TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. “As of mid-2021, X-Force observed ITG23 partner with two additional malware distribution…

Tech support scams work because they try to trick people into believing there’s a serious security crisis with their computers, says Norton Labs. Image: Bojan89, Getty Images/iStockphoto You receive a phone call, an email or a popup on the web claiming that your computer is at risk and that some security firm or product is needed to fix the problem. Though such scams seem obvious to people knowledgeable about cyber threats, many people still fall…

The new CX 10000 integrates security services, like a firewall, directly into a one-unit network switch deployable anywhere security and other services need to reside. The Aruba CX 10000 series distributed services switch Image: Aruba Aruba has announced a new single-unit networking switch that it describes as “the industry’s first distributed services switch.” If Aruba is correct, its new CX 10000 could be a game changer for companies who gather data at, or otherwise make…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Cobalt Strike, Metasploit, Phishing, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News…

Two out of three organizations surveyed by ThycoticCentrify were hit by a ransomware attack over the past 12 months, and more than 80% reportedly opted to pay the ransom. Image: Getty Images/iStockphoto The key to combating any type of cyberattack is to prevent it before it happens, or at least before it’s able to cause significant damage. That’s especially true with ransomware. Once an attacker gets their hands on your sensitive data, they can prevent…

More than four in five (83%) ransomware victims in the last 12 months felt they had no option but to pay the extortion demand to restore their data, according to a new report by ThycoticCentrify. The study, which was based on a survey of 300 US IT business decision-makers, also found that close to two-thirds (64%) of companies were victims of ransomware attacks in the last 12 months. The latest research demonstrates rising ransomware cases and extortion payments since…

Traditional security solutions are no longer enough to protect your organization from a data breach, Bitglass says. Image: wildpixel, Getty Images/iStockphoto Data is a hot commodity on the Dark Web where people buy and sell sensitive information, much of it stolen through network breaches. Usernames, passwords, account numbers, financial records, credit card details, medical records—all of these are up for grabs. And with today’s savvy cyberattacks, it’s not a matter of “if” but “when” your…