Category: News

From itproportal.com

Compared to the same period last year, the average ransom paid to ransomware attackers in the first half of 2021 rose by 82 percent, new figures from cybersecurity firm Unit 42 suggest.

After analyzing “dozens” of ransomware cases that took place in the first half of the year, Unit 42 concluded that the average ransomware payment hit $570,000, up from $312,000 a year ago. 

Criminals also seem to be getting bolder, as the average ransom demand also spiked – by 518 percent. While in 2020, the average demand sat at $847,000, this year it’s $5.3 million.

Read more…

From bleepingcomputer.com

A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices.

This ransomware strain (also known as QNAPCrypt) first surfaced in June 2016, after victims began reporting attacks in a BleepingComputer forum topic.

The ransomware hit QNAP NAS devices in multiple waves, with two large-scale ones were reported in June 2019 and in June 2020. 

eCh0raix also encrypted devices made by Synology in 2019, with Anomali researchers finding that the attackers brute-forced administrator credentials using default credentials or dictionary attacks.

At the time, the NAS maker warned its customers to secure their data from an ongoing and large-scale ransomware campaign. However, it did not name the ransomware operation responsible for the attacks.

Read more…

From securityweek.com

Tens of thousands of internet-exposed Microsoft Exchange servers appear to be affected by the ProxyShell vulnerabilities, and they could get compromised at any moment considering that threat actors are already scanning the web for vulnerable devices.

ProxyShell is the name given to a series of vulnerabilities — CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207 — that can be chained for unauthenticated remote code execution, allowing an attacker to take complete control of an Exchange server.

The flaws were discovered by Orange Tsai, principal researcher at security consulting firm DEVCORE, and they were first demonstrated at the Pwn2Own hacking competition earlier this year.

The researcher says Microsoft released patches in mid-April, but advisories for the vulnerabilities were only published in May and July.

Read more…

From heimdalsecurity.com

Every day, cybersecurity specialists detect over 200,000 new ransomware strains. This means that each minute brings no less than 140 strains capable of avoiding detection and inflicting irreparable damage. But what is ransomware in the end? Briefly, ransomware is one of the most common and most dangerous cyber threats of today, with damaging consequences for individuals and businesses alike.

In this article, I explain what is ransomware, how it is used, and I will walk you through the most notorious examples of ransomware families.

Read more…

From csoonline.com

Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes.

From an intelligence collector’s perspective, it makes sense to target it. “Microsoft 365 is a gold mine,” Doug Bienstock, incident response manager at Mandiant, tells CSO. “The vast majority of [an organization’s] data is probably going to be in Microsoft 365, whether it’s in the contents of individual emails, or files shared on SharePoint or OneDrive, or even Teams messages.”

Read more…

From itproportal.com

As of September 7th, 2021, El Salvador will officially recognize Bitcoin as legal currency. This is a remarkable move, and one that will likely stimulate a huge amount of economic growth as Salvadoreans leapfrog from a largely cash-based society straight to a system characterized by the frictionless, finger-snap efficiency of digital currency.

The benefits of this normalization of cryptocurrency have been spelled out in no uncertain terms by President Bukele, who points to two key areas of interest: financial inclusion and cross-border remittances. As the President notes, 70 percent of El Salvador’s population doesn’t have a bank account – as such, the financial inclusion Bitcoin represents will allow Salvadoreans “access to credit, savings, investment, and secure transactions.”

Read more…

From securityonline.info

Cloud Katana is a cloud-native tool developed from the need to automate the execution of simulation steps in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions that expedites the research process and assessment of security controls. We are currently covering use cases in Azure, but we are working on extending it to other cloud providers.

Read more…