

Snatch dark web site

Like many ransomware actors over the last few years, Snatch operates on a so-called double-extortion basis, both encrypting data and stealing it – demanding that a ransom be paid not only for a decryption key but also a promise that the stolen data will not be published on Snatch’s dark web site.

Recent victims of Snatch ransomware attacks, as listed on their dark web site (pictured), include the Florida Department of Veteran’s Affairs, Zilli, CEFCO Inc., the South African Department of Defense and the Briars Group Ltd.

Discussing the advisory, Michael Mumcuoglu, chief executive officer and co-founder of posture management company CardinalOps Ltd. told SiliconANGLE that there has been increased activity by the Snatch ransomware group over the last 12-18 months as they have claimed responsibility for several recent high-profile attacks.

“A unique tactic used by the Snatch ransomware group leverages ‘stealthy malware’ that takes advantage of the fact that many Windows computers do not…

Source…

Joint Statement on the Strategic Third Neighbor Partnership between the United States of America and Mongolia

August 3, 2023/in Internet Security

August 2, 2023

Vice President Kamala Harris welcomed Prime Minister Oyun-Erdene Luvsannamsrai to Washington, D.C., on August 2^nd to celebrate the strategic Third Neighbor partnership between the United States and Mongolia. The two sides acknowledged the advancement of U.S.-Mongolia relations since the 2019 declaration of the two countries’ Strategic Partnership, which has provided a firm foundation to promote and strengthen bilateral relations. Ties between our two countries are at their strongest point yet and have developed on the basis of shared principles, respect for good governance, sovereignty, the rule of law, and human rights, as well as Mongolia’s Third Neighbor policy.

The United States applauded Mongolia’s efforts to expand relations in the region and around the world, thus contributing to international stability. In this context, our two countries shared respective views on ensuring a prosperous, peaceful, and inclusive Indo-Pacific region. Together, the United States and Mongolia are expanding our strategic partnership with a focus on building economic resilience, promoting democratic principles and institutions, and strengthening our security cooperation. As strategic Third Neighbors, we will sustain our close partnership and forge ties between our citizens to ensure their continued prosperity and security.

Deepening Economic Cooperation

The United States and Mongolia are partnering on joint responses to the 21^st century’s most difficult economic challenges, exploring opportunities to increase trade and investment through bilateral cooperation and regional trade mechanisms. Our countries share a desire to deepen the bilateral economic relationship in areas of mutual interest and to pursue opportunities for cooperation in the mineral resources sector, clean energy, food security, and the digital economy through existing and new mechanisms, including for capacity building and trade promotion.

Mongolia introduced the priorities of Mongolia’s New Recovery policy and related project implementation through public-private partnerships and Mongolia’s Vision-2050 long-term development policy. Both Governments…

Source…

Tag Archive for: joint