Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
Guess who I bought my car from?
Pendragon car dealer refuses $60 million LockBit ransomware demand (bleepingcomputer.com) I do not have any login details with them, just some credit card stuff and other financial information. Of course, they also know all about my car. I wonder if anything to do with the wireless key security has been …
Double jeopardy Double extortion
The BlackByte, ransomware-as-a-service (RaaS) group has added exfiltration of information from compromised sites as one of its services – adding another malicious function that less technical cyber-gangs can now access: BlackByte ransomware affiliate also steals victims’ data • The Register The malware agent called Exbyte, uploads the stolen information to …
Ransomware the background story
Your awareness of how ransomware evolves and works and the tactics being used by the ransomware gangs that deploy the malware, will help improve your cyber security. Here is one of those inside stories researched by the Threat Hunter Team at Symantec. Noberus Ransomware: Darkside and BlackMatter Successor Continues to …
Ransomware the threat and the attacks – you need to make sure your cyber security game is up to the job of protecting your organisation.
As you have read ransomware has been in the news for because one of the major ransomware gangs, BlackCat/ALPHV updated and expanded its capability to carry out the double extortion tactic and because another major ransomware player LockBit suffered an insider attack of its own: The threat actors are also …