RSS_Virtulization

According to a new report, no two criminal groups deploy the infamous REvil ransomware variant identically, adding to the challenge for those tasked with detecting and responding to such attacks. The new study from Sophos details the activity of the affiliates who license the malware itself and handle the break-ins. This ransomware-as-a-service (RaaS) model now accounts for the majority of attacks in the wild. Initial network access could come from brute-forcing internet-facing services like VPNs, RDP, VNC, and cloud-based…

The Avaddon ransomware gang has shut down its operations and released the decryption keys to allow victims to recover their files for free. Good news for the victims of the Avaddon ransomware gang, the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. The group has also shut down its servers and deleted profiles on hacking forums, they also shut down their leak site. This morning, BleepingComputer received a…

A data breach at a Volkswagen vendor has impacted millions of customers and prospective car purchasers across North America.  The breach occurred after information gathered by the vendor between 2014 and 2019 for sales and marketing purposes was stored electronically in an unsecured file for years.  The majority of the individuals whose data was compromised were potential buyers or current customers of luxury car brand Audi. The Volkswagen Group formed Audi in 1969 after it bought the Auto Union…

Ransomware group REvil has claimed responsibility for a recent cyber-attack on a multinational renewable energy company based in the United States. Invenergy LLC, which is headquartered in Chicago, launched an investigation after unauthorized activity was detected on some of its systems. In a statement issued on Friday, the company said: “At no time were Invenergy’s operations impacted and no data was encrypted.”  Invenergy added that it was complying with data breach disclosure regulations and that it “has…

Two experts are concerned that employees are no match for nation-state spy services tasked with obtaining a company’s vital intellectual property. Image: Yuichiro Chino/Moment/Getty Images Companies—large and small—need to be aware of espionage threats. If that seems a bit overboard, consider the dramatic increase in the number of incidents related to geopolitical cybercrime. “Many authoritarian governments are doing everything they can, including using their spy services, to build successful businesses and grow their economies,” explained…

The possibility of a deal allowing for the conditional handover of cyber-criminals between the United States and Russia has been extinguished by American president Joseph Biden.  Russian president Vladimir Putin said on June 13 that he would be willing to make an arrangement with the United States whereby the two countries would exchange cyber-criminals in accordance with agreed-upon  conditions.  Putin, who is due to meet with Biden at a bilateral summit in Geneva on June…

Over the past several years, the rising star of security orchestration, automation, and response (SOAR) tools keeps climbing higher. As organizations struggle to handle the crush of alerts surging out of their security controls with not enough cybersecurity professionals to manage the work, SOAR products promise to bring some sanity to the process. The promise is that SOAR platforms can help security operations teams to sail through the massive volume of alerts they face and…

The mass migration of employees working from home in the last 14 months has accelerated the digital transformation of businesses.  Cloud applications are no longer a “nice to have,” they are now essential to ensure that businesses survive.  This introduces new security challenges in being able to locate and control sensitive data across all the potential exfiltration vectors regardless of whether they are in the cloud; on premise via managed or unmanaged machines.  Attempting to…

Every week it seems there’s another enormous breach in the media spotlight. The attackers may be state-sponsored groups with extensive resources launching novel forms of ransomware. Where does your organization stand on its readiness and engagement versus this type of advanced persistent threat? More importantly, where does it want to go? We believe that the way your organization uses threat intelligence is a significant difference maker in the success of your cybersecurity program. Just as…