Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

Still Alive: Updates for Well-Known Latin America eCrime Malware Identified in 2023

Latin America (LATAM) is a growing market, and threat actors have used numerous eCrime malware variants to target users in this region. Over the past few years, many researchers have characterized the tactics, techniques and procedures (TTPs) of widespread Latin America malware families, including but not limited to Mispadu, Grandoreiro, Mekotio, Casbaneiro, Metamorfo and Astaroth.

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities. LockBit, which has been operating since 2020, has targeted thousands of victims around the globe, causing the loss of billions of dollars in both ransom payments and recovery.

Operation Cronos: The Takedown of LockBit Ransomware Group

On February 20, 2024, the National Crime Agency (NCA) of Britain and the Federal Bureau of Investigation (FBI) announced the successful disruption of the Lockbit ransomware gang, marking a significant milestone in the fight against cybercrime. This operation, known as Operation Cronos, was a collaborative effort involving law enforcement agencies from the UK, the US, and several other countries, with support from private sector partners.

Beating LockBit at its Own Game: Law enforcement's takedown of a prolific ransomware group

After a years-long investigation, this week the FBI and law enforcement agencies in the UK and Europe took over the main website of the cybercrime group known as LockBit. Law enforcement additionally arrested LockBit associates in Poland, Ukraine, and the U.S. and the U.S. Treasury imposed sanctions on Russian nationals affiliated with the group. The joint operation re-engineered LockBit’s online system to mimic the countdown clock used by the group in its extortion attempts.

Operation Cronos: Global Law Enforcement Deals Significant Blow to LockBit Ransomware; Two Russian Nationals Indicted in the US

In a synchronized effort across multiple nations, law enforcement agencies have conducted a series of raids and arrests targeting those responsible for the LockBit ransomware attacks. Termed Operation Cronos, this initiative marks a notable victory in the ongoing battle against cybercrime. The LockBit ransomware group has been behind several high-profile cyber assaults, causing substantial financial harm and disruption to businesses and organizations globally.

Fetching data using the Rubrik Security Cloud PowerShell SDK

Already pulled down the Rubrik Security Cloud PowerShell SDK and wondering why you aren't seeing all of the fields you are used to? This video will walk you through the various methods of fetching data from the RSC platform using the SDK. You'll get a basic understanding of how the module is architected and the difference between the autogenerated core cmdlets and the handcrafted wrapper cmdlets that exist within the Rubrik Security Cloud PowerShell module.

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow won’t impact ransomware overall. As in the past, another group will pick up the slack, or LockBit itself will reform and get back into business.

Understanding and Responding to Ransomware

As cybercrime evolves, one avenue for attack has risen to prominence across the world: Ransomware. According to Arctic Wolf’s State of Cybersecurity 2023 Trends Report, 48% of organizations view ransomware as the top attack vector concern. A concern comes with just cause, as the Arctic Wolf Labs 2024 Threats Report showed 48.6% of incidents investigated by Arctic Wolf were ransomware attacks.