Researchers at Kasperksy have tied a piece of malware used by Lazarus Group last seen targeting security vulnerability researchers earlier this year to another campaign by the North Korean hacking group focused on pilfering sensitive data from defense contractors across 12 countries since 2020. Kaspersky researchers Vyacheslav Kopeytsev and Seongsu Park
Author: Derek B. Johnson
Data protection companies Arcserve and StorageCraft to merge
A pre-pandemic photo of the Arcserve team. (Arcserve) Two data protection companies, Arcserve and StorageCraft, announced today they are merging into a single company. Arcserve and StorageCraft both sell a range of data management and protection services, including data backup, disaster recovery and business continuity, cloud and on-premise email archiving and ransomware
Startup that maps adversaries’ IT infrastructure lands $16 million in funding
HYAS, a threat intelligence startup that specializes in mapping and blocking the command and control infrastructure of malicious hackers, announced it has closed out its Series B round with $16 million in new funding. The new round was led by S3 Ventures, with additional financial support from Uncorrelated Ventures, Tightline Holdings,
Three North Korean hackers charged for financial and revenge-motivated hacks
The Department of Justice has unsealed an indictment against three members of Lazarus Group. Charges against one of the three were first brought in 2018. (Mario Tama/Getty Images) The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private
Researchers identify 223 vulnerabilities used in recent ransomware attacks
Ransomware is getting worse. Cybersecurity analysts have been screaming this sentiment from the rooftops for years, but now new research examining the expanding landscape of software vulnerabilities leveraged in ransomware attacks offers up some hard numbers that put the depth of this problem into context. Researchers from RiskSense have identified as
FIN11 e-crime group shifted to clop ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several of their recent ransom notes explicitly name data stolen from workstations
Malware variant becomes world’s most popular, thanks to ransomware surge
Ransomware actors are laundering hundreds of millions of dollars through pseudo-legitimate cryptocurrency exchanges, while early-stage malware that is often used to facilitate their attacks have become the most popular forms of malware in the world. According to new analysis from Check Point, Emotet was the most popular malware variant in December,
Non-profit founded by Gates Foundation suffers massive exposure of student records
Get Schooled, a New York-based charity suffered a data exposure that left records related to hundreds of thousands of students in an unsecured AWS bucket that was open and accessible from the internet. The exposure was first identified by TurgenSec, a security firm based in the United Kingdom, that received a
Can SolarWinds survive? For breached companies it’s a long, painful road to restoring trust
In several important ways, the SolarWinds hack is unique: few companies have the same level of software dominance at the highest levels of government and industry or merit the kind of targeting from a state sponsored APT group. In a broader sense, they’re facing a similar reality that many other companies
New ransomware campaign exploits weak MySQL credentials to lock thousands of databases
Researchers at Guardicore Labs have uncovered a year-long malware-less ransomware campaign targeting millions of internet-facing MySQL databases. The campaign, named PLEASE_READ_ME by researchers, has been going on since January 2020 and has utilized an “extremely simple” attack chain to carry out at least 92 separate attacks over the past year, with