The UK’s National Cyber Security Center (NCSC) has called on law firms in the country to arm themselves against ransomware. In 2021, eighteen law firms informed the British regulator SRA that they had fallen victim to a ransomware attack. Documents from 60 court cases were stolen from one law firm and then published on the […]
The FBI and the US Secret Service NSA have published an updated guide to stop ransomware. The revised guide includes lessons learned from the past few years and additional recommendations to limit the impact of ransomware. The manual describes several steps that are important in preventing ransomware or limiting the impact, such as preparing for […]
Operators of the malware will most probably try and infect as many systems as possible with it — both inside and outside Ukraine — to make their DDoS attacks more powerful. Another indication is a sharp increase in phishing attacks out of Russia over the past 24 hours that already have affected some organizations in […]
20% of America’s largest 100 defense contractors are highly susceptible to a ransomware attack, according to a research from Black Kite. Several critical vulnerabilities were detected that contractors should address immediately. Nearly 43% of federal defense contractors have out-of-date systems. 42% of contractors have had at least one compromised credential within the past 90 days.
Organizations find it difficult to prepare for a ransomware attack. Reason for Microsft to share three steps that help prevent ransomware.1. Set up a recovery plan where no ransom is paid. Organizations must, among other things, map and backup their important data and systems, protect the backups and perform recovery tests with all systems offline. […]
A hacker released almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While many appliances with the exploited Fortinet vulnerability have since been patched, many VPN credentials seem still to be valid. With these VPN credentials access to a network can be gained to perform data exfiltration, install […]
A ransomware group caught targeting a recently patched SonicWall vulnerability leveraged that vulnerability before the patch became available, Mandiant reported.The vulnerability, a SQL injection bug in SonicWall’s SMA-100 series of remote access products, was already used in a headline-grabbing attack. Hackers used the vulnerability as a zero-day to breach SonicWall itself prior to the patch […]
Emotet is malware that can install additional malware on systems, steals passwords from browsers and email clients and is very difficult to remove. A computer infection with Emotet malware often comes about through a phishing attack by email. In doing so, the victim is tempted to click on a malicious link, for example in a […]
Details of the Ukraine Cyber Police in collaboration with cryptocurrency exchange Binance show insight into how the group operated. As per reports, they also offered money laundering services of cryptocurrencies through underground forums which are a hotspot for criminals. This led to a source of money from various illegal activities including but not limited to: […]
Operations of the Honda, were reportedly disrupted in parts across Europe, Japan, and the U.S. due to Snake ransomware (also known as EKANS). The cybersecurity company Virus Total claimed that it had certain evidence which clearly points out that Honda’s internal server has been encrypted with Snake ransomware and the cybercriminals have demanded a ransom […]