Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware.
Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains shrouded in mystery.
Read more…
Source: Morphisec
Related:
- Nonprofit hospital network suffers IT meltdown after ‘security incident’
October 6, 2022
America’s second-largest nonprofit healthcare org is suffering a security “issue” that has diverted ambulances and shut down electronic records systems at hospitals around the country. CommonSpirit Health, a Chicago-based organization that has more than 1,000 facilities and 140 hospitals across 21 states, this week copped to an “IT security issue” affecting “some” of its locations. The ...
- BlackByte ransomware abuses legit driver to disable security products
October 5, 2022
The BlackByte ransomware gang is using a new technique that researchers are calling “Bring Your Own Driver,” which enables bypassing protections by disabling more than 1,000 drivers used by various security solutions. Recent attacks attributed to this group involved a version of the MSI Afterburner RTCore64.sys driver, which is vulnerable to a privilege escalation and code ...
- Russian Hackers Reveal List of American Targets for Attack
October 5, 2022
A pro-Russian computer hacking cell announced it will be launching a series of cyber attacks on a number of United States government websites in an apparent response to escalating tensions between the country and the North Atlantic Treaty Organization (NATO). In a Telegram post Wednesday, Killnet, a notorious “hacktivist” group formed at the onset of the ...
- Uncommon infection and malware propagation methods
October 5, 2022
Kaspersky researchers are often asked how targets are infected with malware. Their answer is nearly always the same: (spear) phishing. There will be exceptions, naturally, as they will encounter RCE vulnerabilities every now and then, or if the attacker is already on the network, they will use tools like PsExec. But that’s it — most ...
- New Android malware ‘RatMilad’ can steal your data, record audio
October 5, 2022
A new Android spyware named ‘RatMilad’ was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. The RatMilad spyware was discovered by mobile security firm Zimperium who warned that the malware could be used for cyber espionage, extortion, or to eavesdrop on victim’s conversations. “Similar to other mobile spyware we ...
- NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization
October 4, 2022
FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization. The advisory, “Impacket, ...