Found 157 bookmarks
Custom sorting
Ransomware roundup: 2024 end-of-year report - Comparitech
Ransomware roundup: 2024 end-of-year report - Comparitech
In 2024, ransomware groups claimed responsibility for 5,461 successful ransomware attacks on organizations worldwide. 1,204 of these attacks were confirmed by the targeted organizations. The rest were claimed by ransomware groups on their data leak sites, but have not been acknowledged by the targets.
#comparitech#EN#2025#2024#report#ransomware#confirmed#statistcs
·comparitech.com·
Ransomware roundup: 2024 end-of-year report - Comparitech
Cisco Event Response: Reports of Security Incident
Cisco Event Response: Reports of Security Incident
Version 1.1: October 18, 2024 Based on our investigations, we are confident that there has been no breach of our systems. We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables us to support our community by making available software code, scripts, etc. for customers to use as needed. At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published. As of now, we have not observed any confidential information such as sensitive PII or financial data to be included but continue to investigate to confirm. Out of an abundance of caution, we have disabled public access to the site while we continue the investigation. * Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event.
#cisco.com#EN#2024#DevHub#incident#public-facing#report
·sec.cloudapps.cisco.com·
Cisco Event Response: Reports of Security Incident
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
#talosintelligence#EN#2024#vulnerability#report#OpenPLC#CVE-2024-34026
·talosintelligence.com·
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability
Cybercriminals operating ransomware as a service from overseas continue to be responsible for most high-profile cybercrime attacks against the UK
Cybercriminals operating ransomware as a service from overseas continue to be responsible for most high-profile cybercrime attacks against the UK
The deployment of ransomware remains the greatest serious and organised cybercrime threat, the largest cybersecurity threat, and also poses a risk to the UK’s national security. Ransomware attacks can have a significant impact on victims due to financial, data, and service losses, which can lead to business closure, inaccessible public services, and compromised customer data. Threat actors are typically based in overseas jurisdictions where limited cooperation makes it challenging for UK law enforcement to disrupt their activities.
#nationalcrimeagency.gov.uk#EN#2024#ransomware#report#assassment#cybercrime#UK
·nationalcrimeagency.gov.uk·
Cybercriminals operating ransomware as a service from overseas continue to be responsible for most high-profile cybercrime attacks against the UK
Risk assessment report on cyber resilience on EU’s telecommunications and electricity sectors
Risk assessment report on cyber resilience on EU’s telecommunications and electricity sectors
EU Member States, with the support of the European Commission and ENISA, the EU Agency for Cybersecurity, published the first report on the cybersecurity and resilience of Europe’s telecommunications and electricity sectors.
#digital-strategy.ec.europa.eu#2024#EU#ENISA#cybersecurity#resilience#report#electricity#telecommunications
·digital-strategy.ec.europa.eu·
Risk assessment report on cyber resilience on EU’s telecommunications and electricity sectors
'Fortune 50' Company Made Record-Breaking $75M Ransomware Payment
'Fortune 50' Company Made Record-Breaking $75M Ransomware Payment
A major company made a staggering $75 million ransomware payment to hackers earlier this year, according to cybersecurity vendor Zscaler. Zscaler made the claim in a Tuesday report examining the latest trends in ransomware attacks, which continue to ensnare companies, hospitals, and schools across the country.
#pcmag#EN#2024#Zscaler#report#Fortune50#record#ransomware#payment#DarkAngels
·pcmag.com·
'Fortune 50' Company Made Record-Breaking $75M Ransomware Payment
Mid-year Doppelgänger information operations in Europe and the US
Mid-year Doppelgänger information operations in Europe and the US
This report delves into Doppelgänger information operations conducted by Russian actors, focusing on their activities from early June to late-July 2024. Our investigation was motivated by the unexpected snap general election in France, prompting a closer look at Doppelgänger activities during this period. While recent activities have been described since1,2, our first dive into the information operations topic offers a complementary threat-intelligence analysts’ perspective on the matter, brings additional knowledge on associated infrastructure, tactics and motivation in Europe and the United States.
#HarfangLab#EN#2024#Russia#Doppelgänger#disinformation#report
·harfanglab.io·
Mid-year Doppelgänger information operations in Europe and the US
NVD Analysis Report
NVD Analysis Report
The following estimates are calculated using data from the NVD Dashboard. At the time of this reports generation, NVD's 2024 daily average for analyzing new CVEs is 30.27. There is a current backlog of 16777 CVEs awaiting analysis. With an average influx of 111.07 new CVEs per day, a daily average of 217.93 analyses is required to clear this backlog and process new CVEs. Currently, NVD is falling short of this goal by 187.66 CVEs a day. Given this data, if the current daily rate of CVE analysis persists, the projected number of CVEs awaiting analysis by the end of 2024 will be 29462.6.
#fortressinfosec#EN#2024#stats#CVEs#report#estimate#trends#averages
·fortressinfosec.com·
NVD Analysis Report
Largest European DDoS Attack on Record
Largest European DDoS Attack on Record
The risk of distributed denial-of-service attacks (DDoS) has never been greater. Over the past several years, organizations have encountered a deluge of DDoS extortion, novel threats, state-sponsored hacktivism, and unprecedented innovation in the threat landscape.
#Akamai#DDoS#EN#2022#report#record#Europe
·akamai.com·
Largest European DDoS Attack on Record
Defending Ukraine: Early Lessons from the Cyber War
Defending Ukraine: Early Lessons from the Cyber War
This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data gathered and analyzed. Notably, the report reveals new information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits and other organizations outside Ukraine. This report also unveils detail about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war efforts. We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits and civil society to come together. The foreword of this new report, written by Microsoft President and Vice Chair Brad Smith, offers additional detail below.
#microsoft#EN#2022#cyberwar#Russia-Ukraine-war#espionage#report#influence#operations#cyberoperations
·blogs.microsoft.com·
Defending Ukraine: Early Lessons from the Cyber War
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
In this exclusive and groundbreaking report, Free Russia Foundation has translated and published five documents from the GRU, Russia’s military intelligence agency. The documents, obtained and analyzed by Free Russia Foundation’s Director of Special Investigations Michael Weiss, details the...
#4freerussia#EN#2022#GRU#Leak#report#Warfare#Aquarium#Program
·4freerussia.org·
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)
Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)
A couple months ago, my colleague Winston Ho and I chained a series of unfortunate bugs into a zero-interaction local privilege escalation in Zscaler Client Connector. This was an interesting journey into Windows RPC caller validation and bypassing several checks, including Authenticode verification. Check out the original Medium blogpost for Winston’s own ZSATrayManager Arbitrary File Deletion (CVE-2023-41969)!
#spaceraccoon#EN#204#report#vulnerability#Zscaler#Client#Connector#CVE-2023-41973
·spaceraccoon.dev·
Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)
APT trends report Q1 2024
APT trends report Q1 2024
For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research. They provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.
#securelist#Kaspersky#EN#2024#report#APT#Gelsemium#Careto
·securelist.com·
APT trends report Q1 2024
From IcedID to Dagon Locker Ransomware in 29 Days
From IcedID to Dagon Locker Ransomware in 29 Days
  • In late August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was then used through-out the intrusion. The threat actor leveraged a bespoke PowerShell tool known as AWScollector to facilitate a range of malicious activities including discovery, lateral movement, data exfiltration, and ransomware deployment. Group Policy was used to distribute Cobalt Strike beacons at login to a specific privileged user group. The threat actor utilized a suite of tools to support their activities, deploying Rclone, Netscan, Nbtscan, AnyDesk, Seatbelt, Sharefinder, and AdFind. * This case had a TTR (time to ransomware) of 29 days.
#thedfirreport#EN#2024#PrometheusTDS#TTR#IcedID#report
·thedfirreport.com·
From IcedID to Dagon Locker Ransomware in 29 Days
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider | Trend Micro (US)
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider | Trend Micro (US)
On Thursday, April 18, 2024, the UK’s Metropolitan Police Service, along with fellow UK and international law enforcement, as well as several trusted private industry partners, conducted an operation that succeeded in taking down the Phishing-as-a-Service (PhaaS) provider LabHost. This move was also timed to coincide with a number of key arrests related to this operation. In this entry, we will briefly explain what LabHost was, how it affected its victims, and the impact of this law enforcement operation — including the assistance provided by Trend Micro.
#trendmicro#EN#2024#cybercrime#report#LabHost#takedown#PhaaS#Phishing-as-a-Service
·trendmicro.com·
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider | Trend Micro (US)
Largest European DDoS Attack on Record
Largest European DDoS Attack on Record
The risk of distributed denial-of-service attacks (DDoS) has never been greater. Over the past several years, organizations have encountered a deluge of DDoS extortion, novel threats, state-sponsored hacktivism, and unprecedented innovation in the threat landscape.
#Akamai#DDoS#EN#2022#report#record#Europe
·akamai.com·
Largest European DDoS Attack on Record