Darkside

Ransom Tales: Volume V — Throwback Edition! Emulating REvil, DarkSide, and BlackMatter Ransomware

Ransom Tales: Volume V — Throwback Edition! Emulating REvil, DarkSide, and BlackMatter Ransomware

| | BlackMatter, Broad-Based Attacks, Darkside, Ransomware, ransomware as a service, rEvil, Uncategorized
AttackIQ presents the fifth volume of Ransom Tales, an initiative focused on emulating the Tactics, Techniques, and Procedures (TTPs) exhibited by sophisticated and prominent ransomware families with the objective of empowering defenders ...
AttackIQ

Emulating the Financially Motivated Criminal Adversary FIN7 – Part 2

| | adversary emulation, BlackMatter, Carbon Spider, Darkside, Energy, FIN7, Financial Services, Healthcare & Life Sciences, hospitality, manufacturing, Media & Entertainment, Professional Services, Resources & Utilities, retail, rEvil, Russia, technology, transportation
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated Russian criminal adversary known as FIN7 based on activities observed between 2022 and 2023. The ...
AttackIQ

Emulating the Financially Motivated Criminal Adversary FIN7 – Part 1

| | adversary emulation, BlackMatter, Carbon Spider, Darkside, Energy, FIN7, Financial Services, Healthcare & Life Sciences, hospitality, manufacturing, Media & Entertainment, Professional Services, Resources & Utilities, retail, rEvil, Russia, technology, transportation
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated criminal adversary known as FIN7 during its most recent activities in 2024. The post Emulating ...
AttackIQ
Who Wrote the ALPHV/BlackCat Ransomware Strain?

Who Wrote the ALPHV/BlackCat Ransomware Strain?

| | @CookieDays, A Little Sunshine, ALPHV ransomware, Binrs, BlackCat ransomware, BlackMatter, Breadcrumbs, Catalin Cimpanu, Darkside, DuckerMan, duckermanit, Flashpoint, Jason Hill, Ne'er-Do-Well News, Paul Roberts, RAMP, Recorded Future, ReversingLabs, rEvil, Sergey Duck, Sergey Kryakov, Sergey Penchikov, smiseo, The Record, ToX, Varonis, YBCat
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. "BlackCat"), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language ...
Krebs on Security
RaaS

Ransomware as a Service: A Thriving Business for Hackers

| | Business Model, CNA Financial, Colonial Pipeline, cybersecurity awareness, Darkside, Phishing, RaaS Attack, Ransomware, ransomware as a service, rEvil, SaaS
Ransomware as a service has become quite a popular and profitable business for cybercriminals. These cybercriminals often collaborate with malware developers and carry out coordinated cyberattacks. This approach to a ransomware attack ...
Kratikal Blogs

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

| | Andrey Sergeevich Bessonov, Colonial Pipeline, Darkside, Dmitri Alperovitch, FSB, gandcrab, Immersive Labs, Kevin Breen, Ne'er-Do-Well News, NotPetya, President Biden, Ransomware, rEvil, Roman Gennadyevich Muromsky, The Coming Storm, Vladimir Putin
The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian ...
Krebs on Security
Who is the Network Access Broker ‘Wazawaka?’

Who is the Network Access Broker ‘Wazawaka?’

| | 902228, Abakan, Abaza, Breadcrumbs, Constella Intelligence, cs-arena.org, Darkside, ddosis.ru, [email protected], DomainTools, Flashpoint, initial access broker, Kopyovo-a, Lockbit, Mikhail Matveev, Mikhail Mix Matveev, [email protected], [email protected], Ne'er-Do-Well News, Ransomware, Uhodiransomware, Wazawaka
In a great many ransomware attacks, the criminals who pillage the victim's network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC ...
Krebs on Security
Obi Wan Kenobi (miniature)

Best of 2021 – DarkSide Ransomware Gang Struck Down — but by Whom?

| | Biden administration, Colonial Pipeline, Darkside, If you strike me down I shall become more powerful than you can possibly imagine, Ransomware, SB Blogwatch, White House
DarkSide, hackers of the Colonial Pipeline, has hurriedly shut up shop. It claims that its servers and cryptocurrency balances have disappeared ...
Security Boulevard
What is Driving the Surge of Ransomware Attacks?

What is Driving the Surge of Ransomware Attacks?

| | Advanced persistent threat, Anti-Ransomware, antivirus, APT, Colonial Pipeline, cryptocurrency, cybercrime, Cybereason Anti-Ransomware Solution, Darkside, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, EPP, Indicators of Behavior, Infosec, iob, Kaseya Attacks, Next Generation Antivirus, RansomOps, Ransomware, rEvil, security, StopRansomware.gov, Unified Endpoint Security
Some major ransomware attacks have dominated the headlines recently. Back in the beginning of May, for instance, the Colonial Pipeline Company suspended its daily transportation of 100 million gallons of fuel between ...
Blog
ransomware RaaS ZombieLoad

Nuspire Report Confirms Massive Spike in Ransomware Attacks

| | Darkside, Emotet, patches, Ransomware
Nuspire, a provider of managed security services, published a report today that found a 55,239% increase in ransomware activity a few weeks prior to the Colonial Pipeline ransomware attack conducted by DarkSide ...
Security Boulevard
Load more