UK unprepared for catastrophic ransomware attack: Report – Anadolu Agency | English
UK unprepared for catastrophic ransomware attack: Report Anadolu Agency | English
Tag Archive for: report
Spain’s police report arrest of leader of world’s largest hacking group
(MENAFN) In the coastal city of Alicante, Spanish police have reported the arrest of an individual believed to be one of the leaders of the hacktivist group Kelvin Security.
As reported by Spanish authorities, Kelvin Security has engaged in hacking activities targeting more than 300 organizations across more than 90 countries in the last three years. The group is alleged to have extracted sensitive information, subsequently selling it on the dark web.
The arrested individual, considered the head of finances within Kelvin Security, is accused of being responsible for money laundering related to the proceeds obtained from the group’s hacking operations.
Police assert that the detainee primarily utilized cryptocurrency trading for money laundering purposes. Hailing from Venezuela, the individual faces charges such as belonging to a criminal organization, revealing secrets, as well as money laundering.
Spanish law enforcement notes that Kelvin Security’s most recent cyber-attack targeted an energy company last month, resulting in a significant extraction of confidential information from over 85,000 clients of the company.
The investigation in Spain began in 2021 after Kelvin Security hacked the computer systems of several Spanish entities, including the cities of Getafe, Camas, La Haba, in addition to the regional government of Castille-La Mancha.
MENAFN12122023000045015839ID1107576067
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.
Rising ransomware attacks exploit remote access software, warns WatchGuard report
New research from WatchGuard Technologies, a global player in unified cybersecurity, has revealed a significant spike in endpoint ransomware attacks as well as an alarming trend of cyber attackers exploiting remote access software.
The Internet Security Report provides insights into the latest malware trends and endpoint security threats, shedding light on the increasingly sophisticated tactics adopted by cybercriminals.
The research revealed an 89% rise in endpoint ransomware attacks and a decrease in malware delivered through encrypted connections. WatchGuard also observed an increase in abuse of remote access software, an exploitation strategy actively embraced by cyber adversaries.
Cyber criminals are also exploiting password-stealers and info-stealers to pilfer priceless credentials, and are increasingly pivoting from scripting to other living-off-the-land techniques to instigate endpoint attacks.
Discussing the consequeces, Corey Nachreiner, Chief Security Officer at WatchGuard, stated, “Threat actors continuously evolve their tools and methods in attack campaigns, making it crucial for organisations to stay updated on the latest tactics to bolster their security strategy.”
He added that end users often represent the last defence line against sophisticated attacks that employ social engineering tactics. Nachreiner emphasised that it was paramount for organisations to deliver social engineering education and adopt a unified security approach that provides multiple layers of defence.
Among the key findings, the report detailed how cyber attackers are increasingly leveraging remote management tools to dodge anti-malware detection, confirmed by both the FBI and CISA.
Notably, there was a surge in the Medusa ransomware variant in Q3, driving endpoint ransomware attacks up by 89%. The report also highlighted a noticeable decline in attacks employing scripted methods, with script-based attacks dropping by 11% in Q3 and by 41% in Q2.
However, in spite of the reduction, script-based attacks still represent the largest attack vector, making up 56% of total attacks. Cyber attackers are also resorting to Windows living-off-the-land binaries more frequently, as these…
2 municipal water facilities report falling to hackers in separate breaches
Getty Images
In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes.
In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facility’s treatment plant to the townships of Raccoon and Potter, according to reporting by the Beaver Countian. A photo the Water Authority provided to news outlets showed the front panel of a programmable logic controller—a toaster-sized box often abbreviated as PLC that’s used to automate physical processes inside of industrial settings—that displayed an anti-Israeli message. The PLC bore the logo of the manufacturer Unitronics. A sign above it read “Primary PLC.”
WWS facilities in the crosshairs
The Cybersecurity and Infrastructure Security Administration on Tuesday published an advisory that warned of recent attacks compromising Unitronics PLCs used in Water and Wastewater Systems, which are often abbreviated as WWSes. Although the notice didn’t identify any facilities by name, the account of one hack was almost identical to the one that occurred inside the Aliquippa facility.
“Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a US water facility,” CISA officials wrote. “In response, the affected municipality’s water authority immediately took the system offline and switched to manual operations—there is no known risk to the municipality’s drinking water or water supply.”
Water Authority officials told reporters the hacked PLC regulates pressure to elevated regions and was housed in what’s known as a booster station that served Raccoon and Potter. As soon as the PLC was hacked, the booster station sent an alarm to operators who then took the system offline and took manual control. They said there was never a threat to the availability of water to the 6,615 customers the facility serves.
…