[HackerNews] Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what’s the latest action taken by governments to disrupt the lucrative ecosystem.
The takedown was first reported by Reuters, quoting multiple private-sector cyber experts working with the

Source: Read More (The Hacker News)

You might be interested in …

[SANS ISC] Malicious PowerShell Using Client Certificate Authentication, (Mon, Oct 18th)

All posts, Sans-ISC

Attackers have many ways to protect their C2 servers from unwanted connections. They can check some specific headers, the user-agent, the IP address location (GeoIP), etc. I spotted an interesting PowerShell sample that implements a client certificate authentication mechanism to access its C2 server. It’s VT score is 9/56[1] (SHA256:6d3f45db0a991572a7ac8077e2fd8eec29aad99e7efa6cea5e54186ac1abc488). The certification is Base64 encoded and […]

Read More

[SecurityWeek] Signal Working on Improving Anti-Spam Capabilities

All posts, Security Week

Privacy-focused communication platforms Signal is sharing information on the improvements it has made to its spam-prevention capabilities. The task of keeping spam out of user’s inboxes, Signal says, is more difficult compared to other messaging services, because the company does not have access to the contents of messages, and has to fight spam without social […]

Read More

[ZDNet] Colonial Pipeline sends breach letters to more than 5,000 after ransomware group accessed SSNs, more

All posts, ZDNet

Colonial Pipeline said the leaks involved the personal information of current and former employees. Source: Read More (Latest topics for ZDNet in Security)

Read More