Daily NCSC-FI news followup 2021-05-02

Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back

www.forbes.com/sites/daveywinder/2021/05/02/ransomware-reality-shock-92-who-pay-dont-get-their-data-back/ According to the Sophos State of Ransomware 2021 report, the number of organizations deciding to pay a ransom has risen to 32% in 2021 compared to 26% last year. That same global survey discovered that only 8% of them got all their data back despite doing so. Nearly a third, 29%, couldn’t recover more than half the encrypted data. The Sophos research suggests that average ransomware recovery costs are now $1.85 million compared to $761,106 a year ago. Sophos found the average paid to be $170,404.

Swiss Cloud becomes the latest web hosting provider to suffer a ransomware attack

therecord.media/swiss-cloud-becomes-the-latest-web-hosting-provider-to-suffer-a-ransomware-attack/ While the incident did not impact the company’s entire server infrastructure spread among different data centers across Switzerland the disruption has impacted server availability for more than 6500 customers.

Lazarus Group Recruitment: Threat Hunters vs Head Hunters

www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/lazarus-recruitment/ This article describes a previously unknown attack by the APT group, reveals the Lazarus Group’s TTPs that allowed attackers to obtain partial control over a pharmaceutical company’s infrastructure in just four days, as well as the tools used by the attackers for preliminary compromise, network reconnaissance, and gaining persistence in the infrastructure of the targeted company.

DigitalOcean admits data breach exposed customers’ billing details

hotforsecurity.bitdefender.com/blog/digitalocean-admits-data-breach-exposed-customers-billing-details-25754.html DigitalOcean explained that an unauthorised party had managed to exploit the flaw to gain access to billing information between April 9 and April 22, 2021. The company underlined that it does not store users’ fill payment card numbers and so they were not exposed. In addition, DigitalOcean says that it has fixed the flaw that the hacker exploited, and informed data protection authorities about the breach.

You might be interested in …

Daily NCSC-FI news followup 2020-08-10

Onko Android-puhelimessasi haittaohjelma? Nämä oireet enteilevät pahaa www.is.fi/digitoday/tietoturva/art-2000006594928.html Haittaohjelmat uhkaavat Android-käyttäjiä jopa virallisessa Google Play -latauskaupassa. Niiden aiheuttamat vahingot voivat näkyä esimerkiksi puhelinlaskussa, mutta haittaohjelman voi usein tunnistaa jo ennen sitä tarkkailemalla puhelimen käytöstä. FBI says an Iranian hacking group is attacking F5 networking devices www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/ Sources: Attacks linked to a hacker group known as […]

Read More

Daily NCSC-FI news followup 2021-01-09

Excelerating Analysis Tips and Tricks to Analyze Data with Microsoft Excel www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html Incident response investigations dont always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an […]

Read More

Daily NCSC-FI news followup 2020-04-29

Rogue affiliates are running fake antivirus expiration scams www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/ Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. Microsoft warns of malware surprise pushed via pirated movies www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/ […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.