Black Basta Bundles BYOVD With Ransomware Payload
Researchers discovered a newly disclosed vulnerable driver embedded in Black Basta's ransomware, illustrating the increasing popularity of the defense-evasion technique.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers discovered a newly disclosed vulnerable driver embedded in Black Basta's ransomware, illustrating the increasing popularity of the defense-evasion technique.
Defunct Ransomware Group's Diaspora Includes Hackers With Focus on Microsoft TeamsBased on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices.
New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. [...]
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS
Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data Hundreds of thousands of internal messages from the Black Basta ransomware gang were leaked by a Telegram user, prompting security researchers to bust out their best Russian translations post haste.…
Social Engineering Moves Mirror Nation-State Groups' Tactics, Researchers SayThe Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more "strategic, long-term planning" that security experts said suggests Russian state ties.
Researchers at SRLabs have revealed a new suite of decryption tools for Black Basta ransomware
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. [...]
Researchers identify scores of cryptocurrency payments
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. [...]
Companies based in the U.S. have been at the receiving end of an "aggressive" Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks
Several artifacts from recent attacks strongly suggest a connection between the two operations, researchers say.
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group
Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as "Carbanak." [...]
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found.