Category: russia

Auto Added by WPeMatico

Merck Wins Insurance Lawsuit re NotPetya Attack

Posted on By infossl
courts, cyberattack, data destruction, insurance, russia, Security technology, Uncategorized

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute. Merck suffered US$1.4 billion in business interruption losses from the … Read More “Merck Wins Insurance Lawsuit re NotPetya Attack” »

More Russian SVR Supply-Chain Attacks

Posted on By infossl
microsoft, russia, Security technology, supply chain, Uncategorized

Microsoft is reporting that the same attacker that was behind the SolarWinds breach — the Russian SVR, which Microsoft is calling Nobelium — is continuing with similar supply-chain attacks: Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain. This time, … Read More “More Russian SVR Supply-Chain Attacks” »

REvil is Off-Line

Posted on By infossl
cybercrime, cybersecurity, ransomware, russia, Security technology, Uncategorized

This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American targets, the most aggressive of the groups suddenly went off-line early Tuesday. […] Gone was the publicly available “happy blog” the group maintained, listing some of its victims and the group’s … Read More “REvil is Off-Line” »

Details of the REvil Ransomware Attack

Posted on By infossl
cyberattack, malware, ransomware, russia, Security technology, supply chain, Uncategorized, vulnerabilities, zero-day

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. According to Cybereason, the REvil affiliates first gained access to targeted environments and then used the zero-day in the Kaseya Agent Monitor to gain administrative control over the target’s … Read More “Details of the REvil Ransomware Attack” »

More Russian Hacking

Posted on By infossl
cybersecurity, hacking, malware, microsoft, russia, Security technology, Uncategorized

Two reports this week. The first is from Microsoft, which wrote: As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in … Read More “More Russian Hacking” »

The DarkSide Ransomware Gang

Posted on By infossl
business of security, crime, cybercrime, ransomware, russia, Security technology, Uncategorized

The New York Times has a long story on the DarkSide ransomware gang. A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month. DarkSide offers what is known as “ransomware as a … Read More “The DarkSide Ransomware Gang” »

The Misaligned Incentives for Cloud Security

Posted on By infossl
certificates, cloud computing, cyberattack, cyberespionage, essays, externalities, hacking, russia, Security technology, Uncategorized

Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems to then access cloud accounts … Read More “The Misaligned Incentives for Cloud Security” »

Adding a Russian Keyboard to Protect against Ransomware

Posted on By infossl
law enforcement, malware, ransomware, russia, Security technology, Uncategorized

A lot of Russian malware — the malware that targeted the Colonial Pipeline, for example — won’t install on computers with a Cyrillic keyboard installed. Brian Krebs wonders if this could be a useful defense: In Russia, for example, authorities there generally will not initiate a cybercrime investigation against one of their own unless a … Read More “Adding a Russian Keyboard to Protect against Ransomware” »

Ransomware Shuts Down US Pipeline

Posted on By infossl
cybercrime, ransomware, russia, Security technology, Uncategorized

This is a major story: a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. The pipeline supplies much of the East Coast. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it. The White House has … Read More “Ransomware Shuts Down US Pipeline” »