The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- Hackers Found Using A New Code Injection Technique to Evade Detection
April 13, 2018
While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird, being used by at least three different sophisticated malware that helped attackers evade detection. As its name suggests, Early Bird is a “simple yet powerful” technique that allows attackers to inject malicious code into a legitimate ...
- ‘Dark web’ targeted in crime crackdown by Government
April 11, 2018
Criminals are emboldened by the anonymity of the dark web, which has become a platform for horrific abuse, the Home Secretary will say today. New funding to crack down on the “dangerous” dark web will be launched by Amber Rudd in a speech at the Government’s flagship event for cybersecurity. Read more… Source: Sky News
- Delta Confirms Breach Of Customer Payment Details
April 5, 2018
Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...
- 1.5 billion sensitive files exposed by misconfigured servers, storage and cloud services
April 5, 2018
Researchers have discovered over 1.5 billion sensitive files including payroll information, credit card details, medical data, and patents for intellectual property are exposed online, putting consumers and businesses at risk of theft, cybercrime, and espionage. But the information exposed online — which amounts to a total of 12,000 terabytes of data — isn’t there as a ...
- Rarog Trojan ‘Easy Entry’ For New Cryptomining Crooks, Report Warns
April 5, 2018
A malware family called Rarog is becoming an appealing and affordable tool for hackers to launch cryptocurrency mining attacks, researchers say. They say the Trojan is low priced, easily configurable and supports multiple cyrptocurrencies, making it an appealing option for hackers. Palo Alto Networks’ Unit 42 research team, which posted a blog on Wednesday after tracking Rarog for months, ...
- A new Mirai-style botnet is targeting the financial sector
April 5, 2018
A botnet made up of hijacked internet-connected televisions and web cameras has a new target, security researchers have found. Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months. New research by Recorded Future’s Insikt Group published Thursday points to what’s likely to be the IoTroop botnet, used to pummel financial ...