What is REvil? REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such as Sodin and Sodinokibi. There’s been plenty of ransomware before. What makes REvil so special? ...

The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks. According to Bloomberg, the Biden administration has a plan to dramatically improve how power utilities defend themselves against attacks from countries considered to be adversaries in cyberspace - such as Russia,...

Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims' customers, and asking them to demand a ransom is paid to protect their own privacy. At the end of March, Bleeping Computer reported that the Clop ransomware gang had not stopped at threatening hacked companies and...

CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to...

Organisations hit by ransomware attacks are finding themselves paying out more than ever before, according to a new report from Palo Alto Networks. The Unit 42 threat intelligence team at Palo Alto Networks teamed up with the incident response team at Crypsis to produce their latest threat report which looks at the latest trends in ransomware, and...

The FBI is reminding organisations of the serious threat posed by business email compromise (BEC) scams, declaring that it caused over $1.8 billion worth of losses to businesses last year. The newly-published annual cybercrime report from the FBI's Internet Crime Complaint Center (IC3) reveals that it had received a record number of complaints and...

Police in the Netherlands and Belgium have made hundreds of raids, and arrested at least 80 people, after cracking into an encrypted phone network used by organised criminals. In a press release, Europol said that crime-fighting authorities in France, Belgium and the Netherlands had not only arrested a large number of suspected criminals, but also...

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their accounts, have found a new tactic which attempts to swindle Wall Street firms out of significantly larger amounts of money. According to a newly published-report by Agari, scammers are seeking to defraud...

The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world. The men - 31-year-old Jon Chang Hyok, Kim Il, 27, and 36-year-old Park Jin Hyok - are alleged to have been part of North Korea's Reconnaissance General Bureau (RGB), known commonly as the ...

British police have arrested eight men in connection with a series of SIM-swapping attacks which saw criminals hijack the social media accounts of well-known figures and their families. The UK's National Crime Agency (NCA) says it made arrests in England and Scotland as part of an international investigation working alongside the FBI, US Secret...

Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software. In a blog post, Maddie Stone of Google's Project Zero team says that 25% of the zero-day exploits detected in 2020 are closely...

What's happened? Law enforcement agencies across the globe say that they have dealt a blow against Emotet, described by Interpol as "the world's most dangerous malware", by taking control of its infrastructure. Police have dubbed their action against Emotet "Operation LadyBird." What is Emotet? Emotet is an extremely advanced and pernicious...

Most security breaches are the result of one thing: sloppy password practices. Too many people make the mistake of choosing weak passwords, or reusing passwords that they have used elsewhere on the internet - making life too easy for malicious hackers trying to gain unauthorised access. So I was pleased to see Google announce that over the coming...

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work...

In their attempt to extort as much money as quickly as possible out of companies, ransomware gangs know some effective techniques to get the full attention of a firm's management team. And one of them is to specifically target the sensitive information stored on the computers used by a company's top executives, in the hope of finding valuable data...

It's time to say a final "Goodbye" to Flash. (Or should that be "Good riddance"?) With earlier this week seeing the final scheduled release of Flash Player, Adobe has confirmed that it will no longer be supporting the software after December 31 2020, and will actively block Flash content from running inside Flash Player from January 12 2021. In...

Embraer, a Brazilian manufacturer of aircraft, has disclosed that hackers managed to breach its computer systems, and steal data. Although Embraer may not be a household name, it is the world's third-largest producer of civil aircraft (after Boeing and Airbus), having delivered more than 8,000 aeroplanes to date. According to a press release...

Three men have been arrested in Nigeria, suspected of being members of an organised cybercrime gang that has targeted over 500,000 government agencies and private sector companies around the world. The group, dubbed TMT by threat researchers at Group-IB, is said to have engaged in attacks against businesses since at least 2017, tricking company...

So, you're a ransomware gang and you want to ensure that you have caught the attention of your latest corporate victim. You could simply drop your ransom note onto the desktop of infected computers, informing the firm that their files have been encrypted. Too dull? You could lock infected PCs and display a ghoulish skull on a bright red...

An undisclosed number of customers of outdoor clothing retailer The North Face have had their passwords reset by the company, following a credential-stuffing attack. The company has revealed that on October 9, 2020, it became aware that hackers had used usernames and passwords stolen from a third-party website to gain unauthorised access to...