Identity Attacks Overtake Exploits as Top Ransomware Cause
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Incident Responders Detail Top Ransomware and Business Email Compromise TacticsThere's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.
SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data. [...]
Interpol said law enforcement across 19 countries made 574 arrests and recovered $3 million, against a backdrop of spiraling cybercrime in the region, including business email compromise, digital extortion, and ransomware schemes.
A law enforcement operation coordinated by INTERPOL has led to the recovery of $3 million and the arrest of 574 suspects by authorities from 19 countries, amidst a continued crackdown on cybercrime networks in Africa
An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents. [...]
Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol's latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the agency says.…
Cybercrime accounts for more than 30% of all reported crime in East Africa and West Africa, with online scams, ransomware, business email compromise, and digital sextortion taking off.
Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight The developers of EvilProxy – a phishing kit dubbed the "LockBit of phishing" – have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of tools offering criminals who lack actual technical expertise to get into the digital thievery biz.…
FBI Says It Received Most Attack Reports From Healthcare, Critical ManufacturingCybercrime reports submitted by victims to the FBI's Internet Crime Complaint Center surged last year, and the total reported losses exceeded $12.5 billion. Investment fraud and business email compromise losses dominated, and ransomware attacks spared almost no critical infrastructure sector.
Cybercriminals use legal search terms to ensnare unwitting victims, then launch ransomware or business email compromise attacks.
Attackers compromised the personal email of a new employee and, when the initial attack failed, attempted through socially engineered messages to get the company to pay them off.
Business email compromise overtakes ransomware
While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter.
Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk.
Crackdowns are driving down ransomware profits, and analysts see signs that operators are pivoting to business email compromise attacks, security researcher warned.