You are here

Home » Cybersecurity

Cybersecurity

Ransomware Roundup – BlackCat, White Rabbit, Avaddon, and Diavol

Ransomware threat actors continue to terrorize organizations across the world and when one group is shutdown another seemingly appears. It’s no surprise that last year saw a lot of ransomware activity. According to Digital Shadows, in the last quarter of 2021 there were 781 ransomware victims reported on data-leakage sites, a 37 percent increase compared to the previous quarter. The U.S. was the most targeted country with over 300 attacks.

ICS Threat Awareness – Kaspersky Discovers “Anomalous” Spyware Stealing Credentials from ICS Computers

During 2021, Kaspersky noticed a curious anomaly in statistics on spyware threats blocked on ICS computers – computers which could include HMIs, SCADA systems, historians, data gateways, engineering workstations, computers used for the administration of industrial networks, and devices used to develop software for industrial systems. In its research, they identified more than 2,000 industrial organizations worldwide have been incorporated into the malicious infrastructure and used by cyber gangs to spread the attack to their contact organizations and business partners.

FBI FLASH: Indicators of Compromise Associated with Diavol Ransomware

The FBI has published a TLP:WHITE FLASH providing indicators of compromise associated with Diavol ransomware. The FLASH indicates that Diavol ransomware threat actors, first observed in October 2021, are associated with the Trickbot Group, who utilize the Trickbot Banking Trojan. According to the FBI, “Diavol encrypts files solely using an RSA encryption key, and its code is capable of prioritizing file types to encrypt based on a pre-configured list of extensions defined by the attacker.” Ransomware demands have ranged in price from $10,000 to $500,000.

CISA Continues to Urge Organizations to Immediately Implement Cybersecurity Measures to Protect Against Potential Threats

Yesterday afternoon, the Cybersecurity and Infrastructure Security Agency (CISA) published a new CISA Insights urging organizations to immediately implement cybersecurity measures to protect against potential critical threatsCISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats.

Security Awareness – Top Brands Impersonated in Phishing Attacks

Phishing attacks remain one of the most common entry vectors for threat actors seeking to compromise an organization or an individual’s device or network. A particularly effective phishing tactic is brand impersonation, when adversaries attempt to mimic a website or domain of a well-known brand by using a similar domain name and webpage designed like the actual site. A recent report from the IT company Check Point identifies the top brands criminals impersonated in brand phishing attacks in the fourth quarter of 2021.

Threat Awareness – Ukraine Targeted by Wiper Malware Designed to Look Like Ransomware

On Friday, the Microsoft Threat Intelligence Center (MSTIC) identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. According to MSTIC, the malware first appeared on victim systems in Ukraine on January 13, 2022. At this time, MSTIC has not been able to assess intent of the identified destructive actions or trace this to any known threat activity groups.

Pages

Subscribe to Cybersecurity