A Brazilian hacking crew targeted users of over 30 Portuguese financial institutions earlier this year in a campaign that provides the latest example of financially motivated hackers in Brazil hitting foreign targets, according to SentinelLabs.
While the group doesn’t develop its own ransomware, it does utilize what appears to be one custom-developed tool, an information stealer designed to search for and archive specified file types.
“The use of a new ransomware, written in C++, is noteworthy, as it demonstrates the group’s expanding capabilities and ongoing effort in developing new tools,” Check Point researchers Marc Salinas Fernandez and Jiri Vinopal said.
Preparing a security vision and garnering support from other departments in the company requires cross-functional collaboration, and a compelling business case for security investment is critical for a security department’s success.
CISA and Partners Update the #StopRansomware Guide Developed Through the Joint Ransomware Task Force
The updated guide, developed through the Joint Ransomware Task Force, reflects lessons learned in the last few years, adding the FBI and NSA as co-authors. It offers recommendations to prevent initial intrusion and protect data using cloud backups.
Recent rapid advances in ML have made the potential power of AI blindingly obvious. What’s much less obvious is how it is going to be usefully deployed in security contexts and whether it will deliver the major breakthroughs its proponents promise.
The exposed database contained a staggering 360,308,817 records, totaling 133 GB in size. These records included a wide range of sensitive information, including user email addresses, original IP addresses, geolocation data, and server usage records.
The Cyber Signals report revealed that Microsoft detected 35 million BEC attempts with an average of 156,000 attempts daily between April 2022 and April 2023. Microsoft also noticed a pattern in which attackers used a phishing-as-a-service platform, BulletProftLink, to obtain login credentials. To protect, enterprises can enable notifications and configure mail systems to flag messages […]
Trend Micro revealed that the BlackCat ransomware group is using a signed kernel driver for evasion tactics. The driver was utilized in conjunction with a separate user client executable, with the intention of manipulating, pausing, and terminating specific processes associated with the security on the targeted endpoints. Windows admins must ensure that ‘Driver Signature Enforcement’ […]
Law enforcement and regulatory action over the past year in the US most likely dissuaded hackers from stealing cryptocurrency, making the amount stolen in the first quarter of the year the lowest compared to each of the four quarters in 2022.