Security News
Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service attack targeting an unnamed website that peaked at 2.5 million requests per second. "While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting with time and with each new phase," Nelli Klepfish, security analyst at Imperva, said.
A global survey that looked into the experience of ransomware victims highlights the lack of trustworthiness of ransomware actors, as in most cases of paying the ransom, the extortion simply continues. 38% of ransomware attacks threatened to use stolen data to extort customers.
CyberSaint announced the release of a report which identifies which sectors pay the most in ransom, have the propensity to pay and delves into the future of ransomware. Since these sectors provide vital services, organizations are more likely to pay the ransom to protect the stolen data and restore provided services.
80% of critical infrastructure organizations experienced a ransomware attack in the last year, with an equal number reporting that their security budgets have risen since 2020, a Claroty report reveals. The report is based on an independent global survey of 1,100 information technology and operational technology professionals who work in critical infrastructure sectors, exploring how they have dealt with the significant challenges in 2021, their levels of resiliency, and priorities moving forward.
A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. Unlikely most ransomware operations you read about in the news, Sugar does not appear to be targeting corporate networks but rather individual devices, likely belonging to consumers or small businesses.
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply.
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Earlier this week, Nordic Choice Hotels group announced its IT systems were hit by a "Computer virus" on Thursday, December 2nd. The incident left the hotel staff without access to the hotel's reservation systems that manage check-in, check-out, payments, and bookings.
The US Federal Bureau of Investigation says 49 organisations, including some in government, were hit by Cuba ransomware as of early November this year. The ransomware gang's loader of choice, Hancitor, was the culprit, distributed via phishing emails, or via exploit of Microsoft Exchange vulnerabilities, compromised credentials, or Remote Desktop Protocol tools.
The MosesStaff hacking group is aiming politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible, researchers warned. Unlike other anti-Zionist hacktivists like the Pay2Key and BlackShadow gangs, which look to extort their victims and cause embarrassment, MosesStaff encrypts networks and steals information, with no intention of demanding a ransom or rectifying the damage.
Cryptomixers have always been at the epicenter of cybercrime activity, allowing hackers to "Clean" cryptocurrency stolen from victims and making it hard for law enforcement to track them. Mixers allow threat actors to deposit illicitly obtained cryptocurrency and then mix it in a large pool of "Random" transactions.