Discover and read the best of Twitter Threads about #Ransomware

Most recents (24)

"The gvt of #Russia views the US as its primary adversary..." Kurtis Ronnow, deputy asst dir for of the @FBI's Counterintelligence Division, tells @USChamber during virtual briefing on #cyber
"#Russia's malign influence efforts are ongoing" & involve #cyber, other means, per @FBI's Ronnow
US officials "remain concerned" #Russian cyber criminals will target US businesses, critical infrastructure in support of #Russia's ops in #Ukraine, Mike Herrington, section chief of the @FBI's Cyber Division tells @USChamber
Read 13 tweets
Bir çoğunuzun haberi yoktur fakat geçtiğimiz hafta büyük bir kaç #ransomware vakası yaşandı. VmCenter açığından faydalanarak gerçekleştirilen bu saldırıdan 2 #datacenter etkilendi. Acilen olay yerine müdahale etmemiz istendi.
Saldırının analizini yapmak, zafiyete sebebiyet veren açığı tespit etmek, olası güvenlik tedbirleri vb çalışmaları yapmaya zaman yoktu. Yüzlerce sunucudan oluşan bir veri kaybının olduğu bir yerde önceliğin bu olması mantıklı da olmazdı zaten.
Birinci önceliğimiz tüm sistemi yeniden ayağa kaldırmak ve mağduriyeti gidermek olduğu için kolları sıvadık ve çalışmalara başladık. Öncesinde #hacker ile bazı iletişimler kurulduğunu ve bir miktar fidye ödendiğini olay yerine ulaştıktan sonra öğrendik.
Read 20 tweets
Tras realizar una encuesta el martes, en la que más de la mitad ha reconocido que en la empresa en la que trabaja hay un margen de mejora a la hora de proteger una empresa frente a #ciberataques, compartimos algunos de los datos de los últimos informes en materia de #seguridad. Image
Recuerda, en @irontec podemos ayudarte con el diseño de un #PlandeSeguridad adecuado a las necesidades y las posibles vulnerabilidades de tu empresa. Escríbenos, estamos deseando ayudarte: lnkd.in/eYB9_JKb #Ciberseguridad #Ciberataque #Irontec Image
El 45% de las empresas reconoce que son más vulnerables a los ataques desde el comienzo de la pandemia. #ciberseguridad Image
Read 7 tweets
Vaya, vaya, vaya. Parece que Elon Musk está en todos lados y me envían una invitación para vete a saber que... 😏
Un corto hilo sobre análisis de PDF.
🧵
El primer punto es analizar los datos del remitente y mirar las cabeceras. No voy a profundizar, pero con las direcciones de email que aparezcan ya tenemos unos cuantos indicadores que nos pueden servir más adelante. También vemos que hay un archivo PDF adjunto.
⬇️
Todo usuario debería sospechar que cualquier PDF adjunto, sobre todo si viene de un desconocido, o el nombre del PDF ya incita a que sea abierto.
Por supuesto, el usuario "de a pie" no es experto en esto, y se le debe de guiar en ciertas buenas prácticas.
⬇️
Read 12 tweets
"...gezielten und langanhaltenden Ausfall der #Strom- oder #Wasserversorgung zu bewirken ist...eine hochkomplexe Aufgabe. Das geht nicht so einfach wie in Hollywood, dass man nur ein bisschen auf der Tastatur klimpern muss"

Mein Interview mit @LANline_DE
lanline.de/it-security/gr…
"Die hohe Kunst des langanhaltenden, dauerhaften Ausfalls ist sehr komplex. Das hat man auch bei #StuxNet gesehen"
"In der #Ukraine wiederum gab es 2015 und 2016 Angriffe auf die #Stromversorgung. Hier war offenbar geplant, die Stromversorgung langanhaltend und großflächig lahmzulegen, das hat aber nicht funktioniert."
Read 23 tweets
Thread on #APT grps, #hacktivists, #Ransomware gangs with their ‘likely’ associations (as per TTPs and reports) that are playing a significant role in impending #Ukraine #Russian conflict. Correct me if i am wrong or missing any one. 1/
Firstly on Russian 🇷🇺side there are #GhostWriter (#Belarus Govt Backed) #CozyBear (Russian Foreign Intel aka #SVR) #UNC1151 (Minsk based) #FancyBears & #SandWorm (Russian Military Intel aka #GRU) #Turla and #Gamaredon (Russian Internal Intel #FSB Former KGB) 2/
Read 7 tweets
"„Es besteht eine erhöhte Bedrohungslage, ja klar. Aber das ist aktuell keine fatale Lage“, kommentierte @HonkHase, Sprecher der @AG_KRITIS, einer Arbeitsgemeinschaft unabhängiger Security-Fachleute, gegenüber @LANline_DE"

#KRITIS #Cyberangriffe #Krieg
lanline.de/it-security/sc…
"@HonkHase's Einschätzung der aktuellen Situation: „Das Risiko für erfolgreiche Angriffe auf kritische Infrastruktur ist definitiv gegeben und durch die #Kriegslage höher als sonst, aber die Eintrittswahrscheinlichkeit ist sehr überschaubar..."

#KRITIS
"Zum Vergleich: Auch beim #Hochwasser im #Ahrtal wurde kritische Infrastruktur zerstört, und #Klimakatastrophen werden in den nächsten Jahren, so wie auch #Ransomware-Angriffe, deutlich zunehmen.“

#KRITIS
Read 7 tweets
BKA ermittelt wegen Datenraubs bei Rosneft Deutschland

"Die Aktivisten betonten auf Anfrage, dass keine kritische Infrastruktur in Gefahr gewesen sei. Auch seien keine Steuerungsfunktionen in Mitleidenschaft gezogen worden."

#KRITIS wird zum Spielball 😔
spiegel.de/netzwelt/web/b…
"Hacker des #Anonymous-Kollektivs haben die deutsche Tochter des russischen Mineralölkonzerns #Rosneft angegriffen und offenbar Daten erbeutet. Nun ermittelt nach SPIEGEL-Informationen das #BKA."
"Angriff sei weitaus riskanter gewesen als..DDoS-Attacken..Bei Rosneft seien die Angreifer tief in die Systeme eingedrungen und hätten im schlimmsten Fall die Steuerungsfunktionen zum Absturz bringen können..."

Ist sowas noch im Sinne vom ethischen Hacking? 😕

#Ethik #Hacking
Read 4 tweets
HAPPENING NOW - Senate Intelligence Committee holds open hearing on Worldwide Threats

Testimony coming from:

@ODNIgov Dir Avril Haines

@CIA Dir Bill Burns

@DefenseIntel Dir LtGen Scott Berrier

@NSAGov Dir Gen Paul Nakasone

@FBI Dir Christopher Wray Image
Senate Intel Comm Chair @MarkWarner starts w/praise for the US intelligence community for being candid w/intel on #Russia, #Putin's plans for #Ukraine & "throwing Putin off-guard"
"Democracy is sometimes messy" per @MarkWarner "I believe with all my heart the ppl of #Ukraine are voting with their lives, embracing the values that we take for granted every day"

"With all our flaws, our system is still the best in the world"
Read 41 tweets
#Lapsus, el grupo cibercriminal que extorsiona con #ransomware que se la puso a Nvidia y Samsung, ahora hace una encuesta para que voten a su siguiente víctima.

Miren quién aparece en la lista 👀
Contexto.

El leak de #nvidia fue tremendo. El código fuente de DLSS, uno de sus desarrollos más importantes de los últimos años, además de la eliminación del límite para minar a las placas que vienen capeadas por soft.

Y 71 mil credenciales de empleados

bleepingcomputer.com/news/security/…
#Samsung.

190 GB de información subida en un torrent el viernes pasado. Como prueba del ataque, subieron una captura de los directorios de C/C++

(vía @BleepinComputer)

bleepingcomputer.com/news/security/…
Read 5 tweets
NEW 🧵on Conti...

We published some news this week about Conti. In brief, a #Conti affiliate infiltrated the network of a healthcare provider that a different #ransomware threat actor had already penetrated.

The technical debt in healthcare is dangerous.

1/23
But Conti, in particular, attracts a particularly aggressive group of affiliates. And we have another, previously untold, Conti-adjacent story about one of their ransomware affiliates.

It serves as a cautionary tale that not all attackers are necessarily after a ransom. 2/23
This past January we were contacted by a customer in the Middle East to investigate a malware incident that began in mid-December, 2021. The target, in the financial services industry, discovered lateral movement and backdoors in their network the week before new year's day. 3/23
Read 23 tweets
Están y han pasado tantas cosas en el ambiente digital con el conflicto Rusia - Ucrania que voy a ir colocando en este hilo lo que he recopilado con algunas referencias para mayor entendimiento y lo actualizaré. Abro Hilo🧵 ...
#ciberseguridad #ciberataques #Rusia #Ucrania Image
1. Ucrania ha sido en muchas ocasiones el conejillo de indias de Rusia para probar ciberataques, tratando de mejorar sus capacidades y alcances, pero en ningún momento Rusia se ha atribuido los ataques como lo expliqué en mi columna en @Forbes_Mexico - forbes.com.mx/red-forbes-est…
2. En navidad de 2015, la Empresa Regional de Electricidad en Ucrania recibió un #ciberataque dejando a varios distritos sin electricidad. Presuntamente fueron los Servicios Especiales Rusos. ft.com/content/0cfffe…
Read 48 tweets
#WhisperGate #HermeticWiper, 2 noms différents mais la même finalité : 1e cyber arme
🚨TL;DR 1e vidéo pour montrer l'impact destructif et irréversible dirigée vers l'Ukraine depuis qlq temps et qui pourrait très vite se propager dans d'autres pays en Europe et notamment en France
➡️Depuis hier, de nombreuses équipes de #cybersécurité spécialisées en analyse et recherche de #malware, ont donné à la communauté des preuves d'une cyber-arme dirigée vers l'#Ukraine. Cette souche de ransomware est un Disk Wiper baptisé #HermeticWiper ou #WhisperGate.
Il daterait de fin décembre laissant entrevoir une préméditation quant à ce qui ce passe actuellement dans le conflit #Russie #Ukraine.
Read 8 tweets
Protection against #Ransomware – how to prevent an infection.

#SSOT

Thread⬇️
1. Never click on unsafe links: Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your computer being infected.
2. Avoid disclosing personal information: If you receive a call, text message, or #email from an untrusted source requesting personal information, do not reply. #Cybercriminals who are planning a #Ransomware attack might try to collect personal information in advance,
Read 10 tweets
@thegrugq Your video promotes two #UrbanLegends at the 18:09 mark. I'll begin with the latter: that Ukrainian artillerymen are KIA over an infected phone app.

@CrowdStrike created this #myth in a hysterical report they were compelled to "update" in March 2017:
crowdstrike.com/blog/danger-cl…
@thegrugq @CrowdStrike Ukraine's ministry of defense refuted CrowdStrike's "deadly" claims. An alleged source claims CrowdStrike made errors.

Regardless how plausible you think it is, there exists NO evidence of soldiers dying over the use of malware-laden phone apps.
voanews.com/a/crowdstrike-…
@thegrugq @CrowdStrike You've fallen for one of many #UrbanLegends where no evidence exists.

Now comes the hard part.

Will you face up to getting duped?

Or will you rationalize it, perhaps by saying it will convince soldiers not to use potentially malware-laden phone apps on the battlefield?
Read 18 tweets
Do you believe @thegrugq's claim that "there have been cases of people at hospitals who have died due to cyber incidents and it hasn't been publicized & pushed because there's not really a response that can be made to it... Until it's a huge big deal, it's sort of ignored"?
Do you believe @thegrugq's claim that a "targeting app ... used by Ukrainian artillery crews ... [contained] malware [that] was specifically sending the GPS location of those phones ... to the Russian military ... [leading to] people being killed because they were using an app"?
In your personal opinion, which government has secretly covered up the MOST patient deaths due to hospital #ransomware attacks as detailed by @thegrugq in his recent "cyber war" video?
Read 4 tweets
Happening now-@CISAgov update on #Log4j shell: "This really is the most serious vulnerability I've seen in my career" per Director @CISAJen

Likely present in hundreds of millions of products worldwide, & exploiting vulnerability "trivial" she adds
"We have seen widespread exploitation" by criminal actors & seen some reports of more significant activity, per @CISAJen

But @CISAgov cannot independently confirm some reported use/exploitation by foreign adversaries
.@CISAgov continues to push for remediation and strengthening security protocols as it leads US response, per @CISAJen

CISA's webpage with guidance has already gotten 330,000 page views since it was stood up almost a month ago

Another tool downloaded @ 4,000 times
Read 11 tweets
Expertin für Kontaktverfolgung: "Die #LucaApp ist technologisch tot"

"Die Entwicklerin @bkastl sieht in der Luca-App kein Potenzial mehr fürs effektive Kontakt-Tracing in der Pandemie. Ämter fragten die Daten kaum ab."
heise.de/news/Expertin-…
"#LucaApp sei "technologisch tot", befand die Expertin am Montag auf dem remote Chaos Communication Congress (#rC3) des Chaos Computer Clubs (#CCC)."
"...bereits im März habe sie für den Bodenseekreis einen Pilot-Test der #LucaApp begleitet, berichtete @bkastl. Diese habe sich dabei als "fachlich ungeeignet" herausgestellt..."
Read 9 tweets
Rebuilding Landkreis Anhalt-Bitterfeld

"Nach einem #Ransomware-Befall rief der Landkreis den Katastrophenfall aus. Auf dem #rC3 berichten zwei Experten [@eGouvernante und @HonkHase] vom Hack und dem Wiederaufbau."
golem.de/news/nach-rans…
"Von dem Fall und dem bis heute andauernden Wiederaufbau berichteten auf dem Hackerkongress #rC3 @eGouvernante, Chief Digital Officer (CDO) im betroffenen Landkreis, sowie @HonkHase, Teil der @AG_KRITIS und des Chaos Computer Clubs (#CCC)."
"Während @eGouvernante als technische Einsatzleitung direkt am Wiederaufbau der Infrastruktur beteiligt ist, begleitete @HonkHase diesen als Externer in einem #Expertengremium."
Read 12 tweets
Happening now: @TheJusticeDept, #Australia sign agreement to deepen cooperation through the #CLOUDAct - which allows law enforcement agencies to force tech companies to turn over electronic communications for use in criminal investigations
#Australia|n Minister for Home Affairs @karenandrewsmp says the new agreement will allow both countries "to share important digital information and data" including child sexual abuse, #ransomware & attacks on critical infrastructure
The first agreement under the CLOUD Act was signed by the US & #Britain back in 2019

From my @VOANews colleague @masoodfarivar:
voanews.com/a/usa_us-uk-si…
Read 4 tweets
NEW: Does US have a handle on #ransomware?

"I don't think we there yet" @DHSgov @SecMayorkas tells @business's Technology Summit has to remain on an incredibly high level
CORRECTION: "I don't think we there yet" @DHSgov @SecMayorkas tells @business's Technology Summit re #ransomeware "Vigilance has to remain on an incredibly high level"
"We've made strides...I think we have a long ways to go" per @SecMayorkas on gvt working w/pvt sector on #cyber security
Read 12 tweets
Klusterfuck bei Kisters

(einem wirklich dicken dicken #KRITIS Dienstleister!)

Cloud, alle DBdumps & Systemabbilder, Protokolle und Infos per Email von Kunden sind abgegriffen(!) und verschlüsselt worden. Aua :/

Derzeit ist alles Offline! 😑

#Ransomware
kisters.de/fileadmin/KIST… ImageImage
APT-Dienstleister von der BSI Liste wurde beauftragt und Forensiker sind bereits vor Ort und prüfen.

Ich hoffe auf das beste und gutes gelingen bei denen. Mist ey.
Read 6 tweets
Director Christopher Wray will join our partners from @TheJusticeDept, @StateDept, and @USTreasury today at 12:30 p.m. EST to make several major cybercrime announcements. You can watch the press conference live at justice.gov/live.
The #FBI and our partners announced that Yaroslav Vasinskyi, a Ukrainian national, faces charges for allegedly launching ransomware attacks against multiple victims, including a July attack against information technology management company Kaseya. go.usa.gov/xebhZ Director Christopher Wray said, "The arrest of Yaroslav
On October 8, Polish authorities took custody of Vasinskyi in Poland, where he remains pending proceedings to secure his extradition to the U.S.
Read 8 tweets
#Ransomware-Angriff auf #Mediamarkt und #Saturn

"Am Wochenende haben Kriminelle die Server der MediaMarktSaturn-Holding mit einem Verschlüsselungstrojaner angegriffen. Die Läden bleiben geöffnet."
heise.de/news/Ransomwar…
"Betroffen sind offenbar die Kassen- und Warenwirtschaftssysteme in den Filialen. Rund 3100 Windows-Server seien mit einem Krypto-Virus infiziert worden, heißt in offenbar internen Dokumenten, die auf Twitter kursieren."
Read 3 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!