The new “BlackMatter”, “Haron”, and “El_Cometa” ransomware groups, which surfaced in the past three weeks, bear significant similarities to ransomware groups that disappeared last month. In addition, “Babuk” and “Lockbit” have returned to the scene as “2.0” versions of their original groups. Both phenomena point to a rebranding effort of ransomware operators―some claiming significant advancements in capability and technical sophistication. The rebranding trend likely represents the completion of a ransomware development cycle, which is often observed after groups cease attacks, and will probably bring new ransomware operations. In general, an increase in ransomware activity against all sectors and geographies is likely over the short-term future (one to three months), coinciding with the emergence of new (or rebranded) ransomware groups.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.