US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs – Tempemail

The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government’s efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from Continue Reading

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug – Tempemail

Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target’s network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect Continue Reading

Incident response analyst report 2020- Tempemail

 Download full report (PDF) The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. We deliver a range of services to help organizations when they are in need: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices Continue Reading

ICS threat report for H1 2021 – key statistics- Tempemail

The H1 2021 ICS threat report at a glance Percentage of ICS computers attacked During the first half of 2021 (H1 2021), the percentage of attacked ICS computers was 8%, which was 0.4 percentage points (p.p.) higher than that for H2 2020. Percentage of ICS computers on which malicious objects Continue Reading

Russian Ransomware Group REvil Back Online After 2-Month Hiatus – Tempemail

The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. Two of the dark web portals, including the gang’s Happy Blog data leak site and its payment/negotiation site, have resurfaced online, with Continue Reading

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption – Tempemail

A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called “intermittent encryption.” Called LockFile, the operators of the ransomware have been found exploiting recently disclosed flaws such as ProxyShell and PetitPotam to compromise Windows servers Continue Reading

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption – Tempemail

A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called “intermittent encryption.” Called LockFile, the operators of the ransomware has been found exploiting recently disclosed flaws such as ProxyShell and PetitPotam to compromise Windows servers Continue Reading

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc – Tempemail

Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims. “While Continue Reading

Cybercrime Group Asking Insiders for Help in Planting Ransomware – Tempemail

A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies’ networks as part of an insider threat scheme. “The sender tells the employee that if they’re able to deploy ransomware on a company Continue Reading

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang – Tempemail

Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to threat actors behind the infamous TrickBot syndicate. The latest findings from IBM X-Force show that the ransomware sample shares similarities to other malware that has been attributed to Continue Reading