It has been reported that a prolific ransomware group targeting network-attached storage (NAS) devices this year monetizes its efforts by extorting both vendors and their end customers, according to a new report. Group-IB’s study, Deadbolt ransomware: nothing but NASty, is based on its analysis of a sample of the malware, which first appeared at the start of the year. In an ongoing campaign, it has targeted NAS devices from Taiwanese vendor QNAP belonging to SMBs, schools, individual home users and others using zero-day vulnerabilities as an initial access/attack vector.
ISBuzz Team
A new report from the UK government has been released which analyses how online fraud is handled. In the report, MPs have accused ministers and law enforcement agencies of treating economic crime as an “afterthought” and urged the government to put more resources into tackling the UK’s “fraud epidemic”.
It has been reported that researchers have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil gang based on code similarities in both operations’ encryptors. The REvil ransomware gang finally shut down in October 2021 following intense pressure from law enforcement. However, in January 2022, the Russian authorities announced arrests, money seizures, and charges against eight of the gang’s members.
It has been reported that Microsoft has confirmed that a misconfigured endpoint unintentionally leaked business and personally identifiable information (PII) for some customers. The tech giant said it was informed about the incident by threat intelligence firm SOCRadar on September 24, and secured the endpoint soon after with authentication.
In response to reports that Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients, experts at cybersecurity firms offer the following comments.
According to Tech Radar, over 60% stated that they reuse passwords across multiple accounts. Most did so because they couldn’t be bothered to remember multiple ones (40%), and others didn’t feel as if they were in danger of being hacked (27%). Only 33% said that they didn’t reuse passwords. Despite the ease of using password generators in today’s online world, a staggering 65% still opted to create their own. Perhaps they are not aware of them, or don’t trust them; or maybe they are worried that if they can’t access their saved passwords, then they would be locked out of their…
So far in 2022, researchers at Sonotype have discovered over 88,000 malicious open source packages, a 742% increase per year since 2019. The packages were caught using AI behavioral analysis and automated policy enforcement and verified by the research team. The results found in Sonatype’s 8th Annual State of the Software Supply Chain report were compiled from a study of the four major open source ecosystems, including Maven, NpM, PyPI and NuGet. Downloads in 2022 from these systems are estimated at 3.1 Trillion highlighting the growing risk to corporate systems from threat actors inserting malicious packages into repositories, as well as…
According to IT Pro, A new report has found that global ransomware activity dropped throughout the third quarter as the order of dominant groups in the landscape shifted, but that businesses should expect a surge by threat actors in Q4 to exploit consumer trends. The number of ransomware attacks in Q3 2022 was down 10.5% on Q2, according to the latest report by cyber security firm Digital Shadows. This was driven in part by the sudden cessation of activity by the Conti group, as well as a reorganisation of leading groups over July and August. Around 39% of all attacks across Q3 were made against victims…
Following the news that: Client data exfiltrated in Advanced NHS cyber attack Client data exfiltrated in Advanced NHS cyber attack (digitalhealth.net)
It has been reported that wine dealer Vinomofo is the latest Australian company to be targeted by a cyber-attack. At risk of exposure are the names, dates of birth, addresses, email addresses, phone numbers and genders of customers – Vinomofo has about 500,000 people on its books, but it’s not clear if all were exposed. Vinomofo said the risk to members was “low” because other information, such as passports, credit card details and driver’s licences were not held by Vinomofo.