News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Lockbit

Is Continental a victim of LockBit?
8 November 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

While Continental already spoke in a statement on its website in August 2022 that the attack had been averted, the ransomware group LockBit announced on its leak page that data captured by Continental had been published. According to the chat log, apparently 40 terabytes of data. The APT group LockBit claims that it has successfully hacked and stolen data from the automotive supplier Continental. Now the data is to be published on the leak page, probably to increase the pressure on Continental. However, Continental has not published any information on a current attack. According to the chat log on the LockBit leak page,…

Read more

Lockbit 3.0: data stolen from arms manufacturer Thales?
7 November 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

According to various media, the French defense and technology group Thales announced that the hacker group LockBit 3.0 claims to have stolen some of their data and is now threatening to publish it on the dark web. Thales is reported to have said that the blackmail and ransomware group LockBit 3.0 has announced that it will publish the captured data on the dark web on November 7th. However, Thales added that no direct ransom demand has been received so far. The weapons manufacturer immediately launched an internal investigation and informed the French national cyber security authority ANSSI. An ad…

Read more

Ransomware Report: LockBit by far the most active
10 October 2022
| No comments
| Stories

As in the previous months, LockBit remained by far the most active ransomware in August. Only then does triple extortion follow: the attack with DDoS in addition to encryption and blackmail. At least that is what the current August ransomware report by Malwarebytes shows. Malwarebytes' threat intelligence team attributed 2022 attacks to the ransomware group in August 62 (compared to 61 attacks in July 2022 and 44 attacks in June 2022). For REvil, however, Malwarebytes only noted one attack in August. RansomEXX reports its first victim in four months and Snatch reports after 40 days...

Read more

Ransomware Report: LockBit, Black Basta and even REvil
August 31, 2022
| No comments
| Stories
Ransomware Report: LockBit, Black Basta and even REvil

The July 2022 ransomware report from Malwarebytes shows little news. LockBit and Black Basta continue to lead in attack statistics. What is new, however, is the appearance of the ransomware REvil (also known as Sodinokibi), which was believed to be dead. As in previous months, LockBit remains by far the most active ransomware. Malwarebytes' threat intelligence team attributed 2022 attacks to the ransomware group in July 61 (compared to 44 attacks in June 2022 and 73 attacks in May 2022). Black Basta, a relatively new ransomware variant that first appeared in April 2022, follows LockBit with 35…

Read more

IT threat situation in Germany
August 31, 2022
| No comments
| PR News
IT threat situation in Germany

The IT threat situation in Germany and the world is intensifying. Tetra Defense, an Arctic Wolf company, collects and analyzes IT security data every quarter and uses it to assess the current IT threat situation and develop countermeasures. The results from Q1 2022 (January - March). In order to know how companies can most effectively protect themselves against cyber attacks, they need to know how attackers gain access to systems. An attacker's initial entry point is called the Root Point of Compromise (RPOC). There are three distinct categories: Knowing where the attack is coming from...

Read more

When Hive, LockBit, BlackCat attack one after the other
August 17, 2022
| No comments
| Sophos, Stories
When Hive, LockBit, BlackCat attack one after the other

Multiple attacks by ransomware groups are catching on - Hive, LockBit and BlackCat ransomware gangs attack the same network one after the other. This is what the Sophos X-Ops Active Adversary Whitepaper shows: attacked company received three different ransomware reports for triple-encrypted files. In the current Sophos X-Ops Active Adversary whitepaper "Multiple Attackers: A Clear and Present Danger", Sophos reports that three well-known ransomware groups, Hive, LockBit and BlackCat, attacked the same network one after the other. The first two attacks occurred within two hours, with the third attack occurring two weeks later. Each ransomware group left their own ransom note and some of the…

Read more

Ransomware Report: Old acquaintances with LockBit, Karakurt, Black Basta, ALPHV
August 3, 2022
| No comments
| Stories

Malwarebytes releases its June Ransomware Report. As in the previous month, LockBit remains by far the most widespread ransomware. After that come But there are also new developments. Karakurt, Black Basta, ALPHV or BlackCat. The Malwarebytes Threat Intelligence Team attributed 44 attacks to the LockBit ransomware group in June 2022 (compared to 73 attacks in May 2022). LockBit was followed in June by Karakurt with 27 attacks, Black Basta with 18 attacks and ALPHV (aka BlackCat) with 15 attacks. Conti no longer takes up a place in the analysis in June...

Read more

Tricked: Microsoft Defender runs malware
August 1, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

LockBit actors use Windows Defender command-line tool MpCmdRun.exe to infect PCs with Cobalt Strike Beacon. After that, the ransomware LockBit will be installed. Microsoft should be on high alert if they aren't already. Cybersecurity research company SentinelOne has released news: They have discovered that Microsoft's internal anti-malware solution is being abused to load Cobalt Strike Beacon onto victim PCs and servers. In this case, the attackers are operators of LockBit Ransomware as a Service (RaaS). As a starting point for the attack, the command-line tool in Defender called MpCmdRun.exe is abused to…

Read more

LockBit ransomware group launches bug bounty program
July 9, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Like a normal company, the LockBit ransomware group has started a bug bounty program in which other programmers are supposed to report bugs that reveal their IP and more. The reward pot is said to be worth over $XNUMX million. Normal software companies use the classic bug bounty programs to improve their software. The fact that a ransomware group is officially doing this, according to ComputerWeekly.com, is really new. However, the LockBit Group does not only expect or reward hints of errors in their ransomware. Worthwhile targets should also be reported, for example if a company's website is vulnerable to cross-scripting....

Read more

Cybercrime trainees preparing for an attack?
2 May 2022
| No comments
| PR News, Sophos
Cybercrime trainees preparing for an attack?

Effective division of labor or breeding of cybercrime trainees? After a rather bumbling network infiltration, the professionals finally take over with Lockbit Ransomware. An interesting cyber case has caught the attention of the Sophos researchers. Sophos has uncovered a particular cyber attack: Cyber ​​criminals broke into a regional government server in the United States and stayed there for five months. During this time, they used the server to search online for a mix of hacking and IT administration tools that could help them deploy an attack. The attackers also installed a cryptominer before exfiltrating data and deploying Lockbit ransomware. Attack…

Read more

© 2024 MedPressIT GbR
Cookie Settings