Ransomware Actors Show Up In Person to Steal Law Firm Data
The FBI warned that the extortion gang Silent Ransom Group is targeting law firms and social-engineering its way into servers and databases.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The FBI warned that the extortion gang Silent Ransom Group is targeting law firms and social-engineering its way into servers and databases.
The US government is throwing the book at even mid-level cybercriminals. Is it just, and is it working?
The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data.
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.
In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.
Though it is possible for cyber disruptions to occur, CISA and the FBI say that ransomware will not impact casting or counting ballots.
Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.
Threat actors using the malware have infected systems within government, healthcare, and other critical infrastructure organizations since at least 2019.
Ransomware group tries to claw back operations following FBI disruption, and lifts a previous ban on attacks against critical infrastructure in retaliation.
Dark Web chatter indicates that Scattered Spider worked with the FBI to take down the BlackCat/ALPHV operation.
CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead.
Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.
The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.
The announcement was posted on Twitter via the Rewards for Justice Twitter account, alongside encrypted messaging system options for anyone to get into contact should they have viable information.
CISA, FBI, and South Korean intelligence agencies warn that the North Korean government is sponsoring ransomware attacks to fund its cyber-espionage activities.
According to the FBI and Internet Crime Complaint Center, 25% of ransomware complaints involve healthcare providers.
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
Ransomware groups are looking to strike large agriculture cooperatives during strategic seasons, when they are most vulnerable, according to law enforcement.
Bureau releases indicators of compromise for the RagnarLocker ransomware that has hit 10 different critical infrastructure sectors.