LockBit Weaponizes Its Victims’ Clients – Brett Callow

Brett Callow, a cybersecurity analyst at Emsisoft, shared information on his Twitter about the broadened tactics the LockBit ransomware group applies to its victims. Imagine a firm gets attacked by ransomware. It is not a novelty that, besides encrypting the data belonging to the company (to demand ransom for giving the data back,) the crooks… Continue reading LockBit Weaponizes Its Victims’ Clients – Brett Callow

Clop ransomware exploits vulnerability in SolarWinds Serv-U

The NCC Group warns of a spike of Clop ransomware attacks (hack group also known as TA505 and FIN11), which exploits a vulnerability in SolarWinds Serv-U. Most of them start off by exploiting the CVE-2021-35211 bug in Serv-U Managed File Transfer and Serv-U Secure FTP. This issue allows a remote attacker to execute commands with… Continue reading Clop ransomware exploits vulnerability in SolarWinds Serv-U

Clop ransomware continues to work even after a series of arrests

The media reported that Clop ransomware continues to work: its operators have again begun posting data stolen from victims on their website. The fact is that last week, as a result of a joint operation carried out with the assistance and coordination of Interpol by the law enforcement agencies of Ukraine, South Korea and the… Continue reading Clop ransomware continues to work even after a series of arrests

Cyber police of Ukraine arrested persons linked with the Clop ransomware

As a result of a joint operation carried out with the assistance and coordination of Interpol by law enforcement agencies and the cyber police of Ukraine, South Korea and the United States, six suspects linked with the notorious Clip ransomware were arrested. Sources close to the investigation told The Record that South Korean police launched… Continue reading Cyber police of Ukraine arrested persons linked with the Clop ransomware