In a first for the FBI, their Cyber Division has released a FLASH alert to warn about a ransomware affiliate. The cybercriminals in question are the OnePercent Group, which has operated since at least November 2020 and has ties to the REvil, Maze, and Egregor extortion gangs.
A new backdoor under active development by the FIN8 cybercrime group has been identified following a failed attack on an unnamed U.S. financial institution.
A bug in Internet Explorer is being exploited by InkySquid — an advanced persistent threat group with ties to North Korea — to launch watering hole attacks.
The Northeast United States has been inundated with rain from Tropical Storm Henri, causing mass flooding and power outages.
A brand-new phishing campaign sees attackers sending out emails disguised as official UPS communications. These messages utilize an XSS vulnerability on UPS.com to appear remarkably legitimate.
The ransomware arms race continues to thrive as LockBit gangs recruit corporate insiders to help them breach and encrypt networks, offering employees hefty payouts in exchange for their help. LockBit recently made news when they hit the UK’s Merseyrail this past April.
Today we released the Acronis Cyberthreats Report Mid-year 2021, our latest in-depth review of current cyberthreat trends. It contains cutting-edge research, findings, and observations from the experts at our global network of Acronis Cyber Protection Operations Centers (CPOCs).
Acronis Cyber Protection Agent 15.x for Windows has been granted OPSWAT Platinum Certification for Anti-Malware in July 2021. This represents another step forward for our cyber protection technology, which had previously earned Gold Certification, and demonstrates Acronis’ continued focus on refining the effectiveness and compatibility of our solutions, meeting the needs of the ever-evolving cyberthreat and IT landscapes.
The recent supply-chain attack on Kaseya by the REvil ransomware group impacted dozens of managed service providers (MSPs) who rely on Kaseya VSA, as well as thousands of small businesses that are managed by those MSPs. While the initial ransom demand was dropped from $70 million to $50 million, the pain and frustration of those targeted rose steadily during the incident.
The world’s largest meat supplier, JBS, was forced to halt operations at many of its U.S. and Australian processing plants after a massive cyberattack. This activity threatened supply chains across the world, and resulted in an immediate rise in wholesale red meat prices. This cyberattack, while notable in its own right, is also simply the latest example in a dangerous pattern of escalating ransomware hazards.
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale spear phishing campaign driven by Nobelium — the threat actors behind the recent SolarWinds attacks and the SUNBURST backdoor used in those strikes. Nobelium continues its attacks on U.S. agencies and the private organizations in their sphere. The group managed to hijack an email distribution account used by the United States Agency for International Development (USAID), sending thousands of authentic-looking but malware-laden messages to a variety of human rights groups, think tanks, and other organizations.
DarkSide stands out from other ransomware as a service (RaaS) threats, as one of its attack vectors is based on the Zloader botnet (also known as “Silent Night”). It has also been delivered through compromised third-party service providers.