Tag Archive for: November

Ransomware Leak Site Victims Reached Record-High in November


After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance.

In a report published on December 18, 2023, Corvus Threat Intel observed 484 new ransomware victims posted to leak sites in November.

This represents a 39.08% increase from October and a 110.43% increase compared with November 2022.

Source: Corvus Insurance
Source: Corvus Insurance

This is the eleventh month in a row with a year-on-year increase in ransomware victims and the ninth in a row with victim counts above 300. This is also the third time such a record has been broken this year.

However, while the previous two records in 2023 were primarily attributed to Clop’s MOVEit supply chain attack, this was not the case in November.

A CitrixBleed-Induced LockBit’s Activity Peak

According to Corvus’ data, the November peak was partly due to a resurgence in LockBit’s activity.

Source: Corvus Insurance
Source: Corvus Insurance

November was LockBit’s third-highest month of 2023 in terms of listed victims (121) after a quieter Fall.

Source: Corvus Insurance
Source: Corvus Insurance

If the first two peaks were due to affiliates returning to work after a winter or a summer break, Corvus threat intelligence analysts estimated that the November increase could be attributed to the CitrixBleed vulnerability, “which has reportedly become a new staple for the group.”

Read more: LockBit Affiliates are Exploiting Citrix Bleed, Government Agencies Warn

Could QakBot Resurgence Mean a New Record this Winter?

Based on historical seasonal data, the Corvus Threat Intel team predicted that the number of ransomware leak site victims listed in December will be higher than in December 2022 but likely won’t match November’s numbers.

“We expect a decrease in January as the humans behind ransomware attacks take some time off,” the researchers added.

Finally, Corvus observed that although the take-down of malware loader QakBot (aka QBot) by law enforcement in August impacted ransomware groups. This new resurgence in victim listings showed that “the ransomware ecosystem has successfully pivoted away from QBot.”

The fact that…

Source…

Ransomware attacks in November rise 67% from 2022


  • Total ransomware cases up 30% from October
  • Industrials (33%), Consumer Cyclicals (18%), Healthcare (11%), remain most targeted sectors
  • North America (50%), Europe (30%) and Asia (10%) continue to be top three targeted regions

Global levels of ransomware attacks rose 30% in November, with a total of 442 attacks, following a lower volume of attacks in October (341) according to NCC Group’s November Threat Pulse.

As the third most active month of the year, ransomware levels in November have taken the total number of global ransomware attacks to 4,276 cases so far, surpassing predictions that the total figure would hit 4,000 with one month of 2023 still to go.

Industrials sector continues to be hardest hit

Following the trends witnessed across the year so far, Industrials was the most targeted sector in November, with 146 (33%) of all attacks, marking a 28% increase from October (114 attacks).

The data reveals that Industrials continue to be prime targets for the breadth and diversity of organizations in the sector and their vast amounts of PPI and IP data. As Industrials are focused on digitalization to enhance efficiency and productivity, there is a greater risk of ransomware attacks.

Consumer Cyclicals is the second most targeted sector with 78 (18%) of attacks, with Healthcare also holding its third place spot from October with 50 (11%) of attacks. Another month of high levels of ransomware for healthcare indicates a concrete shift in the threat landscape for the sector.

LockBit remains a dominant player

In November, LockBit was the most active threat actor, with a 73% month-on-month increase in activity from 66 attacks recorded in October. Data from across this year shows that LockBit has maintained its position as the most prominent threat actor, except in the months March, June and July when CLOP’s mass exploitation of GoAnywhere and MOVEit vulnerabilities put them in top spot.

BackCat takes second place in November with 49 (11%) of attacks and a month-on-month increase of 58%. Play drops down from the 2nd most active group in October to third in November, responsible for 10% of all attacks. November’s data marks the most active month for Play recorded by NCC Group….

Source…

Why is Cyber Security Day celebrated on November 30? null


On November 30, there is an annual celebration known as National Computer Security Day. The day serves as a reminder to be vigilant about the growing threat of cyberattacks.

Why is National Computer Security Day observed on November 30?

When Computer Security Day was first observed in 1988, computers were just starting to become widely used, even though they weren’t yet pervasive in homes. In addition to increased computer use, particularly in business and government, the 1980s also saw the beginnings of the internet.

According to reports, Cornell University researchers discovered an unidentified virus hiding in their computer systems on November 2, 1988. The “Morris worm” virus infected the ARPANET, a precursor to today’s internet, and several other university systems within four hours of its discovery.

Six days later, the Defense Advanced Research Projects Agency (DARPA) in the United States recommended creating a “National Computer Infection Action Team” (NCAT) to respond to these kinds of attacks around-the-clock. The Computer Emergency Response Team was established on November 14 by the Software Engineering Institute (SEI), a research institute affiliated with Carnegie Mellon University (CERT).

The Washington, D.C. chapter of the Association for Computing Machinery’s (ACM) Special Interest Group on Security, Audit, and Control created National Computer Security Day in 1988 as a way to spread awareness of computer viruses and crimes. In particular, November 30 was chosen as Computer Security Day in order to maintain high awareness of computer security during the busy holiday shopping season, when people are frequently more preoccupied with avoiding security threats. The National Cyber Awareness System was established in 2003 as a result of a collaboration between CERT and the US Department of Homeland Security.

These days, electronic devices like computers, tablets, and smartphones play a significant role in our daily lives. Although technology has made communication easier and more effective than ever before, it has also given rise to new worries about security and privacy. Even a holiday, appropriately named Computer Security Day, is devoted to protecting your online…

Source…

Why is Cyber Security Day celebrated on November 30?


On November 30, there is an annual celebration known as National Computer Security Day. The day serves as a reminder to be vigilant about the growing threat of cyberattacks.

Why is National Computer Security Day observed on November 30?

When Computer Security Day was first observed in 1988, computers were just starting to become widely used, even though they weren’t yet pervasive in homes. In addition to increased computer use, particularly in business and government, the 1980s also saw the beginnings of the internet.

According to reports, Cornell University researchers discovered an unidentified virus hiding in their computer systems on November 2, 1988. The “Morris worm” virus infected the ARPANET, a precursor to today’s internet, and several other university systems within four hours of its discovery.

Six days later, the Defense Advanced Research Projects Agency (DARPA) in the United States recommended creating a “National Computer Infection Action Team” (NCAT) to respond to these kinds of attacks around-the-clock. The Computer Emergency Response Team was established on November 14 by the Software Engineering Institute (SEI), a research institute affiliated with Carnegie Mellon University (CERT).

The Washington, D.C. chapter of the Association for Computing Machinery’s (ACM) Special Interest Group on Security, Audit, and Control created National Computer Security Day in 1988 as a way to spread awareness of computer viruses and crimes. In particular, November 30 was chosen as Computer Security Day in order to maintain high awareness of computer security during the busy holiday shopping season, when people are frequently more preoccupied with avoiding security threats. The National Cyber Awareness System was established in 2003 as a result of a collaboration between CERT and the US Department of Homeland Security.

These days, electronic devices like computers, tablets, and smartphones play a significant role in our daily lives. Although technology has made communication easier and more effective than ever before, it has also given rise to new worries about security and privacy. Even a holiday, appropriately named Computer Security Day, is devoted to protecting your online…

Source…