At this stage, on November 11, 2022, at 3pm (CET time) Thales is able to confirm the following information:
The settlement last week in a $100 million lawsuit over whether insurance giant Zurich should cover losses Mondelez International suffered from NotPetya may very well reshape the entire cyber insurance marketplace.
Zurich initially denied claims from Mondelez after the malware, which experts estimate caused some $10 billion in damages globally, wreaked havoc on its computer networks. The insurance provider claimed an act of war exemption since it’s widely believed Russian military hackers unleashed NotPetya on a Ukrainian company before it spread around the world.
Microsoft tied hackers with the Vice Society ransomware gang to several ransomware strains on Tuesday, noting that the group has been behind a wave of attacks on primary schools and colleges across the world.
Black Basta operational TTPs are described here in full detail, revealing previously unknown tools and techniques and a link to FIN7.
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
Actions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA for as many services as possible. • Train users to recognize and report phishing attempts.
Two new extortion gangs named 'TommyLeaks' and 'SchoolBoys' are targeting companies worldwide. However, there is a catch — they are both the same ransomware gang.
Les pirates informatiques du groupe CUBA, spécialisés dans le rançonnage d’entreprise, viennent de diffuser les informations volées à deux mairies françaises.
A new Windows zero-day allows threat actors to use malicious JavaScript files to bypass Mark-of-the-Web security warnings. Threat actors are already seen using the zero-day bug in ransomware attacks.
Caen a profité des suites d’un démonstrateur de l'EDR d'HarfangLab en attente de contractualisation pour détecter les prémices du possible déploiement d’un rançongiciel. L’intrusion est avérée, un nettoyage en cours, mais le chiffrement a été évité. Et très probablement le vol de données aussi.
BlueSky Ransomware is a modern malware using advanced techniques to evade security defences. It predominantly targets Windows hosts and utilizes the Windows multithreading model for fast encryption.
BianLian is a financially motivated threat actor that targets a wide range of industries. It uses the exotic programming language “Go” to encrypt files with unusual speed.
The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the logistics and transportation industry in Ukraine and Poland utilizing a previously unidentified ransomware payload.
Assurément passionné, le débat sur l’indemnisation des rançons par les assurances cyber souffre d’absents majeurs : les victimes de cyberattaque avec ransomware ayant cédé au chantage. Mais qui sont-elles ?
Cyble Research and Intelligence Labs analyzes Fake ransomware, a destructive malware capable of wiping out system drives.
A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability
In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates. …
New version of Exmatter, and Eamfo malware, used by attackers deploying the Rust-based ransomware.
California's largest public school district and the second-largest in the U.S. is undergoing a ransomware attack. The attack has disrupted the district's email
