Ever since the invention of internet browsers for personal computers came about in the 1990s, cybercrime has been on the rise. Almost 30 years after the invention of the Worldwide Web, cybercriminals have a variety of different methodologies and toolkits that they use on a daily basis to leverage vulnerabilities and commit crime. One of the most popular types of attacks that is used by threat actors is a ransomware attack.

A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia. And earlier in the year, a zoo in Tampa Bay was targeted by the same hacking gang.

Imagine waking up one day and checking your bank records to find details of transactions you never made. This nightmarish situation can result from the Tiny Banker Trojan (Tinba) malware, which can steal banking credentials to funnel money to external accounts. There has been a rise in such malicious and fraudulent activities worldwide over the past few years. According to a recent report, in Q2 2023 alone, 59,167 malicious installation packages were identified as related to mobile banking trojans.

As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) are becoming increasingly exposed to cyberattacks, particularly those involving ransomware.

2023 was a lucrative year for ransomware actors, with victim organizations paying $449.1 million in the first six months alone. Maintaining this cash stream requires frequent technique shifts, which may be why more attackers are exploiting legitimate software to propagate their malware. Abusing organizations’ existing enterprise tools can help attackers blend in while they’re doing reconnaissance, and also aids them with privilege escalation and persistence.

In the ever-evolving landscape of cybersecurity threats, one name that consistently surfaces as a force to be reckoned with is "PlugX." This covert and insidious malware has left a trail of digital intrigue, combining advanced features with a knack for eluding detection. Its history is interwoven with cyber espionage, targeted attacks, and a continuous cat-and-mouse game with security experts (1)(2).

In the ever-evolving landscape of cybersecurity, the battle against ransomware has taken a concerning turn. According to the latest findings from Secureworks annual State of the Threat Report, the deployment of ransomware is now occurring within just one day of initial access in more than half of all engagements.

The ransomware attack on ICBC Financial Services caused disruption of trading of U.S. Treasuries and marked a new level of breach that could have massive repercussions. When we saw the attack on the Colonial Pipeline back in 2021, the impact was felt throughout the Southeast United States. Any attack on key businesses that keeps an economy running will have some form of impact should the attack be successful.

Over sixty credit unions across the United States have been taken offline following a ransomware attack at one of their technology providers - demonstrating once again the damage that can be caused by a supply-chain attack. There are a few moving parts here, so here’s a quick summary: Trellance - A provider of solutions and services used by credit unions, and the parent company of FedComp. FedComp - a provider of software and services that enable credit unions to operate around the world.

Malicious browser extensions are a common attack vector used by threat actors to steal sensitive information, such as authentication cookies or login credentials, or to manipulate financial transactions.