The BlackByte, ransomware-as-a-service (RaaS) group has added exfiltration of information from compromised sites as one of its services – adding another malicious function that less technical cyber-gangs can now access: BlackByte ransomware affiliate also steals victims’ data • The Register The malware agent called Exbyte, uploads the stolen information to …
A new approach that is bad for us…
Threat actors have developed a new approach to malware that exploits legitimate drivers making it more difficult to defend against the malware. To date over 1000 drivers have been impacted: BlackByte ransomware abuses legit driver to disable security products (bleepingcomputer.com) What makes this “Bring Your Own Vulnerable Driver” (BYOVD) method …
Update on the 49ers ransomware attack
I covered this story when it broke back in February and it had a connection to me as I have a San Francisco 49ers account. It contained no financial details but I immediately changed my credentials. I do not reuse passwords, so that was a non-issue for me. Now the …
Ransomware highlights
I do not want you to think ransomware has gone away whilst I am on leave – here are a few of the biggest ransomware stories of the week from Bleeping Computers: Argentina’s Judiciary of Córdoba hit by PLAY ransomware attack (bleepingcomputer.com) BlackByte ransomware gang is back with new extortion …
BlackByte cyber gang active despite the FBI advisory
The BlackByte “Ransomware-as-a-Service” gang and it’s affiliates have been active worldwide, despite the FBI and US Secret Service issuing a cyber security advisory about the gangs operations. No one is slowing down BlackByte ransomware gang • The Register Ransomware in more hands can only be a bad thing for our …
Continue reading “BlackByte cyber gang active despite the FBI advisory”