Security News

The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week. Yesterday, Reuters reported that REvil's takedown resulted from an international law enforcement operation that included support from the FBI. Today, the Groove ransomware gang published a Russian blog post calling on all other ransomware operations to target US interests.

The Commerce Department's Bureau of Industry and Security today announced new controls that would ban U.S. companies from exporting and reselling software and hardware tools that could be used to fuel authoritarian practices through malicious hacking activities and human rights abuse.The rule will become effective in 90 days and will effectively ban the export of "Cybersecurity items" for National Security and Anti-terrorism reasons.

The latest TikTok attacks are getting served to gamers on the platform disguised as "Free" or "Hacked" versions of games like Among Us, free Steam accounts and more, according to a new report from Malwarebytes Labs. Considering games like Among Us are largely played by tweens and teenagers, the emerging TikTok landscape could be a potent tool for threat actors to launch offensives against kids, researchers pointed out.

Ransomware extracted at least $590 million for the miscreants who create and distribute it in the first half of 2021 alone - more than the $416 million tracked in all of 2020, according to the US government's Financial Crimes Enforcement Network. FinCEN analysed 635 SARs, of which 458 described transactions reported between 1 January 2021 and 30 June 2021 and the remainder reported older transactions later found to be suspicious.

Representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an "Escalating global security threat with serious economic and security consequences." Besides promoting incident information sharing between ransomware victims and relevant law enforcement and cyber emergency response teams, the initiative aims to improve mechanisms put in place to effectively respond to such attacks, while also countering the abuse of financial infrastructure to launder ransom payments.

Based on blockchain analysis of transactions tied to the 177 CVC wallets, FinCEN identified roughly $5.2 billion in outgoing BTC transactions potentially tied to ransomware payments. FinCEN also linked these transactions to a total of $590 million exposed by 458 transactions reported and 635 SARs filed by financial institutions this year, between January 2021 and June 2021.

U.S. Water and Wastewater Systems Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide potable water by effectively managing their wastewater.

The United States has kicked off meetings attended by representatives of nations that all hope to address the scourge of ransomware - without Russia or China in the room. An expression of the US National Security Council's Counter-Ransomware Initiative, the two-day meetings will occupy Wednesday and Thursday.

The threat actor's goal is Microsoft Office 365 account takeovers. Microsoft, which began tracking the activity in late July 2021, detailed the attacks in an alert released Monday, adding that the culprits appear to be bent on espionage and have ties to Iran.

Olympus, a leading medical technology company, was forced to take down IT systems in the Americas following a cyberattack that hit its network Sunday, October 10, 2021. "Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue," Olympus says in a statement published today, two days after the attack.