Recent findings in a SpyCloud report shows companies are starting to recognize and shift their priorities to defend against ransomware attacks, but the use of infostealer malware still has a high success rate for cybercriminals. According to SpyCloud's analysis, 76% of infections that preceded these ransomware events involved Raccoon infostealer malware.
Ave Maria RAT (remote access trojan), also known as “Warzone RAT,” is a malware that gains unauthorized access or remote control over a victim’s or targeted computer system. This RAT operates stealthily and grants attackers access to various functionalities within the compromised system. Its malicious activity includes data theft, privilege escalation, remote desktop control, email credential collections, browser credential parsing and more.
SmokeLoader is a well-known malware family that has been around for more than 10 years. Its main purpose is to download and drop other malware families. However, SmokeLoader's operators also sell plugins that add capabilities to the main module. Those plugins allow an affiliate to collect browser data from infected computers, as well as emails, cookies, passwords, and much more. In this blog post, we'll dissect SmokeLoader's plugins that were received by an infected computer from the botnet "0020".
Read also: NLBrute malware dev pleads guilty, Piilopuoti darkweb marketplace dismantled, and more.
On September 20th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory highlighting the various indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Snatch ransomware variant. This variant was identified as recently as June 1, 2023, by the FBI. Detailed information is listed in US-CERT Alert AA23-263A – #StopRansomware: Snatch Ransomware.
The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Snatch? As in the movie from twenty odd years ago? I'm not sure I've heard of Snatch before... Maybe you haven't.
In this episode of Cyber Security Decoded, Head of Rubrik Zero Labs Steve Stone is joined by Zscaler’s EVP of Customer Experience & Transformation, Kavitha Mariappan! Learn more about our findings in the State of Data Security report here 👉 https://rbrk.co/3GrzWsu
The latest MGM Resorts ransomware attack demonstrates why cyber insurance is critical as part of a multi-layered security strategy. In our last blog, we discussed the recent Las Vegas cyber incidents and how no organization is completely safe. The original cyber incident at MGM Resorts occurred on September 10, 2023 — nearly two weeks ago now – and the company and its valued customers are still feeling its effects.
Save The Children is an organization that specializes in helping children live healthy lives. The non-profit works in multiple countries, helping to provide for children's needs, especially in areas affected by war or tragedy. This organization was recently the target of a ransomware hacker group and suffered huge data losses as a result of that targeting.
