The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- Russian Banks Under Phishing Attack
November 16, 2018
Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers. The group is believed to have a background in legitimate infosec activities and access to documentation specific to the financial sector. The fraudulent emails purported to come from the Central Bank of Russia (CBR) ...
- The US Office of Personnel Management Systems Are Still Insecure
November 14, 2018
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019. GAO carried out between February 2015 ...
- State-Sponsored Actors Focus Attacks on Asia
November 14, 2018
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises, “In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe.” Although, not only state-sponsored groups are focusing their attention on this ...
- Devastating Cyberattack Shakes Up Pakistan’s Financial Sector
November 14, 2018
According to PakCERT’s Qazi Misbah, 22 banks in the country were subject to a catastrophic cyber attack on October 27th of this year. 19,864 accounts with client banking data were hit, with some victims saying that funds were stolen. Amongst the many targets was the former Chief Scientist of Khan Research Laboratories, who says that Rs3 ...
- Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants
November 13, 2018
Cybercriminals have become more and more creative and efficient in their efforts to successfully bypass network security. Reports of unauthorized network intrusions that have compromised enterprise security, resources, and data, plague experts on a day-to-day basis, and will continue to do so if not prevented by a more efficient detection system or method. Currently, attackers use polymorphism, ...
- Cathay Pacific hack: Airline admits techies fought off cyber-siege for months
November 12, 2018
Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, ...