The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- Email verification service takes itself offline after 800 million records get publicly exposed
March 8, 2019
An online email verification service has taken itself offline after approximately 809 million of its customers’ emails were exposed through an unprotected server. Researchers discovered a non-password protected MongoDB instance amounting to 150GB of data split across four separate collections last week. They analysed this exposed data, 808,593,939 records in total, and published their findings on Thursday. The exposed ...
- Data-Wiping Cyberattacks Plague Financial Firms
March 6, 2019
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts to Cyberspace,” outlines the top attacks that financial firms are facing ...
- Fileless Banking Trojan Targeting Brazilian Banks Downloads Possible Botnet Capability, Info Stealers
March 4, 2019
Trend Micro analyzed a fileless malware with multiple .BAT attachments and a batch file from IoCs reported by researchers online that was capable of opening an IP address, downloading a PowerShell with a banking trojan payload, and installing a hack tool and an information stealer. Looking further, we observed it stealing machine information and user ...
- How the Dark Web Data Bazaar Fuels Enterprise Attacks
March 3, 2019
It seems every aspect of our lives is available to be found somewhere on the internet. And the information available isn’t simply embarrassing browsing histories but ranges from our medical histories to the logon credentials we use to access many of our online services. This is certainly a privacy concern, but it’s also increasingly an enterprise ...
- Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
March 1, 2019
Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a fresh hiding technique to avoid detection while quietly adding more bots to its web. According to research from Black Lotus Labs, which is telecom and ISP provider CenturyLink’s network security arm, Necurs last year began implementing regular, sustained downtime segments ...
- RSA Security Conference: The race to plug a $6 trillion security hole
March 1, 2019
More than 50 thousand of the world’s top computer security professionals will be in San Francisco this week for the RSA Conference. While they talk, the hole in the cybersecurity world is getting bigger every year and is on track to swallow $6 trillion in annual damages by 2021 — a doubling from $3 trillion in ...