Sat.Mar 19, 2022

article thumbnail

Google Exposes Initial Access Broker Ties to Ransomware

Data Breach Today

Broker Provides Services to Conti, Diavol Ransomware Groups Researchers have uncovered a full-time initial access broker group that serves both Conti and Diavol ransomware groups. Google's Threat Analysis Group - TAG - observed this financially motivated threat actor dubbed Exotic Lily, exploiting a zero-day in Microsoft MSHTML tracked as CVE-2021-40444.

article thumbnail

Weekly Update 287

Troy Hunt

So the plan was to schedule this week's session in advance then right on 17:30 at my end, go live. It mostly worked, I just forgot to press the "go live" button having worked on the (obviously incorrect) assumption that would happen automatically. Lesson learned, session restarted, we'll be all good next week 😊 References Asking about IoT'ing the kids' showers led to lots of wrong answers (maybe I'm just scarred now knowing how much work is involved as so

IoT 107
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. The advisory was published in coordination with the US Treasury Department and the Financial Crimes Enforcement Network (FinCEN). “AvosLocker is a Ransomware as a Service (RaaS) affi

article thumbnail

A Developer Altered Open Source Software to Wipe Files in Russia

WIRED Threat Level

The author of a popular application pushed out an update containing malicious code in an effort to sabotage computers in the country.

Security 104
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Emsisoft releases free decryptor for the victims of the Diavol ransomware

Security Affairs

Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft has released a free decryption tool to help Diavol ransomware victims recover their files without paying a ransom. In January, the FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang , the group that is behind the TrickBot banking trojan.

More Trending

article thumbnail

Crooks claims to have stolen 4TB of data from TransUnion South Africa

Security Affairs

TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release stolen data. TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom payment not to release stolen data.

article thumbnail

Exotic Lily initial access broker works with Conti gang

Security Affairs

Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation. Initial access brokers play an essential role in the cybercrime ecosystem, they provide access to previously compromised organizations to threat actors.

Access 85