Operations | Monitoring | ITSM | DevOps | Cloud

Malware

Operationalize Ransomware Detections Quickly and Easily with Splunk

In 2019 multiple cities, hospitals and educational institutions in the U.S. were crippled by ransomware, including Baltimore, Atlanta, New York City, Regis University in Denver and Monroe University in New York. In the the last 12 months, the infosec community has seen these ransomware operators seriously upping their game (see Ryuk ransomware).

5.4 Million Customers Risk Credit Card Theft with Khaadi

During research into client side attacks, we recently observed a skimmer loading on the popular Pakistani fashion website, Khaadi. Khaadi is a global brand including seven stores in the UK and the company boasts over 5.4 million followers on social media. Khaadi have faced negative press recently, after an uproar about inhuman workplace conditions in 2017, and narrowingly avoiding going into administration in 2019.

Recovering from OneDrive for Business ransomware attacks

Ransomware has been a growing threat in recent years, and experts now estimate the cost of these attacks at $7.5 billion in the USA alone in 2019. The affected institutions include 966 government agencies, educational establishments, and healthcare providers. Since most ransomware attacks stem from a small mistake made by one end user, either through phishing emails or stolen credentials, the threat is only expected to increase in the years to come.

Ransomware, interrupted: Sodinokibi and the supply chain

Last month, the Elastic Security Protections Team prevented an attempted ransomware attack targeting an organization monitored by one of our customers, an IT Managed Service Provider (MSP). We analyzed the alerts that were generated after an adversary’s process injection attempts were prevented by Elastic Endpoint Security on several endpoints. Adversaries often attempt to inject their malicious code into a running process before encrypting and holding the victim’s data to ransom.

Visa Security Alert for New Self-Cleaning Skimmer - Pipka

Visa have reported a new security alert for an advanced, self-cleaning, JavaScript skimmer named Pipka. The security researchers at Visa’s Payment Fraud Disruptions (PFD) discovered the skimmer in September earlier this year. The skimmer was first seen on a North American ecommerce website which had previously been infected with a different skimmer, Inter. Visa have now identified another 16 additional sites with hosting the Pipka code.

How to Keep Malware Out of Your Printers

The landscape of cybersecurity is always changing, and new threats are constantly emerging. One of the newest – and the most interesting, if you are into that kind of thing – is the rise of printer malware. This type of malware started to be reported in November 2017, when Barracuda Labs saw an attack where cybercriminals spoofed a printer to send a malicious attachment that appeared to be a legitimate file sent by a network printer.

Android malware: How do enterprises tackle this ever-growing menace?

Let us first agree on a couple of things before we start: One, Android is the most affordable platform for enterprises with a mobile-first/mobile-only workforce, and it has the smallest learning curve of any mobile OS. Two, due to its very open-source nature, Android is easy for malicious actors to pray on, with the Google Play Store being the breeding ground for many attacks.

5 Tips for Preventing Ransomware Attacks

You don't need to be a cybersecurity expert to know that ransomware attacks have become one of today's greatest IT security threats. From WannaCry to the attack against the city of Atlanta, major ransomware exploits have become so commonplace in the last few years that they may seem impossible to avoid. Fortunately, preventing ransomware is far from impossible. Let's take a look at a few strategies you can put in place to mitigate your risk of becoming part of the next ransomware statistic.

Yet another malware attack: macOS now the target for security attacks

Mac usage, as you’ve probably seen in your workplace, has risen exponentially in enterprises. According to a Jamf survey, 74 percent of those who previously used a PC for work experience fewer issues now that they use a Mac. Just like you’ve been watching the rapid rise of Macs in enterprises, so have attackers—the ones wreaking havoc in enterprises through malware attacks.