The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- Sophisticated new phishing campaign targets the C-suite
February 5, 2019
A new phishing campaign to steal login credentials is being launched on businesses – specifically the C-suite. Researchers at GreatHorn first discovered the campaign which targets senior executives by claiming to be from the company’s CEO. The fake email regards the rescheduling of a board meeting. By following the link from this email and users are greeted with a ...
- Over 485,000 Ubiquiti devices vulnerable to new attack
February 4, 2019
Ubiquiti Networks is working on a fix for a newly discovered security issue affecting its devices that attackers have been exploiting since July last year. The issue impacts over 485,000 devices, according to an internet scan conducted by US cyber-security firm Rapid7. Mass-exploitation attacks were first spotted last week by Jim Troutman, co-founder of internet exchange point ...
- Collections #2-5 unearthed with 2.2 billion unique records now exposed online
February 1, 2019
Researchers have established that more than 600GB of personal information is circulating online after finding a monster cache of four additional ‘Collection’ folders. The Collection #1 leak discovered earlier this month was considered one of the largest leakages of personal data in history, with more than 773 million unique email addresses, and 22 million passwords, found ...
- Metro Bank targeted with 2FA-bypassing SS7 attacks
February 1, 2019
Metro Bank has reportedly fallen victim to a sophisticated two-factor authentication (2FA) bypass attack after hackers infiltrated a telecoms firm’s text messaging protocol. The Signalling Systems No. 7 (SS7) protocol is used by telecom firms to coordinate how texts and calls are routed around the world. But according to Motherboard, hackers are more actively exploiting SS7, and ...
- Prepare to Defend Your Network Against Swarm-as-a-Service
January 31, 2019
Swarm technology may be a game changer for the bad guys if organizations don’t change their tactics. The digital world we now inhabit creates unprecedented opportunities – both for good and for ill. One of these possibilities is swarm-based tools that can be used to either attack or defend the network. This possibility, or set of possibilities, ...
- Theoretical Ransomware Attack Could Lead to Global Damages Says Report
January 29, 2019
According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers. First of all, it is important to understand that although the numbers look very scary, this type of ...