Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.Continue reading
As of the time of writing, the three bitcoin wallets associated with the WannaCry ransomware have received a combined total of about 53.8 BTC – just shy of USD 500,000 at current conversion rates . This is despite the “kill switch” and other implementation flaws that impeded its early propagation. It also flies in the face of the numerous articles circulating in the security community that cast doubt on whether it is even possible for WannaCry victims to consistently get their files back.Continue reading
Emerging in mid-2014, Curve-Tor-Bitcoin (CTB) Locker, also known as Critoni, was one of the first ransomware to use Tor to hide its C2 infrastructure, and subsequently evade detection and blocking.Continue reading
The Dark Web is a fascinating, confusing and for some, a shocking place. Amongst the plethora of forums discussing, selling and sharing drugs, guns, pornography, credit cards (the list goes on), cybercriminals of all levels of sophistication also seek to acquire, enhance, and profit from a variety of hacking tools. This post provides examples of trading and collaboration that lie behind development of malicious software (malware), as well as providing examples of how it can be rapidly upgraded and changed.Continue reading
The following is a guest post from business continuity specialists, Databarracks.
Ransomware has become the biggest cause of major recovery for organisations in the UK. Over 50 new variants have emerged since the start of 2016 and outright prevention is practically impossible. Attacks are evolving too quickly and software-based anti-virus solutions simply can’t keep pace.Continue reading