Has the REvil ransomware operation come storming back? Experts say a new operation called BlackMatter has wielded REvil's code against at least one victim, claims to combine "the best features of DarkSide, REvil and LockBit," and may be a former affiliate of one or more of these ransomware operations.
The Federal Reserve Bank of Atlanta and Georgia State University’s Evidence-Based Cybersecurity Research Group are working together on a research project focused on how to prevent online payments fraud. Two participants describe the project's goals.
Although Microsoft is slated to release the Windows 11 operating system in December, it's already available for a pre-release preview. And cybercriminals are taking advantage of that, slipping malware to those downloading a fake demo version, according to Kaspersky.
Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.
Malware developers increasingly are relying on "exotic" programming languages - such as Go, Rust, DLang and Nim - to create malicious code that can avoid detection by security tools and add a layer of obfuscation to an attack, according to a report released Monday by BlackBerry.
A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes.
A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.
Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. In addition, fewer victims are paying a ransom simply for a promise from attackers to delete stolen data.
With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.
Remote management software vendor Kaseya has obtained a decryption tool for all organizations affected by the massive ransomware attack launched via its software. The tool should especially help the many small businesses still struggling to recover. Kaseya declined to comment on how it obtained the decryptor.
Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached. Extortionists are reportedly demanding a $50 million ransom - payable in monero cryptocurrency - for a promise to delete the stolen data.
A U.K. citizen was arrested in Spain Wednesday at the request of the U.S. Justice Department for his alleged role in a July 2020 hack of Twitter and additional incidents involving TikTok and Snapchat. This is the third arrest in the Twitter case so far.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.
