PureCrypter malware hits govt orgs with ransomware, info-stealers
A threat actor has been targeting government entities with PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
A threat actor has been targeting government entities with PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains. [...]
Beware the Dark Side Dutch police have arrested three men for their alleged involvement with a ransomware gang that stole sensitive data and extorted hundreds of thousands of euros from thousands of companies.…
The Amsterdam cybercrime police team has arrested three men for ransomware activity that generated €2.5 million from extorting small and large organizations in multiple countries. [...]
There’s no HumOR in cyberattacks At last year's Ignite show, Microsoft talked up a capability in its 365 Defender that automatically detects and disrupts a cyberattack while still in progress, hopefully stopping or reducing any resulting damage. Now it's extending that to include additional criminal areas.…
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.
Yes, we have no bananas, and things aren't looking peachy on the salad front Irish agricultural megacorp Dole has confirmed that it has fallen victim to a ransomware infection that reportedly shut down some of its North American production plants.…
The produce company said it suffered a ransomware attack earlier this month.
Dole Food Company, one of the world' largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations. [...]
Extortion found to be most common impact from cyber-attacks in 2022
An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message — and maybe something more.
With ransomware attacks disrupting businesses and governments worldwide, we take a look at the latest finding in a recent ransomware report. [...]
Ransomware group tries to demonize carriers in negotiations
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.
An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management.
A ransomware threat called HardBit has moved to version 2.0 and its operators are trying to negotiate a ransom payment that would be covered by the victim's insurance company. [...]
New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft.
Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.…
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog.