Blackcat Ransomware Hits Azure Storage With Sphynx Encryptor

The BlackCat ransomware gang, suspected to be a rebrand of DarkSide/BlackMatter, has been using stolen Microsoft accounts and a new variant of the Sphynx encryptor to target Azure cloud storage.

View On WordPress

How are Ransomware Gangs evolving their game and strategy?

Ransomware gangs, through the expansion of toolset, adoption of new monetization models and use of advanced technology, are re-shaping the attack landscape — moving it away from the commodity-styled ‘spray and pray’ attacks to ones that are more targeted in scope and disruptive in impact.

Ransomware attacks are becoming more prevalent and a ‘weapon of choice’ for cybercriminals. Ransomware was named the top threat type in 2021 accounting for 21% of all cyber attacks1 while the total number of attacks witnessed a staggering 105% jump during 2021 compared to 20202. One of the factors fuelling the rise, is the active role of ransomware gangs who are devising new techniques, executing coordinated campaigns and running cartelized operations to realize greater payoffs. By leveraging complex vectors and unique tactics, these gangs are re-shaping the ransomware landscape, moving it away from the commodity-styled ‘spray and pray’ attacks to ones that are more targeted in scope and disruptive in impact.

But how exactly are ransomware gangs orchestrating the attacks and what key levers are they exploiting in their tradecraft? A number of them — that include, the expansion of toolset, the ability to rebrand themselves, adoption of new monetization models and operating structures, and the use of advanced technology.

How ransomware gangs are orchestrating the attacks and new key levers in their tradecraft?

Expansion of toolset

With cyber extortion turning out to be a thriving industry, several financially motivated threat actors are seen transitioning to targeted ransomware operations. Besides, they are embracing the use of novel malware, expanding the toolset, and incorporating new initial access vectors, to inflict maximum disruption. FIN7 (aka Carbanak), a Russian-speaking, financially motivated actor known for its resourceful and diverse set of tactics, custom-made malware, and stealthy backdoors, has added ransomware to its repertoire. Researchers at Mandiant, who continue to observe and track the group’s operations, have published a rich new set of FIN7 indicators of compromise based on the analysis of novel malware samples3. Among the notable shifts observed are diversification of initial access techniques to include software supply chain compromise and use of stolen credentials, data theft extortion, and evolution of PowerShell-based backdoor (known as PowerPlant) into new variants.

Similarly, another Russian ransomware gang has been reportedly repurposing custom tools developed by other APT groups such as Iran’s MuddyWater, to gain unauthorized access to victim’s network through the abuse of stolen credentials.

Constant rebranding and restructuring

A key feature in the evolution of ransomware gangs (especially the more accomplished ones) has been the ability to reinvent and rebrand themselves, applying lessons learned from their previous activities as well as those of other gangs prior to starting new campaigns. The emergence of the BlackMatter ransomware gang is a perfect example. Born out of the “retirements” of REvil and DarkSide gangs, BlackMatter publicly stated that it wouldn’t target critical infrastructures, a nod to the pressure designed for deterrence applied to the REvil and DarkSide groups (causing both to fold after their disruption of Colonial Pipeline and the meat supplier JBS). The threat group that created the REvil RaaS (aka Sodonokibi) is now identified as a former affiliate of GandCrab, which retired in 2019 and is claimed to have purchased the GrandCrab source code. In turn, the Darkside ransomware came from a former REvil affiliate that evidently decided to move up.

The REvil gang too has resurfaced amidst rising tensions between Russia and Ukraine, after having shut down in October 2021, following a law enforcement operation. However, instead of showing the old websites, the old infrastructure has been redirecting visitors to new URLs for an unnamed ransomware operation. Such rebranding efforts are helping the gangs draw fresh focus and attention to new campaigns while also serving to escape the law enforcement lens.

Shift in organization structure and business model

The ransomware gangs are increasingly becoming more sophisticated, not just in terms of business models but also in posturing as corporate entities. According to a study by Analyst14, several ransomware gangs including Twisted Spider (creators of Maze and Egregor ransomware), Viking Spider (creators of the Ragnar Locker ransomware), Wizard Spider (creators of Conti and Ryuk ransomware) and Lockbit Gang combined forces sometime in May 2020 to form a cartel of sorts to coordinate attacks and data leaks, share intelligence and infrastructure. The cartel-like operating model is often seen as an effective way for ransomware gangs to pool their resources, technology, infrastructure, and expertise and evade law enforcement.

Secondly, the business model of ransomware gangs has evolved significantly, with a majority of operators now adopting a franchise model — often referred to as ransomware-as-a-service (RaaS). The most notable example is REvil. Its business model relies on the recruitment of operatives to distribute the ransomware on its behalf, with the parent company taking a portion of all revenue. This approach has been enabling malicious actors to rapidly scale their efforts, while at the same time allowing them to weaponize data captured during incursions.

Another significant shift is with respect to the organizational structure, with ransomware gangs moving away from isolated cells to being operated as organized entities via an affiliated model and offering 24/7 help desks staffed by representatives. FIN7, for example, is known to have been operating a phony pentesting firm named “Bastion Secure” to hire network intrusion specialists. Another ransomware gang — Hive’s ransom notes are known to have a link to a “sales department” which allows victims to contact them through live chat — almost like customer service.

New ways to monetize attacks

The extortion tactics of ransomware groups have also evolved moving beyond the simple payment-for-decryption model seen in earlier attacks. Some have diversified into DDoS attacks, while others have opted for data theft, accompanied by ‘name and shame’ tactics. Threatening to publish victims’ data on dark web, auctioning off the data to make a profit and using the threat of security non-compliance to extort victims are some of the most common monetization models. The Babuk group, for example, now focuses entirely on data exfiltration rather than encryption while REvil gang is using open-source intelligence (OSINT) to track down their victims’ senior executives and customers and bully them into paying.

Expansive use of AI and automation

To increase the velocity and volume of attacks, ransomware gangs such as Lockbit, Ryuk, and Conti groups are adding automation capabilities across their attack cycle. They are increasingly using bots to automate the initial attack that gets them a foothold in the system which is lowering the barrier to entry for low-skilled threat actors. Wizard Spider for example, is adding new automation into Ryuk that uses Wake-on LAN functionality to discover hosts before spreading the ransomware payload on its own. It also uses the technology to power on systems so that it can infect them. A few others such as Hive, DarkSide and BlackCat are targeting virtualization platforms on dark web marketplaces. DarkSide, for example, deployed Linux versions of its ransomware on VMware ESXi hosts. Besides, these groups are also leveraging automated marketplaces to sell stolen credentials, and automated keyloggers, sniffers and brute-forcers among others to carry out large-scale attacks.

How can organizations thwart ransomware attacks?

The constantly evolving toolsets and attack tactics of ransomware gangs requires organizations to up the ante by adopting dynamic, multi-layered defence. It is essential to incorporate threat intelligence and early warning technologies into any posture. An ML-based threat hunting solution like SISA ProACT can help prevent and detect ransomware attacks through an expanded set of use cases and actionable threat advisories. Besides, best practices such as frequent patching, use of multi-factor authentication (MFA) and backups, and a robust endpoint detection and response (EDR) solution can help guard against ransomware attacks.

Test: Endpoint-Schutz für MacOS Ventura

Für mehr Schutz unter MacOS Ventura hat das unabhängige Testlabor AV-TEST 5 Lösungen für Unternehmens-Netzwerke getestet und 9 Schutzpakete für Einzelplätze. Während viele Produkte glänzen, haben ein paar andere einige Schwierigkeiten. Erst vor Kurzem gab es Meldungen, dass MacOS stärker in den Fokus von Cyberkriminellen rückt. Neben neuen Malware-Droppern wurde bekannt, dass die APT-Gruppe LockBit den Angriffscode der berüchtigten Ransomware-Gruppen BlackMatter und DarkSide übernommen hat, um auf MacOS-Systeme zielen zu können. Unternehmensschutz für MacOS Ventura Für den bestmöglichen Schutz von MacOS-Systemen mit Ventura hat das Labor von AV-TEST insgesamt 14 Schutzlösungen für den Mac im Labor geprüft – 5 Client-Server-Lösungen für Unternehmen und 9 Schutzpakete für Einzelplätze. Jedes der untersuchte Produkte kann im Test bis zu 18 Punkte erlangen. Diese setzen sich zusammen aus jeweils 6 Punkten für die Testbereiche Schutzwirkung, Systembelastung und Benutzbarkeit. - 18 Punkte - Acronis Cyber Protect 15.0 - 18 Punkte - Bitdefender Endpoint Security 7.14 - 18 Punkte - Crowdstrike Falcon 6.55 - 17,5 Punkte - Sophos Endpoint 10.4 - 17,5 Punkte - Trellix Endpoint Security 34.28 Der aktuelle Test zeigt sehr gutes Schutzprodukt für Unternehmen und für Einzelarbeitsplätze. Bei den Lösungen für Unternehmen erhalten Acronis, Bitdefender und CrowdStrike die maximalen 18 Punkte. Die weiteren beiden Produkte von Sophos und Trellix liegen mit 17,5 Punkten knapp dahinter. 9 Einzelplatzversionen für MacOS Ventura im Test 7 der 9 Schutzpakete für Einzelplatzversionen erreichen 17,5 oder sogar die 18 maximalen Punkte. Nur 2 Produkte liegen etwas unter diesen Werten, haben aber dennoch ein sehr gutes Ergebnis erzielt. - Avast Security 15.7 - AVG Antivirus 20.4 - Avira Security 1.15 - Bitdefender Antivirus for Mac 9.3 - F-Secure SAFE 19.1 - Intego VirusBarrier 10.9 - Kaspersky Plus 23.0 - Norton Norton 360 8.8 - Trend Micro Antivirus 11.5     Passende Artikel zum Thema Lesen Sie den ganzen Artikel

Predicting your 2023 security needs

December, the last month of the year 2022, is going on, and we’ve come up with expert predictions and analysis on the trends of cyber security may predict in the coming year 2023.

Every year cybersecurity view worsens instead of a lot of efforts made by the CISO or expert team. An increment in cyberattacks and data breaches by 15.1% in 2021 has been seen in a report by ThoughtLabOpen’s new window, more than the preceding year.

Experts forecast that in 2023 more advanced ransomware will lead the organization toward more robust cybersecurity. In addition, 29% of CEOs/CISOs and 40% of Chief Security Officers confess that their enterprises are unfit for a promptly changing cybersecurity and threat outlook.

Here’s take a look at some of the cybersecurity trends every organization needs to watch in the succeeding year, 2023:

More robust cybersecurity predictions within organizations in 2023

Cyberattacks will be influenced by geopolitics in the future

Balancing privacy with regulation

Zero-trust enactment will grow

Increasing Deployment of Multifactor Authentication

Threats to small businesses will increase.

Cyberattacks will be influenced by geopolitics in the future

The cyber operations against Ukraine from Russia’s government-affiliated hacker groups will continue, per MIT Technology Review. In 2022, Russia attacked Ukraine at least six times with malware. As per the Forbes reports, businesses unbiased with the government might become the targets of state-sponsored attackers. In the months leading up to next year’s elections, over 70 countries are expected to see cyberattacks on infrastructure and disinformation campaigns.

After high-profile attacks like SolarWinds, LAPSUS$, and Log4Shell, policymakers are becoming increasingly concerned with securing the software supply chain, as demonstrated by the Biden administration’s Executive Order 14028 and the Securing Open Source Software Act, as well as France’s efforts to create cyber campuses.

Ransomware will continue to pose a threat.

According to the MIT Technology Review, Ransomware-as-a-Service (RaaS) is diminishing, especially after what happened to gangs that grew too big, such as REvil, DarkSide/BlackMatter, Conti, and LockBit. In 2023, we’ll see ransomware attacks concentrating on bribing data rather than concealing it. Due to the lack of complicated public-private essential handling requirements, data corruption is faster than full encryption, and the code is easier to write.

Cryptocurrency and the blockchain

As per the MIT technology review, crypto hacks occurred in 2022, having more than 100 extensive victims in the world of crypto. In 2023, attackers make it challenging to track the IP addresses as they are leasing out as a part of a bot proxy system. IP addresses make detecting and comprehending between a good home user and a bot difficult. In 2023, we’ll see more security leaders addressing bots by causing too much harm and lost revenue eventually.

Generating the use of AI and machine learning

Forbes reports state that it will use artificial intelligence and machine learning will automate cybersecurity, but threats could abuse them. Security researchers will concentrate on AI, a buzzword, next year. Also, in the next year, the US government will publish about 5G and cybersecurity.

Expansion of IoT and attack surface

In 2025, according to Forbes, there will be more than 30 billion IoT connections, with an average of four persons for each device. A PR Newswire report states that malicious activity is increasing due to the increasing number of threat vectors and the spread of the Metaverse.

There are many more cyber security trends for the year 2023:

Emphasize on companies security culture

The threat of Deepfakes and the increase in potency

Increase in security risk with economic variability

US Federal government takes necessary steps toward cyber security.

Founder of SecurityScore card Aleksandr Yampolskiy says that government will take significant steps towards security. In 2023, digital immune systems will deliver resilience and mitigate security and operational risks, according to Gartner.

In the upcoming year, 2023, technology companies will explore government contracts. However, it is crucial as they’ll merge with the public sector and look at these government regulations as standard to create essential secure software.

Get ESOF Prediction for cyber security Trends 2023

TAC Security’s ESOF Vulnerability Management platform replaces legacy vulnerability tools and various point products to maintain your cybersecurity posture constantly and auto-prioritize open vulnerabilities across assets. Our ESOF Prediction feature uses machine learning to report these vulnerabilities for the upcoming month. Your most recent scan results will calculate each architecture type’s vulnerability specifics.

Here are the features of ESOF Prediction. Check them out:

Predict the number of monthly vulnerabilities  

This part of the model predicts the vulnerabilities for the upcoming month.  

Prediction of ESOF cyber score    

This part of the model uses the number of vulnerabilities for the upcoming month and calculates the estimated cyber score.  

Prediction of patched vulnerabilities    

This part of the model predicts the number of vulnerabilities that could be patched in the upcoming month.

Top 5 vulnerabilities    

This part of the algorithm recommends the top 5 vulnerabilities that could occur in the upcoming month.

You can check out ESOF products to secure your IT Infrastructure.

Lets Not Downplay the Threat of Cyber Attacks in Commercial Real Estate

Let’s Not Downplay the Threat of Cyber Attacks in Commercial Real Estate https://ift.tt/R9pEJFt In July 2021, a ransomware gang named BlackMatter emerged from the internet’s dark corners. A threat intelligence software company, Flashpoint, said the cyber criminals had similarities with other notorious ransomware gangs, ones with names like REvil and DarkSide, and that they could’ve been successors to those groups. BlackMatter posted a notice on online forums in July that they were looking to buy access to infected corporate networks in the U.S., Canada, Australia, and the U.K. The criminals targeted large corporate networks with more than $100 million in revenues. One of the companies targeted may have been Marcus & Millichap, the commercial real estate brokerage that was hit by a cyberattack in 2021. The publicly traded brokerage revealed in an 8-K filing with the SEC in September 2021 that it had been the victim of a cyberattack. They claimed there was no evidence of a data breach and didn’t identify the attack as a ransomware incident. The SEC filing said the firm responded quickly, securing and restoring all essential IT systems without material disruption to its business, and there was “no misuse of personal information.” As of late 2021, the investigation into the attack was ongoing, but Marcus & Millichap hasn’t said much about it since. The brokerage didn’t respond to a request for comment. It’s possible the BlackMatter ransomware group was behind the attack, according to some cybersecurity experts. A BlackMatter ransomware sample found online with a ransom note had a suggested link between the ransomware sample and Marcus & Millichap. The post Let’s Not Downplay the Threat of Cyber Attacks in Commercial Real Estate appeared first on Propmodo. via Real Estate Archives - Propmodo https://ift.tt/a8bn34F October 12, 2022 at 03:18PM

BlackCat gang demands $5m. Fraudster's claims exceed reality. CISA releases ICS advisories. Pro-Russian DDoS.

BlackCat gang demands $5m. Fraudster’s claims exceed reality. CISA releases ICS advisories. Pro-Russian DDoS.

Dateline Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war. (The CyberWire) Fighting in the Donbas becomes an artillery duel as Russia reconstitutes its armored forces with obsolescent tank stocks. DDoS continues to be the principal mode of hacktivists acting in the Russian interest. And sanctions are having the side effect of inhibiting ransomware gangs. Russia-Ukraine war: what…

View On WordPress

BlackMatter zet het nieuwe hit-and-run business model voort van Ransomware as a Service (RaaS), waarbij de provider zichzelf opheft na een grote hack. DarkSide stopte ermee een week na het platleggen van Colonial Pipeline, REvil lijkt verdwenen na de aanval op Kaseya. De operators achter BlackMatter beweren dat hun ransomware de beste eigenschappen van DarkSide, REvil en het no actieve LockBit 2.0 ransomware bevat. Lees artikel verder op: https://www.tak-it.nl/2021/08/25/nieuwe-ransomware-blackmatter-bouwt-voort-op-darkside-en-revil/ #revil #blackmatter #darkside #takit #takitsupport #cybercrime #ransomware #raas https://www.instagram.com/p/CS_Yoi_tbNE/?utm_medium=tumblr

DarkSide ransomware gang returns as new BlackMatter operation

Source: https://www.bleepingcomputer.com/news/security/darkside-ransomware-gang-returns-as-new-blackmatter-operation/

The group announced plans to shut down in a message posted on its ransomware-as-a-service (RaaS) portal, where other criminal groups typically register in order to get access to the BlackMatter ransomware strain. The message, obtained by a member of the vx-underground infosec group, translates to: “Due to certain unsolvable circumstances associated with pressure from the authorities (part of the team is no longer available, after the latest news) — project is closed.

“After 48 hours the entire infrastructure will be turned off, allowing — Issue mail to companies for further communication;  Get decryptor. For this write ‘give a decryptor’ inside the company chat, where necessary. We wish you all success, we were glad to work.”

It’s unclear what “latest news” is referring to, although the message follows a recent New York Times report that announced that the U.S. and Russia had started collaborating more closely to crack down on cybercriminal organizations based in Russia. It also comes after CISA, the FBI and the NSA published an advisory warning that the BlackMatter ransomware group has targeted “multiple” organizations considered critical infrastructure, including two organizations in the U.S. food and agriculture sector. The advisory provided information on tactics, techniques and procedures (TTPs) associated with the ransomware gang.

There’s also a chance that BlackMatter’s missing team members could be linked to a recent international law enforcement operation that detained 12 individuals linked to 1,800 ransomware attacks in 71 countries.

Le nuove bande ransomware del cyber crime Blackmatter e Haron                                                                                     

Crescono e si moltiplicano le nuove bande ransomware cyber crime: con due nuovi programmi di ransomware-as-service (RaaS).

Le nuove bande di ransomware — Haron e BlackMatter — emergono sui forum di criminalità informatica nella Draknet e si professano come i successori dei due famigerati gruppi DarkSide e REvil che hanno compiuto gli attacchi a Colonial Pipeline e Kaseya negli ultimi mesi.

Ransomware e Cyber Crime: l’analisi di S2W Lab del ransomware Haron

Il gruppo Blackmatter hanno comunque annunciato che i nuovi programmi ansomware-as-service (RaaS) non colpiranno organizzazioni come sanità, infrastrutture critiche, petrolio e del gas, della difesa, del non profit e del governo.

Secondo Flashpoint, l’attore di minacce BlackMatter ha registrato un account sui forum in lingua russa XSS e Exploit il 19 luglio, seguito rapidamente da un post in cui affermava che stava cercando di acquistare l’accesso a reti aziendali infette che comprendono tra 500 e 15.000 host nel Stati Uniti, Canada, Australia e Regno Unito e con un fatturato di oltre $ 100 milioni all’anno, che potrebbe suggerire un’operazione ransomware su larga scala.

Il gruppo Haron è invece stato segnalato dalla società di sicurezza sudcoreana S2W Labs – che hanno esaminato esaminato il primo campione di malware  – ed ha fatto la sua comparsa nel mese di Luglio 2021.  Oltre a questi due gruppi non è eslcuso che “là fuori” possano essrcene altri.

contiuna su AndreaBiraghiBlog

Interview with BlackMatter- a ransomware group targeting firms exceeding $100m

https://therecord.media/an-interview-with-blackmatter-a-new-ransomware-group-thats-learning-from-the-mistakes-of-darkside-and-revil/ Comments

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in June 2022, launching a brand new leak site and what's the very first ransomware bug bounty program, https://thehackernews.com/2022/07/experts-find-similarities-between.html?utm_source=dlvr.it&utm_medium=tumblr

LockBit übernimmt Angriffscode für macOS-Ziele

Laut den Cybersecurity-Experten von Kaspersky hat LockBit vor kurzem seine Multiplattform-Funktionen aufgerüstet. Durch die Übernahmen von Angriffscode von berüchtigten Ransomware-Gruppen BlackMatter und DarkSide zielt LockBit nun auch auf macOS-Systeme.  LockBit ist dafür bekannt, Unternehmen auf der ganzen Welt anzugreifen und erhebliche finanzielle und betriebliche Schäden zu verursachen. Der jüngste Bericht von Kaspersky zeigt die Entschlossenheit LockBits, ihre Reichweite zu vergrößern und die Auswirkungen ihrer schädlichen Aktivitäten zu maximieren. Codeübernahme von BlackMatter und DarkSide Die Cybersicherheits-Community hat beobachtet, dass LockBit Code von anderen berüchtigten Ransomware-Gruppen wie BlackMatter und DarkSide übernimmt. Dieser strategische Schritt vereinfacht nicht nur die Abläufe für potenzielle Partner, sondern erweitert auch die Palette der von LockBit eingesetzten Angriffsvektoren. Jüngste Ergebnisse der Kasperskys Threat Attribution Engine (KTAE) zeigen, dass LockBit etwa 25 Prozent des Codes übernommen hat, der zuvor von der inzwischen aufgelösten Conti-Ransomware-Gang verwendet wurde. Dies führte zu einer neuen Variante namens LockBit Green. Die Forscher von Kaspersky haben nun eine ZIP-Datei entdeckt, die LockBit-Samples enthält, die speziell auf mehrere Architekturen zugeschnitten sind, darunter Apple M1, ARM v6, ARM v7, FreeBSD und andere. Eine gründliche Analyse und Untersuchung mit KTAE bestätigte, dass diese Samples der zuvor beobachteten LockBit Linux/ESXi-Version entstammen. Viele neue LockBit-Varianten Während einige Beispiele, wie die macOS-Variante, eine zusätzliche Konfiguration erfordern und nicht ordnungsgemäß signiert sind, ist es offensichtlich, dass LockBit seine Ransomware aktiv auf verschiedenen Plattformen testet. Dies weist auf eine bevorstehende Ausweitung der Angriffe hin und unterstreicht die dringende Notwendigkeit robuster Cybersicherheitsmaßnahmen auf allen Plattformen sowie einer erhöhten Sensibilisierung von Unternehmen diesbezüglich. „LockBit ist eine äußerst aktive und berüchtigte Ransomware-Gruppe, die für ihre schweren Cyberangriffe auf Unternehmen weltweit bekannt ist“, erklärt Marc Rivero, Senior Security Researcher im Global Research and Analysis Team (GReAT) bei Kaspersky. „Mit seinen kontinuierlichen Infrastrukturverbesserungen und der Übernahme von Code anderer Ransomware-Gruppen stellt LockBit eine erhebliche und sich ständig weiterentwickelnde Bedrohung für Unternehmen jeglicher Branche dar. Um die von LockBit und ähnlichen Ransomware-Gruppen ausgehenden Risiken wirksam einzudämmen, müssen Unternehmen jetzt ihre Verteidigungsmaßnahmen verstärken, Sicherheitssysteme regelmäßig aktualisieren, Mitarbeiter über bewährte Verfahren im Bereich der Cybersicherheit aufklären und Protokolle für die Reaktion auf Vorfälle erstellen.“ LockBit: Was bisher geschah In der Anfangsphase operierte LockBit ohne Leak-Portale, doppelte Erpressungstaktiken oder Datenexfiltration vor der eigentlichen Verschlüsselung der Daten der Betroffenen. Die Gruppe entwickelte jedoch ihre Infrastruktur und Sicherheitsmaßnahmen kontinuierlich weiter, um ihre Vermögenswerte vor unterschiedlichsten Bedrohungen zu schützen, darunter Angriffe auf ihre Administrationspanels und störende DDoS-Angriffe (Distributed Denial of Service). B2B Cyber Security: Das weiß ChatGPT zu den Erfolgen von LockBit Wir haben ChatGPT die Frage gestellt, was er zu den Erfolgen von ChatGPT weiß. Die Liste ist recht kurz und bei weiten nicht auf dem neuesten Stand. Echte Experten wissen hier mehr.       Passende Artikel zum Thema Lesen Sie den ganzen Artikel

New York Post : FBI warns hackers are sending USBs infected with ransomware to businesses

New York Post : FBI warns hackers are sending USBs infected with ransomware to businesses.

BlackCat gang demands $5m. Fraudster's claims exceed reality. CISA releases ICS advisories. Pro-Russian DDoS.

BlackCat gang demands $5m. Fraudster’s claims exceed reality. CISA releases ICS advisories. Pro-Russian DDoS.

Dateline Ukraine at D+92: Artillery, DDoS, and remittances in a hybrid war. (The CyberWire) Fighting in the Donbas becomes an artillery duel as Russia reconstitutes its armored forces with obsolescent tank stocks. DDoS continues to be the principal mode of hacktivists acting in the Russian interest. And sanctions are having the side effect of inhibiting ransomware gangs. Russia-Ukraine war: what…

View On WordPress