The “FIN12” threat group has been attracting attention for deploying ransomware in a quarter of the time typically needed, making it one of the fastest ransomware groups active today. Unlike other groups, FIN12 has not fully embraced the double-extortion technique, relying mainly on encryption. This approach enables the group to focus on improving attack efficiency, and to avoid problems with managing data-leak websites. FIN12 has primarily targeted the healthcare sector; the elevated risk posed by blocking access to healthcare systems likely explains the group’s success in receiving ransom payments. Such attacks have allegedly resulted in deaths. Regardless of the consequences, FIN12 is expected to wage more attacks, and probably become more efficient and destructive.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022