The FBI has issued a warning about Hive ransomware after the crime group took down IT systems at Memorial Health System in Ohio The alert details indicators of compromise and tactics, techniques and procedures—or TTPs—associated with ransomware attacks by the apparent ransomware-as-a-service operation. The full release can be found here:  https://www.ic3.gov/Media/News/2021/210825.pdf In addition to the details of the attack, the FBI has issued...

Over the last week, more than a thousand companies, many of them small businesses, were dealing with the fallout from the Kaseya mass ransomware incident. In the wake of the devastating compromise of Kaseya’s popular IT management tool, researchers and security professionals are warning that the debacle isn’t a one-off event but part of a larger trend. Hackers are increasingly targeting the entire class of tools that administrators...

Criminals targeting business people with malware-laden documents SolarMarker backdoor malware operators are using “SEO poisoning” techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports. SEO poisoning attacks use PDFs stuffed with links to malware that is used to steal data and credentials from browsers. Attack Analysis In April, cybersecurity firm eSentire found that hackers had flooded the...

Oil pipelines and Apple among most recent targets Seemingly every week, there’s a new disruption caused by ransomware. Some of them are more noteworthy than others, with the recent pipeline disruption getting the most coverage followed by a $50M ransom demanded from Apple a few weeks ago. It’s all part of a trend of escalating criminal activity centered around ransomware. Trends While the high-profile demands and disruptions are generating...

The Treasury Department’s OCC, Federal Reserve Board and the FDIC are proposing rule changes that would dramatically increase the reporting requirements for banks that experience a “computer security incident”. While the time for public comment has passed and the rule changes are not final yet, here is the sum-mary of what is being proposed. “The OCC, Board, and FDIC (together, the agencies) invite comment on a notice of proposed rule-making...

With people working from home and many companies planning on making some level of remote work permanent, it’s important for banks and other data-heavy industries to reconsider how their network security is implemented. That’s where Zero Trust comes in. Zero Trust has become one of cybersecurity’s latest buzzwords. But it’s not just a buzzword. For industries where security is of paramount importance, it’s imperative to understand what Zero...

A ransomware gang has hit a Seattle-based billing and payment processing provider. This highlights how criminals are both attacking businesses and also stealing and selling valuable personal information, regardless of whether or not the ransom is paid. Gangs are increasingly targeting service businesses with access to customers’ financial information. The ‘Cuba’ ransomware gang has taken credit for the hit against Automatic...

  Bureau and Security Experts Warn About Gang’s Effective Extortion Model   The FBI issued a warning this week over the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group. Since September, the Egregor gang and its affiliates claim to have compromised approximately 150 corporate networks in the U.S. and other countries. In some cases, the extortion...

New Egregor ransomware has been gaining traction since emerging in September. A new form of ransomware is becoming increasingly prolific as cybercriminals turn to it as a preferred means of encrypting vulnerable networks in an effort to exploit bitcoin from victims. Egregor ransomware first emerged in September but has already become notorious following several high-profile incidents, including attacks against Barnes & Noble and video game...

From Ransomware and DDoS to Malware and SIM Swapping: Europol Describes Latest Threats According to the seventh annual Internet Organized Crime Threat Assessment, produced by Europol ransomware attacks remain the top cyber-enabled threat. But phishing, business email compromises and other types of fraud – many now using a COVID-19 theme – also loom large. Here are 10 of the top threats from the Europol report in alphabetical order....