Security daily (15-10-2021)

2021 ransomware transactions already exceed 2020 numbers, Treasury Department says

As of June, financial institutions have already reported 635 suspicious ransomware-related activities to the Financial Crimes Enforcement Network, according to a report out Friday from the Treasury Department — a 30% increase from all reported activity in 2020. The report also found that the cost of ransomware payments is climbing. The total value of the 2021 reports was $590 million — or a $66.4 million monthly average — compared to $416 million for all of 2020. The analysis, which is the first issued under the updated FinCEN threat trend reporting requirements enacted into law earlier this year, underscores both concerns with the growing cost of ransomware as well as the role of virtual currencies in how criminals extort and launder funds. The Treasury Department last month announced its first sanctions against a cryptocurrency exchange for facilitating transactions involving money gained from ransomware. The report, as well as guidance issued Friday […] The post 2021 ransomware transactions already exceed 2020 numbers, Treasury Department says appeared first on CyberScoop. (CyberScoop)

Ransomware demands are up more than 500%, the latest concern for insurers

Ransomware attacks aren’t just becoming more frequent, they’re getting more expensive. Scammers demanded an average payment of $5.3 million from hacking victims through the first six months of 2021, though extortion victims paid a median fee in the hundreds of thousands of dollars, according to a new report from the insurer Allianz. The $5.3 million average represents a 518% increase from the 2020 figure, driven in part by demands to pay up to $50 million after a data breach. The highest demand last year was for $30 million, according to the latest report, which did not identify affected organizations by name. Victims paid an average of $570,000 during the first six months, compared to $312,000 in 2020, Palo Alto Networks said. The figures, published Thursday by Allianz, represent the latest glimpse into how ransomware attacks are becoming exponentially more expensive as victim organizations look to insurance providers to cover the […] The post Ransomware demands are up more than 500%, the latest concern for insurers appeared first on CyberScoop. (CyberScoop)

LANtenna hack spies on your data from across the room! (Sort of)

Are your network cables acting as undercover wireless transmitters? What can you do if they are? (Naked Security)

Critical Infrastruture Security Dubbed Abysmal By Researchers

(News ≈ Packet Storm)

Malware Botnet Gang Steals Millions With Simple Trick

(News ≈ Packet Storm)

Sunderland University Cyber Attack Fix Date Unknown

(News ≈ Packet Storm)

Spamhaus Botnet Threat Update: Q3-2021

(News ≈ Packet Storm)

Attackers Behind Trickbot Expanding Malware Distribution Channels

The operators behind the pernicious TrickBot malware have resurfaced with new tricks that aim to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105, Hive0106 (aka TA551 or Shathak), (The Hacker News)

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages

A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to an (The Hacker News)

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. "This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide (The Hacker News)

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google's Threat Analysis Group (TAG) on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the spike largely stemming from "blocking an (The Hacker News)

Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack

Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. Two of the addressed security flaws are rated Critical, 68 are rated Important (The Hacker News)

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. (Threatpost)

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees. (Threatpost)


/security-daily/ 16-10-2021 23:44:22