Tonya Riley reports: A new ransomware group claims to have breached 30 organizations in government, financial services, health care services, and energy firms in the United States, United Kingdom, and a dozen more countries, according to Palo Alto Networks research published Wednesday. The group, which Palo Alto researchers have dubbed “Prometheus,” most frequently targets the manufacturing industry….
Category: Commentaries and Analyses
ASEAN companies still targeted by ALTDOS threat actors
In December of 2020, DataBreaches.net reported on a threat actor (or actors) calling themself “ALTDOS” who had attacked a Thai securities trading firm, Country Group Securities (CGSEC) . CGSEC wasn’t the only Thai entity they attacked, and within weeks, they had attacked MonoNext and 3BB, subsidiaries of Jasmine International. Angered by the entities’ response or lack of response to…
Trikbot Hacker Known as Max Is 55-Year-Old Woman From Russia, U.S. Says
Kartikay Mehrotra reports: Alla Witte’s plans for a new career as a computer programmer included helping clients make enough money to see the world, according to YouTube videos and social media posts. She was in her late 40s with a degree in applied mathematics and an itch to do computer programming. But there was a…
From QBot…with REvil Ransomware: Initial Attack Exposure of JBS
Vitali Kremez & Yelisey Boguslavskiy write: During the first week of June 2021, two major corporations were attacked by a ransomware group. JBS, the largest meat producer in the world, was hit on May 30, with the attack targeting the North American and Australian IT systems. Fujifilm, a Japanese multinational conglomerate was likely hit between…
FBI and Australian police ran an encrypted chat platform to catch criminal gangs
Catalin Cimpanu reports: The FBI and Australian Federal Police ran an encrypted chat platform and intercepted secret messages between criminal gang members from all over the world for more than three years. Named Operation Ironside (AFP) / Trojan Shield (FBI, Interpol) on Monday, law enforcement agencies from Australia, Europe, and the US conducted house searches and arrested thousands of…
The blurry boundaries between nation-state actors and the cybercrime underground
Intel471 writes: When it comes to attributing malicious cyber activity, there are two buckets by which actors generally fall in: “financially-motivated” or “nation-state.” The former is ultimately interested in money, while the latter is more concerned with obtaining or exploiting sensitive information to gain an advantage over a government or commercial entity. For the past…