Cybercrime

October 2, 2020

More to the point, Check Point security researchers Itay Cohen and Eyal Itkin were able to track 16 Windows Kernel Local Privilege Escalation (LPE) exploits to two different exploit developers known as Volodya (or BuggiCorp) and PlayBit (or luxor2008). 15 of the exploits Check Point successfully matched to a known exploit dev were created between 2015 ...

October 1, 2020

IPStorm, a malware botnet that was first spotted last year targeting Windows systems, has evolved to infect other types of platforms, such as Android, Linux, and Mac devices. Furthermore, the botnet has also quadrupled in size, growing from around 3,000 infected systems in May 2019 to more than 13,500 devices this month. These latest developments put IPStorm ...

September 29, 2020

For many years, the Microsoft Security Intelligence Report has been the gold standard in terms of providing a yearly overview of all the major events and trends in the cyber-security and threat intelligence landscape. While Microsoft unceremoniously retired the old SIR reports back in 2018, the OS maker appears to have realized its mistake, and has ...

September 29, 2020

We recently encountered a variant of Glupteba (detected by Trend Micro as Trojan.Win32.GLUPTEBA.WLDR). Glupteba is a trojan type that has been involved with Operation Windigo in the past. We also reported its attacks on MikroTik routers and updates on its command and control (C&C) servers. With regard to its behavior, the variant shares many similarities with ...

September 29, 2020

There’s been a surge in Distributed Denial of Service (DDoS) attacks throughout the course of this year, and the attacks are getting more powerful and more disruptive. DDoS attacks are launched against websites or web services with the aim of disrupting them to the extent that they are taken offline. Attackers direct the traffic from a ...

September 28, 2020

The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. Many ransomware operations are conducted as a Ransomware-as-a-Service (RaaS), where developers are in charge of developing the ransomware and payment site, and affiliates are recruited to hack businesses and encrypt their ...

September 28, 2020

Universal Health Services (UHS), a Fortune 500 company and one of the largest healthcare providers in the US, has been impacted by a ransomware attack over the weekend. UHS hospitals have been operating without internal IT systems since Sunday morning, according to employees and patients who took to social media today. Some patients have been turned away ...

September 24, 2020

Beginning in H2 2019 we have observed a tendency for decreases in the percentages of attacked computers, both in the ICS and in the corporate and personal environments. In H1 2020 the percentage of ICS computers on which malicious objects were blocked has decreased by 6.6 percentage points to 32.6%. The number was highest in Algeria (58.1%), ...

September 23, 2020

Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations. Tyler Technologies is one of the largest U.S. software development and technology services companies dedicated to the public sector. With a forecasted $1.2 billion in revenue for 2020 and 5,500 employees, Tyler Technologies provides technical services for local governments in ...

September 23, 2020

Microsoft has warned that attackers are actively using the Windows Server Zerologon exploits in attacks and advises all Windows administrators to install the necessary security updates. As part of the August 2020 Patch Tuesday security updates, Microsoft fixed a critical 10/10 rated security vulnerability known as ‘CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability’.from other specific target ...