This Week in Security News June 18, 2021 VP, Threat Intelligence
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn how Bash ransomware DarkRadiation targets Red Hat- and Debian-based Linux distributions. Also, read about Trend Micro’s new zero trust capabilities that include risk insight.
Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
Trend Micro recently discovered that Bash ransomware’s attack chain is fully implemented as a bash script, but also seems under development. In this blog, Trend Micro researchers analyze how certain hacking tools are used to move laterally on victims’ networks to deploy ransomware. These tools contain reconnaissance/spreader scripts, exploits for Red Hat and CentOS, binary injectors, and more.
Trend Micro Touts Zero Trust Risk Insights, Teases SASE
Trend Micro added zero trust capabilities to its security arsenal and teased a future secure access service edge (SASE) service to kick off its annual customer event, Perspectives. A handful of technologies support zero trust, and Trend Micro’s builds on its extended detection and response (XDR) Vision One platform, which collects telemetry across email, clouds, networks, and software-as-a-service (SaaS) applications to hunt for and respond to security threats.
Amazon Prime Day Big Sales, Big Scams
For many people, major online shopping events, such Amazon Prime day, presents a unique opportunity to purchase goods at heavily discounted prices. However, shoppers are not the only ones looking to benefit — cybercriminals are also looking to prey on unsuspecting victims via social engineering tactics and other kinds of scams. In this blog, learn how to protect yourself and avoid these scams.
Ukrainian police have arrested six people, alleged members of the notorious Clop ransomware gang – seizing cash, cars, and several Apple Mac laptops and desktops. In March, the Clop gang targeted infosec firm Qualys, dumping stolen data online in an apparent extortion attempt. In a recent report, Trend Micro noted that compared to the most infamous ransomware gangs, Clop led the way with 5TB of stolen data published online in various places.
Is this the “Summer of Cybercrime”?
With the news increasingly being flooded with cyber-attacks, and summer just around the corner, this might go down as the “Summer of cybercrime” as opposed to being known as another summer in quarantine. Malicious actors are not taking vacations — instead, they are ramping up their attacks on organizations around the world. In this blog, learn security recommendations you can implement to help minimize the risk of compromise.
Will Ransomware Attacks Push Congress to Enact Regs?
After hearings in the Senate and the House on ransomware attacks that have put the nation’s critical infrastructure in danger, some security experts say Congress may be poised to take action to create greater regulatory oversight of cybersecurity within certain industries. While Congress debates legislation, law enforcement agencies are taking action in an attempt to interrupt the virtual currency payments that make the ransomware model work.
A Chat with Experts on Zero Trust Security and Risk Insights
Moving forward, Zero Trust will be the key strategy to secure the ever-changing hybrid workplace. Watch this video and listen in as two Trend Micro security experts discuss how risk insights are a key component of Zero Trust security.
Russian Accused of Helping Kelihos Malware Evade Detection Convicted in U.S.
This week, a Russian national was found guilty of one count of conspiracy to commit computer fraud and abuse and one count of aiding and abetting computer fraud and abuse. According to the U.S. Justice Department, Oleg Koshkin developed a system that enabled the notorious Kelihos botnet to create many variants to help evade detection. Kelihos was at one point one of the biggest botnets, before being taken down in 2017. Koshkin faces up to 15 years in prison, with sentencing scheduled for September 20, 2021.
Hijacked Data and Giant Slayers: How Enterprises can Deflect Million-Dollar Ransomware Demands
Blue-chip businesses are not the only ones that have been hit hard by recent ransomware strikes, threats to business continuity can have rippling effects on consumers as well. In this blog from Trend Micro, learn about best practices and countermeasures to avert any shakedowns at the hands of cybercriminals.
Health Care Ransomware: Oklahoma Health System Driven to Downtime
The health care sector is amid yet another ransomware wave, after a previous onslaught of attacks and outages investigated by the FBI in the fall of 2020. Recent data shows provider organizations have continued to be a leading target for nefarious actors. Stillwater Medical Center was hit with a ransomware attack on June 13 and is currently operating under electronic health record downtime as it attempts to bring its systems back online.
Trend Micro and JC3 Study on Fraud Phishing Targeting Japanese Users
The Cyber Security Institute at Trend Micro, together with Japan Cybercrime Control Center (JC3) and its member organizations, have been researching and analyzing phishing fraud groups. This blog details the aspects of two major phishing fraud groups identified from the research and analysis.
Ransomware Double Extortion and Beyond: REvil, Clop, and Conti
Ransomware-stricken organizations grapple with multi-level extortion schemes that are advancing at an alarming rate. In this report, Trend Micro researchers looked at three ransomware families – REvil, Clop and Conti – to analyze what exactly happens in their campaigns.
CISA Addresses Rising Ransomware Threats in Operational Technology Assets in New Fact Sheet
The Cybersecurity and Infrastructure Security Agency (CISA) recently addressed the recent rise in ransomware attacks targeting operational assets (OT) and control systems. The guidance from the CISA provides steps to prepare and respond to attacks, identifies how dependencies between an enterprise’s IT and OT systems can be vulnerable, and explains how to decrease the risk of severe business degradation if affected by a ransomware attack.
What are your thoughts on the summer of cybercrime? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
Read More HERE
