News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: BlackCat

Threat Report 2023: Cybercrime as Big Business
19 December 2022
| No comments
| Sophos, Stories
Threat Report 2023: Cybercrime as Big Business

Cybercrime is increasingly flourishing as a business model, ransomware and ransomware-as-a-service are innovation drivers and stolen access data are increasingly acting as a cash cow. According to Sophos, the year 2023 also awaits companies in cyber defense. Sophos has published its 2023 Threat Report. Among other things, the report describes a new degree of commercialization within cybercrime, as a result of which low-threshold introductory offers are increasingly available for potential attackers: almost all scenarios can be bought. A booming cybercrime-as-a-service market caters to a criminal audience ranging from the highly tech-savvy to the completely ignorant. The topics of the current Sophos threat…

Read more

Data shredder discovered in ransomware 
7 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Recently, an expert analyzed ransomware attributed to the BlackCat or ALPHV group. In addition to interesting SFTP functions, an implemented data destruction function was also discovered there. Could this be a clue to the future of data extortion? With ransomware-as-a-service (RaaS) and data leaks (DLS), the data extortion landscape is constantly seeing new innovations from threat actors, as well as acronyms from the security firms that track them. In this joint report, Cyderes and Stairwell examine evidence of a new tactic found in a BlackCat/ALPHV participant's exfiltration tool discovered during an investigation by Cyderes. Ransomware investigation in detail After a…

Read more

IT threat situation in Germany
August 31, 2022
| No comments
| PR News
IT threat situation in Germany

The IT threat situation in Germany and the world is intensifying. Tetra Defense, an Arctic Wolf company, collects and analyzes IT security data every quarter and uses it to assess the current IT threat situation and develop countermeasures. The results from Q1 2022 (January - March). In order to know how companies can most effectively protect themselves against cyber attacks, they need to know how attackers gain access to systems. An attacker's initial entry point is called the Root Point of Compromise (RPOC). There are three distinct categories: Knowing where the attack is coming from...

Read more

When Hive, LockBit, BlackCat attack one after the other
August 17, 2022
| No comments
| Sophos, Stories
When Hive, LockBit, BlackCat attack one after the other

Multiple attacks by ransomware groups are catching on - Hive, LockBit and BlackCat ransomware gangs attack the same network one after the other. This is what the Sophos X-Ops Active Adversary Whitepaper shows: attacked company received three different ransomware reports for triple-encrypted files. In the current Sophos X-Ops Active Adversary whitepaper "Multiple Attackers: A Clear and Present Danger", Sophos reports that three well-known ransomware groups, Hive, LockBit and BlackCat, attacked the same network one after the other. The first two attacks occurred within two hours, with the third attack occurring two weeks later. Each ransomware group left their own ransom note and some of the…

Read more

New zero-day vulnerabilities are attacked after 15 minutes 
August 17, 2022
| No comments
| PR News
New zero-day vulnerabilities are attacked after 15 minutes

Administrators only have a short window of 15 minutes to 10 hours after the notification of new zero-day vulnerabilities to provide their systems with security updates, a study shows. Attackers are getting faster and faster when it comes to exploiting new zero-day vulnerabilities. This is shown by a study by Palo Alto Networks, for which around 600 security incidents were analyzed. On average, it takes only 15 minutes after a new zero-day security vulnerability is reported for criminals to actively search the Internet for vulnerable systems. So have some of the hardest zero-day vulnerabilities of the past year, including…

Read more

Energy supplier Entega hacked – data is on the dark web
July 25, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

ENTEGA IT subsidiary COUNT+CARE GmbH & Co. KG was attacked back in June, the system data was encrypted with ransomware and a lot of customer data was stolen. According to Entega, a ransom in the high tens of millions was demanded, which was not paid. Well, in July 2022, much of the customer data can be found on the dark web, as threatened. According to experts, the APT group "Black Cat" is at work here. Cyber ​​criminals who attacked the ENTEGA IT subsidiary COUNT+CARE GmbH & Co. KG on the second weekend in June transferred personal data from ENTEGA customers, employees and business partners to the so-called…

Read more

ALPHV Group: Service website for robbed companies 
June 23, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The ALPHV ransomware gang, known as BlackCat, provides a special website for its victims: victims can check if their data was stolen in an attack or if they are just victims of encryption. They want to increase the pressure so that the victim pays. Most ransomware groups have started their attacks not only by encrypting the data, but also by copying and transporting significant amounts of data. The extortion is thus extended so that the data not only remains encrypted when "not paying", but the stolen data is also simply sold on the Darknet...

Read more

BlackCat ransomware partners attack Exchange servers
June 16, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

As Bleepingcomputer reports: Microsoft experts explain in their blog how BlackCat ransomware partners are currently attacking many Microsoft Exchange servers using exploits targeting unpatched vulnerabilities. "While common entry vectors for these threat actors include remote desktop applications and compromised credentials, we've also seen a threat actor exploit vulnerabilities in Exchange servers to gain access to the target network," said the Microsoft 365 Defender Threat Intelligence team . Although Microsoft did not identify the ransomware affiliate that deployed BlackCat ransomware in this case study, the company says several cybercrime groups are now affiliated with this ransomware as a…

Read more

$5 million ransom: ransomware hits Carinthian administration
28 May 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

According to DerStandard.at, the IT systems of the state of Carinthia, the district authorities, the state administrative court and the Court of Auditors were hit by a ransomware attack. 100 of the 3.700 IT jobs are probably affected. The Black Cat or ALPHV ransomware is demanding a ransom of $5 million in bitcoins. The in-house IT experts of the state of Carinthia apparently still have their hands full. As early as May 14, 2022, a PC in the administration seems to have fallen victim to ransomware from the blackmail group Black Cat or ALPHV. Black Cat, also known as ALPHV is a relatively new ransomware-as-a-service gang….

Read more

New ransomware group ALPHV – BlackCat
8. February 2022
| No comments
| PR News
New ransomware group ALPHV - BlackCat Oiltanking

Gasoline supplier Oiltanking is a prominent victim of the new ransomware group ALPHV – BlackCat. Varonis Threat Labs: Targeted recruitment of partners through financially attractive offers with payouts of up to 90 percent of profits. Since the end of 2021, Varonis Threat Labs have observed increased activity by the ransomware group ALPHV (also known as BlackCat), which is actively recruiting new partners as a ransomware-as-a-service (RaaS) provider, including (former) members of other gangs such as REvil, Black Matter and Dark Side. The attack on the gas station supplier Oiltanking, which affected Shell among others, goes back to BlackCat. Other destinations include larger…

Read more

© 2024 MedPressIT GbR
Cookie Settings