25 December 2021

NO HOLIDAYS FOR ENTERPRISE ATTACKERS: Expect more between Christmas and New Years

HOLD The holiday season is here, but there is no rest for weary admins at Bleeping Computer as ransomware gangs are still conducting attacks over the Christmas and New Years breaks.

The Week in Ransomware - December 24th 2021 - No rest for the weary

 
". . .This is especially true this year, with the rampant Log4j exploitation over the past few weeks leading to compromised networks that are ripe for ransomware deployment while the workforce is on vacation.
Network admins and security researchers are already reporting that BlackCat/ALPHV affiliates continue to attack the enterprise today as we move into the Christmas weekend, so it is vital to keep an eye on your networks and respond quickly to unusual behavior.
Good luck out there and wishing everyone a very happy and uneventful holiday season!
 

December 24th 2021

Rook ransomware is yet another spawn of the leaked Babuk code

A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make "a lot of money" by breaching corporate networks and encrypting devices.

Global IT services provider Inetum hit by ransomware attack

As first reported by Valéry Marchive, less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers.

Noberus/ALPHV/BlackCat attacking during Christmas

It's not uncommon for ransomware gangs to take a bit of time off during the holidays. However, looks like BlackCat affiliates are continuing to work through the holidays.

ALPHV BlackCat - This year's most sophisticated ransomware

The new ALPHV ransomware operation, aka BlackCat, launched last month and could be the most sophisticated ransomware of the year, with a highly-customizable feature set allowing for attacks on a wide range of corporate environments.

The ransomware executable is written in Rust, which is not typical for malware developers but is slowly increasing in popularity due to its high performance and memory safety.

MalwareHunterTeam found the new ransomware and told BleepingComputer that the first ID Ransomware submission for the new operation was on November 21st.

Android

Android banking trojan spreads via fake Google Play Store page

An Android banking trojan targeting Itaú Unibanco, a large financial services provider in Brazil with 55 million customers globally, is using a fake Google Play store to spread to devices.

Hacking security

Get lifetime access to this huge cybersecurity course library for $59

Infosec4TC provides all the training you could ever need, with 90 courses covering every major topic and exam. Lifetime Platinum Membership is worth $999, but you can sign up today for just $58.65 using the festive promo code MERRY15.

  • BleepingComputer Deals
  • December 24, 2021
  • 07:26 AM
  • Comment 0

 

That's it for this week! Hope everyone has a nice weekend!

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-24th-2021-no-rest-for-the-weary/

Related Articles:

The Week in Ransomware - December 10th 2021 - Project CODA

Global IT services provider Inetum hit by ransomware attack

ALPHV BlackCat - This year's most sophisticated ransomware

The Week in Ransomware - December 17th 2021 - Enter Log4j

Kronos ransomware attack may cause weeks of HR solutions downtime

 
 

 

No comments: