Tag Archives: ransomware

One-two punch delivered in global operation disrupts cybercrime “assembly line”

With evidence that the tools had overlapping infrastructure, company attorneys invoked RICO statutes that target organized crime; the legal action was then able to treat both tools as part of a single conspiracy. As a result, Microsoft said, it disrupted more than 200 command-and-control servers and severed criminal control of more than 18,000 infected computers.… Read More: One-two punch delivered in global operation disrupts cybercrime “assembly line” »

Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

Chaos erupted at schools and colleges throughout the US on Thursday as a cyberattack disrupted online learning platform Canvas just as students were due to take final exams. Canvas parent company Instructure said that as of Friday morning, the platform was back online. Instructure said it temporarily took Canvas offline on Thursday after identifying unauthorized… Read More: Chaos erupts as cyberattack disrupts learning platform Canvas amid finals »

In a first, a ransomware family is confirmed to be quantum-safe

There is no practical benefit for Kyber developers to have chosen a PQC key-exchange algorithm. The Kyber ransom note gives victims one week to respond. Quantum computers capable of running Shor’s algorithm—the series of mathematical equations that allow the breakage of RSA and ECC (elliptic curve cryptography)—are, at a minimum, three years away and likely… Read More: In a first, a ransomware family is confirmed to be… »

Site catering to online criminals has been seized by the FBI

RAMP—the predominantly Russian-language online bazaar that billed itself as the “only place ransomware allowed”—had its dark web and clear web sites seized by the FBI as the agency tries to combat the growing scourge threatening critical infrastructure and organizations around the world. Visits to both sites on Wednesday returned pages that said the FBI had… Read More: Site catering to online criminals has been seized by the… »

5 AI-developed malware families analyzed by Google fail to work and are easily detected

The assessments provide a strong counterargument to the exaggerated narratives being trumpeted by AI companies, many seeking new rounds of venture funding, that AI-generated malware is widespread and part of a new paradigm that poses a current threat to traditional defenses. A typical example is Anthropic, which recently reported its discovery of a threat actor… Read More: 5 AI-developed malware families analyzed by Google fail to work… »

Salesforce says it won’t pay extortion demand in 1 billion records breach

Salesforce says it’s refusing to pay an extortion demand made by a crime syndicate that claims to have stolen roughly 1 billion records from dozens of Salesforce customers. The threat group making the demands began their campaign in May, when they made voice calls to organizations storing data on the Salesforce platform, Google-owned Mandiant said… Read More: Salesforce says it won’t pay extortion demand in 1 billion… »

Two UK teens charged in connection to Scattered Spider ransomware attacks

Federal prosecutors charged a UK teenager with conspiracy to commit computer fraud and other crimes in connection with the network intrusions of 47 US companies that generated more than $115 million in ransomware payments over a three-year span. A criminal complaint unsealed on Thursday (PDF) said that Thalha Jubair, 19, of London, was part of… Read More: Two UK teens charged in connection to Scattered Spider ransomware… »

How weak passwords and other failings led to catastrophic breach of Ascension

Amid Ascension’s decision not to discuss the attack, there aren’t enough details to provide a complete autopsy of Ascension’s missteps and the measures the company could have taken to prevent the network breach. In general, though, the one-two pivot indicates a failure to follow various well-established security approaches. One of them is known as security… Read More: How weak passwords and other failings led to catastrophic breach… »

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form of encryption that Windows uses by default. In a letter to FTC Chairman Andrew Ferguson, Sen. Ron Wyden (D–Ore.) said an investigation his office conducted into… Read More: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” »

After BlackSuit is taken down, new ransomware group Chaos emerges

Talos said Chaos is likely either a rebranding of the BlackSuit ransomware or is operated by some of the former BlackSuit members. Talos based its assessment on the similarities in the encryption mechanisms in the ransomware, the theme and structure of the ransom notes, the remote monitoring and management tools used to access targeted networks,… Read More: After BlackSuit is taken down, new ransomware group Chaos emerges »