LockBit ransomware returns to attacks with new encryptors, servers
Source: Bleeping Computer
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption. Last week, the NCA, FBI, and Europol conducted a coordinated disruption called 'Operation Cronos' against the LockBit ransomware operation.
Echoes of SolarWinds in New 'Silver SAML' Attack Technique
Source: Dark Reading
After the threat actor behind the SolarWinds attack compromised the company's Orion network management product and leveraged it to break into target enterprise networks, the group often used a technique dubbed "Golden SAML" to maintain persistent access to different applications and services in that environment.
BlackCat Pounces on Health Sector After Federal Takedown
Source: Data Breach Today
U.S. authorities have been trying to shut down the BlackCat ransomware-as-a-service group for over a year. The relatively young group, also known as Alphv, has built a notorious reputation, grabbing headlines in March 2023 when it leaked stolen photos of breast cancer patients in an extortion attempt against a group of Pennsylvania cancer clinics.
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
Source: The Hacker News
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most downloads at 1,351.
NIST Releases Version 2.0 of Landmark Cybersecurity Framework
Source: National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST) has updated the widely used Cybersecurity Framework (CSF), its landmark guidance document for reducing cybersecurity risk. The new 2.0 edition is designed for all audiences, industry sectors and organization types, from the smallest schools and nonprofits to the largest agencies and corporations — regardless of their degree of cybersecurity sophistication.Â