gelişim üniversitesi
  Cyber Security Application And Research Center -

FBI Warns of BlackCat Ransomware Violating More than 60 Organizations Worldwide

gelişim üniversitesi
  1.   Cyber Security Application And Research Center
  2. News


FBI Warns of BlackCat Ransomware Violating More than 60 Organizations Worldwide


ABD Federal Soruşturma Bürosu (FBI), geçen Kasım ayında ortaya çıkmasından bu yana Mart 2022 itibariyle dünya çapında en az 60 kuruluşu mağdur ettiğini söylediği BlackCat hizmet olarak fidye yazılımı (RaaS) için alarm veriyor.


The ransomware, also called ALPHV and Noberus, is notable for being the first malware written in the Rust programming language, which is known to be memory-safe and offers improved performance.
 
"Many BlackCat/ALPHV developers and money launderers are affiliated with DarkSide/BlackMatter, suggesting they have extensive networks and experience with ransomware operations," the FBI said in an advisory released last week.
 
The disclosure comes weeks after twin reports from Cisco Talos and Kaspersky revealed links between the BlackCat and BlackMatter families of ransomware, including the use of a modified version of a data-spoofing tool called Fendr that had previously only been observed at BlackMatter-related activities.
 
"Aside from the evolving advantages Rust offers, attackers also benefit from a lower detection rate than static analysis tools, which are often not adapted to all programming languages," AT&T Alien Labs said earlier this year.
 
Like other RaaS groups, BlackCat's modus operandi involves stealing victim data before the execution of ransomware, and the malware often uses compromised user credentials to gain initial access to the target system.
 
In a BlackCat ransomware incident analyzed by Forescout's Vedere Labs, an internet-facing SonicWall firewall was hacked to gain initial access to the network before it was migrated to a VMware ESXi virtual farm and encrypted. The ransomware distribution is said to occur on March 17, 2022.
 
Besides advising victims to immediately report ransomware incidents, the law enforcement agency said it did not encourage paying the ransom, as no guarantee that encrypted files would be recovered. But he acknowledged that victims could be compelled to heed such requests to protect shareholders, employees, and customers.
 
As a recommendation, the FBI urges organizations to review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts, take offline backups, apply network segmentation, apply software updates, and protect accounts with multi-factor authentication.

News

All News
18 Teams of Istanbul Gelişim University are preparing to blow like a storm in the Teknofest Competition!

Istanbul Gelisim University is emerging as a hub of innovation, encouraging its students in R&D and technology. The university boasts 18 teams participating in Teknofest, one of Turkey's most prestigious technology competitions.

19 February 2024 Monday
Russian APT Hackers Used COVID-19 Traps to Target European Diplomats

The Russia-linked threat actor, known as APT29, targeted European diplomatic missions and Foreign Ministries as part of a series of spear phishing campaigns in October and November 2021.

03 February 2023 Friday
New Flaws Found in Cisco's Network Operating System for Switches

Cisco has released software updates to address four vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems.

03 February 2023 Friday
Popular NPM Package Updated to Delete Russia and Belarus Systems to Protest Ukraine Invasion

As a deliberate sabotage, the developer behind the popular "node-ipc" NPM package sent a tampered-up new version to denounce the Russian invasion of Ukraine, raising concerns about open source and security in the software supply chain.

03 February 2023 Friday
FBI Warns of BlackCat Ransomware Violating More than 60 Organizations Worldwide

ABD Federal Soruşturma Bürosu (FBI), geçen Kasım ayında ortaya çıkmasından bu yana Mart 2022 itibariyle dünya çapında en az 60 kuruluşu mağdur ettiğini söylediği BlackCat hizmet olarak fidye yazılımı (RaaS) için alarm veriyor.

03 February 2023 Friday
Twitter fined $150 million for using user data for unauthorized advertising purposes

Twitter, which is in the process of being acquired by Tesla CEO Elon Musk, has agreed to pay the US Federal Trade Commission (FTC) $150 million to resolve allegations that it misused non-public information collected for security purposes to serve targeted ads.

03 February 2023 Friday
Hackers use Mitel VoIP Zero-day in potential ransomware attack

A suspected ransomware attack against an anonymous target exploited a Mitel VoIP device as an entry point to perform remote code execution and provide initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device located in the network perimeter, while also identifying a previously unknown exploit, as well as several actor-adopted forensics measures.

03 February 2023 Friday
Cybercrime Groups Are Increasingly Embracing the Ribbon Command and Control Framework

Nation-state threat actors are increasingly adopting and integrating the Sliver command and control (C2) framework in their intrusion campaigns, replacing Cobalt Strike.

03 February 2023 Friday
World universities were ranked according to their "Power of Impact": Istanbul Gelisim University has ranked 24th in Quality Education!

An organization ranking and evaluating world universities, Times Higher Education’s (THE) Impact Ranking 2021 results have been announced. In the ranking, Istanbul Gelisim University (IGU) has ranked 24th to provide the highest quality education among the universities in the world, and achieved a great success.

21 April 2021 Wednesday

gelişim üniversitesi

Adress: Cihangir Mah. Şehit Jandarma Komando Er Hakan Öner Sk.No:1 Avcılar / İSTANBUL

Phone
FAX
EMAIL

© Copyright 2022 Istanbul Gelisim University All Rights Reserved.