ransomware

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

Jun 24, 2022 by iHash Leave a Comment

A suspected ransomware intrusion against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a … [Read more...] about Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

Do You Have Ransomware Insurance? Look at the Fine Print

Jun 20, 2022 by iHash Leave a Comment

Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that's where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance. In this article, we'll outline why, particularly … [Read more...] about Do You Have Ransomware Insurance? Look at the Fine Print

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

May 24, 2022 by iHash Leave a Comment

Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down their infrastructure in favor of migrating their criminal activities to other ancillary operations, including Karakurt and BlackByte. "From the negotiations site, chatrooms, messengers to servers and proxy hosts - the Conti brand, not the … [Read more...] about Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks

May 12, 2022 by iHash Leave a Comment

A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion … [Read more...] about Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks

S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

Apr 28, 2022 by iHash Leave a Comment

Latest episode - listen now! Source link … [Read more...] about S3 Ep80: Ransomware news, phishing woes, NAS bugs, and a giant hole in Java [Podcast]

Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

Apr 26, 2022 by iHash Leave a Comment

The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is one of the most prevalent malware strains in the ransomware landscape, accounting for 19% of all attacks during the … [Read more...] about Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

Researchers Share In-Depth Analysis of PYSA Ransomware Group

Apr 18, 2022 by iHash Leave a Comment

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows. This included a user-friendly tool like a full-text search engine to facilitate the extraction of metadata and enable the … [Read more...] about Researchers Share In-Depth Analysis of PYSA Ransomware Group

Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang

Mar 19, 2022 by iHash Leave a Comment

Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform (CVE-2021-40444) … [Read more...] about Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang

How to Decrypt the PartyTicket Ransomware Targeting Ukraine

Mar 2, 2022 by iHash Leave a Comment

Summary On Feb. 23, 2022, destructive attacks were conducted against Ukrainian entities. Industry reporting has claimed the Go-based ransomware dubbed PartyTicket (or HermeticRansom) was identified at several organizations affected by the attack,1 among other families including a sophisticated wiper CrowdStrike Intelligence tracks as DriveSlayer (HermeticWiper). Analysis of … [Read more...] about How to Decrypt the PartyTicket Ransomware Targeting Ukraine

Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm

Feb 20, 2022 by iHash Leave a Comment

Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a … [Read more...] about Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm

Smart Home DIY Wireless Alarm Security System 4-Piece Kit for $69

Flux 7 TWS Earbuds with Wireless Charging Case & Power Bank for $24

MiniTool MovieMaker Ultimate Plan: Perpetual Lifetime License for $49

Robolly Graphic Automation: Lifetime Subscription for $29

Animation Desk Windows Pro Lite: Lifetime Subscription for $59