The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to collaborate, amplifying the impact and reach of cyberattacks. The market for such access has grown notably, especially as ransomware operators increasingly employ double-extortion tactics.
Read more…
Source: Rapid7
Related:
- After Windows and Android, Operation Emmental Starts Targeting Apple Users
July 11, 2017
Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...
- Private Decryption Key For Original Petya Ransomware Released
July 7, 2017
Rejoice Petya-infected victims! The master key for the original version of the Petya ransomware has been released by its creator, allowing Petya-infected victims to recover their encrypted files without paying any ransom money. But wait, Petya is not NotPetya. Do not confuse Petya ransomware with the latest destructive NotPetya ransomware (also known as ExPetr and Eternal Petya) attacks ...
- MCMC probing cyber attacks on online trading platforms
July 7, 2017
The Malaysian Communications and Multimedia Commission (MCMC) is looking into reports of suspected cyber attacks disrupting online trading at several local brokerages. The regulator said it was assisting the stock exchange in investigating the disruption, a report by Nikkei Markets said on Friday. This comes after several brokerages alerted clients that their online broking services had been ...
- Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack
July 5, 2017
Ukrainian National Police has released a video showing officers raiding company of M.E.Doc accounting software makers, whose systems have been linked to outbreak of Petya (NotPetya) ransomware that recently infected computers of several major companies worldwide. On 4th July, masked police officers from Ukrainian anti-cybercrime unit — carrying shotguns and assault rifles — raided the software ...
- Researchers Find BlackEnergy APT Links in ExPetr Code
July 3, 2017
Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr code. Parallels were first identified in targeted extensions used by both BlackEnergy and ExPetr, ...
- Oil & Gas Industry Faces More Frequent & Sophisticated Cyber Attacks: Deloitte
June 27, 2017
Three out of four oil and natural gas companies fell victim to at least one cyber attack last year as hacking efforts against the industry become more frequent and sophisticated. That’s the finding from a report released Monday by industry consultant Deloitte LLP. Technology advances, such as Royal Dutch Shell Plc’s recent control of operations in Argentina ...