SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company’s Global Management System (GMS) firewall management and Analytics network reporting engine software suites. […] Read More
BleepingComputer
The all in one place for non-profit security aid.
SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company’s Global Management System (GMS) firewall management and Analytics network reporting engine software suites. […] Read More
BleepingComputer
Ransomware Gangs Are Collaborating To Attack Financial Services Firms
The Cyber-Extortion Trinity—the BianLian, White Rabbit, and Mario ransomware gangs—was observed by researchers working together to launch a joint extortion campaign against publicly traded financial services companies.
Although these joint ransomware attacks are uncommon, they may grow more often due to Initial Access Brokers (IABs) working with various Dark Web groups.
Law enforcement actions that establish networks of cybercriminals are another aspect that might be encouraging more cooperation. Members of these threat actor networks who have been displaced might be more open to working with competitors.
Resecurity, Inc. (USA) has found this significant connection between three main ransomware gangs based on a recent Digital Forensics & Incident Response (DFIR) engagement with a law enforcement agency (LEA) and one of the top investment firms in Singapore.
After attacking a U.S. bank in December 2021, the White Rabbit ransomware family was first observed in the wild, focusing on financial institutions (FIs).
Giving victims four or five days to pay their ransom was a strategy that the threat actors behind White Rabbit initially adopted. This ransom family’s note threatens to report victims to oversight authorities, putting businesses at risk of fines and General Data Protection Regulation (GDPR) enforcement if they don’t pay the extortion money on time.
Notably, the Ransomhouse Telegram Channel has always been mentioned in White Rabbit’s ransomware note.
According to the CISA-ACSC advisory, Since June 2022, companies in several crucial infrastructure sectors in the United States have been the target of BianLian, a cybercriminal group that develops, deploys, and demands data using ransomware.
They have targeted professional services, property development, and Australia’s essential infrastructure sectors.
Using legitimate Remote Desktop Protocol (RDP) credentials, BianLian acquires access to victim systems, performs credential harvesting and discovery using open-source tools and command-line scripting, and exfiltrates victim data via File Transfer Protocol (FTP), Rclone, or Mega.
Actors from the BianLian organization then threatened to release data to extract money. The BianLian group used a double-extortion methodology in which they first encrypted the victims’ systems after exfiltrating the data.
MarioLocker is a ransomware-type malware. People whose computers are infected with this kind of malicious software typically aren’t able to view or use their files.
Subsequent analysis revealed that additional ransomware notes bearing a signature linked to the Mario ransomware were found on a number of the victim’s compromised computers. The note included a clear reference to the RansomHouse Telegram Channel.
Hence, the current dynamic ransomware threat landscape poses a significant challenge for organizations, and this instance highlights the vital significance of proactive cybersecurity strategy and planning.
Regular system updates, strong threat detection systems, and employee training to assist staff in recognizing and preventing social engineering attacks are recommended.
The post Ransomware Gangs Are Collaborating To Attack Financial Services Firms appeared first on Cyber Security News.
Cyber Security News
Hackers Have Earned More Than $300 Million on the HackerOne Platform
The ethical hacking community has earned $300 million in total all-time rewards on the HackerOne platform. In addition, thirty hackers have made over a million dollars on the network; one hacker’s total profits have surpassed four million dollars.
Through ongoing adversarial testing, HackerOne identifies the most important flaws in an organization’s attack surface to defeat hackers. The platform offers bug bounty programs to both public and commercial entities, including governmental bodies.
As per the recently published 2023 Hacker-Powered Security Report, the field of generative artificial intelligence (GenAI) has grown rapidly in the last 12 years.
For 14% of hackers, it has grown to be a crucial tool, and 61% said they intend to utilize and create hacking tools that employ GenAI to uncover new vulnerabilities.
Moreover, according to 55% of hackers, GenAI technologies themselves will grow to be a significant target in the upcoming years.
Organizations in the cryptocurrency and blockchain sector continue to witness significant program participation; they give out the highest average total prizes for hackers and provide the top payment of $100,050 for the year.
“Organizations are under pressure to adopt GenAI to stay ahead of competitors, which, in turn, is transforming the threat landscape. If you want to remain proactive about new threats, you need to learn from the experts in the trenches: hackers,” said Chris Evans, HackerOne CISO and Chief Hacking Officer.
“The Hacker-Powered Security Report makes clear that hackers are actively growing their skillsets to meet emerging threats. The versatility of hackers and the impact of the vulnerabilities they surface make them instrumental to how our customers anticipate and address risk.”
Hackers identified a lack of internal skill and knowledge as the primary obstacle facing organizations, and they are addressing this shortcoming: According to 70% of clients, hacker activities have prevented a serious cyber crisis for them.
Reports also stated that exploited vulnerabilities pose a greater danger to their organizations than nation-state actors (10%), insider threats (12%), and phishing (22%).
The average remediation time across the platform decreased by 10 days in 2023, indicating that customers are becoming proficient at addressing vulnerabilities.
According to HackerOne, the total amount of time needed for remediation has grown from 35 to 37 days. With a median remediation time of 148.3 days, aviation and aerospace industries were the slowest to patch, followed by medical technology organizations at 73.9 days.
Blockchain and cryptocurrency companies addressed issues the fastest, taking 11.6 days.
“A limited scope puts off 50% of hackers, but slow response time and poor communication are the issues that are most likely to prevent a hacker from reporting a vulnerability”, reads the report.
For hackers, “Pentesting” and “Secure Code Review” are two new career paths that are developing and increasing overall payouts. On the HackerOne platform, these operations had a 54% increase in 2023.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.
The post Hackers Have Earned More Than $300 Million on the HackerOne Platform appeared first on Cyber Security News.
Cyber Security News
Two US universities added to Cl0p’s target list. The dangers of using public Wi-Fi.
Two US universities added to Cl0p’s target list. The dangers of using public Wi-Fi. Iowa school district says thousands impacted in data breach. Read More
The CyberWire