The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- New SamSam ransomware campaign aims at targets across the US
October 30, 2018
SamSam ransomware is still plaguing organisations across the US, with fresh attacks against 67 new targets — including at least one involved with administering the upcoming midterm elections. The malware is designed in such a way that it in addition to encrypting files and data across target networks, it also goes after backups as a means ...
- Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
October 30, 2018
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices. Voter information is rich with details that could help an attacker learn enough about the victim to steal their identity. Cybersecurity company Carbon Black, at least one market on the dark web lists for sale voter ...
- Malware Distributors Adopt DKIM to Bypass Mail Filters
October 25, 2018
In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as they have adopted new techniques ...
- GreyEnergy: New malware campaign targets critical infrastructure companies
October 17, 2018
The hacking group which took down Ukrainian power grids is systematically targeting critical infrastructure in Ukraine and beyond in what security researchers believe could be cyber espionage and reconnaissance ahead of future attacks. Dubbed GreyEnergy by researchers at ESET, the group is believed to have been active over the last three years and to be linked to ...
- UK National Cyber Security Centre Reveals Scale Of Cyber Attacks
October 16, 2018
Two year since its launch, NCSC helped the UK against almost 1,200 cyber attacks, most carried out by hostile nation states The UK’s National Cyber Security Centre (NCSC) has revealed that it helps the country fend off at least ten cyber attacks a week, most of which come from state-sponsored hackers employed by hostile nation states. This ...
- Octopus Trojan exploits Telegram ban fears to snag diplomatic targets across Asia
October 15, 2018
Researchers have uncovered the Octopus Trojan in a wave of cyberattacks being launched against diplomatic entities across central Asia. According to cybersecurity firm Kaspersky Lab, the targeted campaign has used the recent ban of Telegram messenger across Russia and reported attempts to ban the service across some former Soviet areas such as Kazakhstan to dupe victims into believing ...