Q3 of 2022 has provided us with many interesting insights into the ransomware industry. Instead of fairly wide distribution of victims between the various ransomware groups, we saw consistency from Lockbit3.0, as they remain the number one group with 37% of all ransomware attacks this quarter, an increase of 5% since the previous quarter, whereas […]
Key Takeaways Sygnia recently investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs. Further analysis revealed that Cheerscrypt and Night Sky are both rebrands of the same threat group, dubbed ‘Emperor Dragonfly’ by Sygnia. ‘Emperor Dragonfly’ (A.K.A. DEV-0401 / BRONZE STARLIGHT) deployed open-source tools that were written by Chinese developers for Chinese users.
Night Sky and Cheerscrypt: Revealing a Unified Chinese Ransomware Group Read More »
Welcome to the T2 2022 issue of the ESET Threat Report! The past four months were the time of summer vacations for many of us in the northern hemisphere. It appears that some malware operators also took this time as an opportunity to possibly rest, refocus, and reanalyze their current procedures and activities. According to
Findings from an independent, vendor-agnostic survey of 5,600 IT professionals in mid-sized organizations across 31 countries, including 199 respondents from the state and local government sector. Introduction Sophos’ annual study of the real-world ransomware experiences of IT professionals in the state and local government sector has revealed an ever more challenging attack environment. Together with
The State of Ransomware in State and Local Government 2022 Read More »
Over the past year, the business world has been adjusting to lessons learned from the COVID pandemic. On a workforce level, companies are struggling to decide the best ways to balance employee flexibility and corporate culture. On a technical level, the many benefits of a cloud-first architecture are being weighed against the challenges of managing
Critical infrastructure, which for the purposes of this report includes energy/utilities, telecommunications, transportation and trucking/ shipping companies, became top of mind for many beginning in 2020 when high-profile security attacks impacted millions of people across the globe. From the ransomware attack that compromised a major U.S. gas pipeline in 2021 to the rise of nation-state
2022 Thales Data Threat Report: Critical Infrastructure Edition Read More »
Introduction and summary Acronis was the first company to implement complete integrated cyber protection to protect all data, applications and systems. Cyber protection requires the researching and monitoring of threats, as well as abiding by the five vectors of safety, accessibility, privacy, authenticity and security, or SAPAS. As part of the strategy, we’ve established four
Cyber Protection Operation Centers Report: Ransomware dominates threat landscape Read More »
Introduction Cybercriminals emboldened by underground ransomware economy While ransomware continues to be a headline-grabbing topic, there’s ultimately a relatively small, connected ecosystem of players driving this sector of the cybercrime economy. The specialization and consolidation of the cybercrime economy has fueled ransomware as a service (RaaS) to become a dominant business model, enabling a wider
Competition has always been fierce among cryptominers and RATs, but ransomware bucks the trend. Since their inception, the Sophos Managed Detection and Response (MDR) and Rapid Response (RR) teams have been called in to investigate hundreds of ransomware incidents, including intervening in active attacks where the attackers were still on the target’s network. In recent
2021 Top MalwareStrains This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC). This advisory provides details on the top malware strains observed in 2021. Malware, short for “malicious software,” can compromise a system by performing an unauthorized function or process. Malicious cyber
