As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic “keep good backups” advice.Read More
Our Director of Intelligence, Adam Darrah, in a frank discussion with Chuck Harold from SecurityGuyTV.com at the Corona-Con Virtual Security Conference about election security. Watch Now
Greg Otto talks with Adam Darrah, director of intelligence at Vigilante, about hacker gangs on the dark web, how they run their ransomware operations, and if the cybersecurity community ever gets past the mindset of shaming victims when they are hit with a breach. Click here to listen to the podcast
It’s not enough to acknowledge the threat of ransomware—companies need to be positioned to communicate with threat actors (whether directly or indirectly), contain damage and minimize business interruption associated with this increasingly common form of cyberattack. I talked to David Shear, threat data governance and integration manager of Vigilante, about best practices in preparation and response to ransomware events. Read…
Vigilante wishes to highlight a threat actor or threat actor group on an exclusive Russian-language Dark Web forum that is currently advertising the Ransomware-as-a-Service (RaaS) known as “Smaug”. Although this type service is not entirely new, the Smaug RaaS platform is a particularly attractive option for lower-tier or unskilled cyber criminals to enter the Ransomware threat space, increasing the proliferation…
Vigilante wishes to highlight two more ransomware groups that have adopted the Maze Team model of extorting their victims to pay: NetWalker and Ako. Under the Maze model, once the group has the victim’s data in its possession, it demands two separate ransoms; the first ransom amount is for providing a decryption key and the second is to delete all the data they copied and exfiltrated before locking up the victims’ files.
Vigilante warns that over the last few weeks threat actor group Maze Team is claiming to have attacked at least two insurance companies with ransomware and may be eyeing additional insurance industry victims.