The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- Cybercrime: Ransomware remains a ‘key’ malware threat says Europol
September 18, 2018
Targeted attacks replace spam campaigns, but Europol’s annual cybercrime report also warns that cryptojacking malware “may overtake ransomware as a future threat”. Ransomware remains the top malware threat to organisations, causing millions of dollars of damage and remaining a potent tool for cyber criminals and nation-state attackers. The rise of highly targeted file-locking malware campaigns and the ...
- US State Department confirms: Unclassified staff email boxes hacked
September 18, 2018
The US State Department has confirmed one of its email systems was attacked, potentially exposing the personal information of some of its employees. Uncle Sam’s officials said in a statement to The Register on Tuesday that “suspicious activity” in its email system led it to send out warnings to a number of employees whose personal information may have ...
- Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras
September 17, 2018
Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug. Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability that allows hackers to access surveillance cameras, spy on and manipulate video feeds or plant malware. According to a Tenable Research Advisory issued Monday, the bugs are ...
- Bristol Airport blames hackers for three day technical meltdown
September 16, 2018
A cyber attack was the cause behind a three day technical meltdown, according to Bristol Airport. The airport’s information screens were out of service on both Friday and Saturday, with holidaymakers having to read departure times off whiteboards scattered around the airport. An airport spokesman said several systems were taken offline on Friday in a bid to ...
- Crooks Combine Phishing and Impersonation For Higher Success Rate
September 12, 2018
While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees. Phishing emails are easy to deploy and do not require other preparation from the attacker than crafting a vague message that is sufficiently convincing for a large ...
- Osiris Banking Trojan Displays Modern Malware Innovation
September 12, 2018
Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years. After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form dubbed Osiris. A wider analysis of how the banking trojan is evolving shows innovative development on ...