Category: ransomware

Dr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus Space Daily’s Maria Varmazis.

Yamaha Music of Canada that produces musical equipment and is different from Japanese Automobile maker Yamaha Motor Co has issued a statement that its servers were compromised and some of its data was accessed and stolen by hackers.

The company that produces most of the world’s audio and musical equipment stated that it still needs time to investigate to reveal more information about the incident and assured that the remediate security measures to mitigate the risks were already in place.

Yamaha issued a statement on Thursday last week, but for some reason restricted the statement access to the local media. On Monday this week, i.e., on July 24, 2023, Yamaha Canada Music issued a statement that a cyber-attack did lead to unauthorized access and data theft.

Interestingly, Russian speaking BlackByte ransomware group published the stolen data from Yamaha on its website, only accessible through Darkweb.

But on July 19th,2023 another ransomware gang known Akira also issued a statement claiming to have breached to siphon a portion of data from the company servers.

Security analysts state that such kind of claims are becoming common these days as most of the ransomware spreading gangs are operating in a Ransomware-as- a-service model where one file encrypting malware is developed and sold to 2-3 different groups with slight operational changes to differentiate. And so, all those buying the same malware can gain a benefit of infiltrating a single victim and siphon data, if the situation demands and is conducive.

The post Akira and BlackByte ransomware group claim attack on Yamaha Music Canada appeared first on Cybersecurity Insiders.

In a recent report by Check Point software technologies, it has been revealed that Microsoft’s AI-based chat platform, ChatGPT, has demonstrated the ability to generate ransomware, in addition to creating SEO-friendly content and codes. This discovery underscores the dual nature of Artificial Intelligence technology, as it can be both beneficial and risky depending on the intent of its human users.

Another concerning development is the resurgence of the Akira Ransomware in the cyberspace. Security analysts warn that this malware is now capable of launching double extortion attacks. In such attacks, hackers not only encrypt the victim’s entire database but also steal sensitive data, demanding a ransom in cryptocurrency for its safe return. Akira’s reach extends to both Windows and Linux systems, utilizing tools like WinRAR, PCHunter, and AnyDesk to infiltrate and wreak havoc.

The third piece of news pertains to the Mallox Ransomware, which has been spreading through targeted networks via SQL Servers. Also known as Fargo, Tohnichi, and TargetCompany, Mallox was first discovered in June 2021, infecting computers within the educational sector. Now, it is expanding its reach to servers involved in various industries, including manufacturing, wholesale, legal, and IT services.

Lastly, the Clop Ransomware gang has adopted a new tactic of creating clearweb web portals for prominent companies and subsequently leaking data from their victims. The clear-web is a section of the internet accessible to the public and can be indexed by search engines. Exploiting these platforms, the CLOP gang has released approximately 16GB of sensitive information from companies such as PWC, Aon, EY, Kirkland, and TD Ameritrade. The intention behind this act is to put pressure on the victims to pay the ransom, with the added risk of these websites being taken down by law enforcement within hours of their launch. This demonstrates the increasing sophistication and audacity of ransomware attackers in the digital landscape.

The post Ransomware news trending on Google appeared first on Cybersecurity Insiders.

In the face of increasingly sophisticated ransomware attacks, businesses worldwide are grappling with the need to safeguard their valuable data. As cybercriminals continue to evolve their methods, organizations must seek innovative solutions to protect their information and provide peace of mind to their customers. Rubrik, a zero trust data management company based in California, has emerged as a game-changer in this arena by introducing a unique offering: the Rubrik Ransomware Recovery Warranty. Under this program, businesses covered by Rubrik can be eligible for up to $10 million in compensation if they fall victim to a ransomware attack, subject to certain conditions.

The Growing Ransomware Threat:

Ransomware attacks have become a prevalent and persistent threat, targeting organizations across industries and geographic locations. Cybercriminals employ increasingly sophisticated techniques to infiltrate networks, encrypt valuable data, and demand substantial ransoms for its release. This alarming trend has created a sense of urgency for businesses to fortify their defenses and mitigate potential damages.

The Rubrik Ransomware Recovery Warranty:

Understanding the challenges faced by businesses committed to protecting customer information, Rubrik has taken a proactive stance by introducing its ransomware recovery warranty. This initiative serves as a testament to Rubrik’s dedication to data resilience and offers a compelling value proposition for its customers.

Eligibility and Claim Process:

To qualify for the Rubrik Ransomware Recovery Warranty, businesses must meet specific criteria. First and foremost, they need to cover their IT infrastructure with proactive and automated solutions, such as threat monitoring and threat mitigation tools. Additionally, organizations must prioritize employee training to ensure awareness and preparedness against evolving cyber threats. Finally, having efficient backup solutions for data continuity is crucial.

In the unfortunate event that a business covered by Rubrik falls victim to a ransomware attack, the Rubrik Ransomware Recovery Warranty comes into effect. This comprehensive coverage encompasses the costs associated with data recovery or restoration, as well as potential ransom payments made to the attackers. By offering this level of financial protection, Rubrik aims to instill confidence in its customers and enable them to combat the growing menace of ransomware attacks.

Advantages of the Rubrik Ransomware Recovery Warranty:

The Rubrik Ransomware Recovery Warranty distinguishes itself as a pioneering initiative in the fight against ransomware. By extending compensation of up to $10 million, Rubrik ensures that businesses can recover swiftly from a ransomware incident, minimizing the financial and reputational impact. This unique program not only sets Rubrik apart from its competitors but also supports businesses in dire need.

Conclusion:

As the threat landscape continues to evolve, organizations must adapt their cybersecurity strategies to counter the rising tide of ransomware attacks. Rubrik’s introduction of the Ransomware Recovery Warranty demonstrates its commitment to protecting customer data and supporting businesses in their battle against cyber threats. By providing financial compensation and promoting best practices in data management and security, Rubrik empowers its customers to navigate the treacherous waters of the digital realm with greater confidence and resilience.

The post Rubrik offers $10m ransomware compensation to victims appeared first on Cybersecurity Insiders.

Cybersecurity firm Sophos has released a media update that it doesn’t have any association with the newly discovered Sophos Encrypt Ransomware and is busy investigating its whereabouts and inception.

A couple of days ago, MalwareHunter Team investigated and disclosed a new file encrypting malware variant named SophosEncrypt on the prowl. Initially it was thought to be an encryptor developed by the technical team of Sophos X-Ops for some testing. But now it is assumed to be a ‘Red Flag’ that is now under the lens of detailed investigation.

Meanwhile, researchers from the same firm have reported that 71% of companies on a worldwide note were infected by ransomware and how they are introducing different tactics to negotiate ransom payments.

Whatsoever, such payments are often concealed as it takes place between the victim and the attacker. That’s partly because the law enforcement agencies like FBI have issued a warning to victims not to make any payouts as it not only encourages crime, but doesn’t guaranty a decryption key for sure. All because such payments are made in cryptocurrency that remain anonymous and the funds can be availed from anywhere in the world.

NOTE- For the past few months, some web development companies in Australia, UK and Singapore are into the business of negotiating ransomware payments. These companies contact the victim and negotiate a deal that seems to work for the victim and the hacker in every way. But the practice has been identified by the Interpol and has been labeled as a crime. Thus, those companies (not the experts from security firms) that are into the business of negotiating ransom payouts will be eligible for prosecution and those involved in the said crime in any way or form are eligible for penalties or jail terms.

The post Sophos gets startled by Sophos Encrypt Ransomware appeared first on Cybersecurity Insiders.