Windows TCO: Ransom, Breaches and More
-
Federal News Network ☛ Addressing the public sector’s penetration testing problems
The public sector is struggling to break free of an outdated model of penetration testing (pentesting) that requires federal civilian agencies and state, local and higher education institutions alike to contend with approaches that don’t scale and can introduce their own security challenges. But these antiquated methods of security testing can’t be addressed until organizations understand what causes these problems: bandwidth, efficiency and security.
-
[Repeat] Security Week ☛ Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps
According to Matthew Prince, the company’s CEO, the attack peaked at 3.8 terabits per second (Tbps) and 2.14 billion packets per second (Pps). The attack was aimed at an unidentified customer of an unnamed hosting provider that uses Cloudflare services.
-
Tripwire ☛ Tick Tock.. Operation Cronos Arrests More LockBit Ransomware Gang Suspects
International law enforcement agencies have scored another victory against the LockBit gang, with a series of arrests and the seizure of servers used within the notorious ransomware group's infrastructure.
As Europol has detailed in a press release, international authorities have continued to work on "Operation Cronos", and now arrested four people, seized servers, and implemented sanctions against an affiliate of the ransomware group.
-
Threat Source ☛ Threat actor believed to be spreading new MedusaLocker variant since 2022
Talos has recently observed an attack leading to the deployment of a MedusaLocker ransomware variant known as “BabyLockerKZ.” The distinguishable techniques — including consistently storing the same set of tools in the same location on compromised systems, the use of tools that have the PDB path with the string “paid_memes,” and the use of a lateral movement tool named “checker” — used in the attack led us to take a deeper look to try to understand more about this threat actor.
-
The Register UK ☛ Ransomware crew infects 100+ orgs monthly with BabyLockerKZ
The miscreant, whom Talos has dubbed "PaidMemes," uses a recent MedusaLocker variant called "BabyLockerKZ," and inserts the words "paid_memes" into the malware plus other tools used during the attacks.
In research published today and shared exclusively with The Register, the threat intel group asserts, "with medium confidence," that PaidMemes is financially motivated and working as an initial access broker or ransomware cartel affiliate, attacking a ton of businesses arond the globe for at least the last two years.
-
[Old] National Association of Citizens Advice Bureaux ☛ Return faulty goods
You’ll have legal rights if the item you bought is:
• broken or damaged - this is known as not of satisfactory quality
• unusable - this is known as not fit for purpose
• not what was advertised or doesn’t match the seller’s description