Turla’s ‘Crutch’ Backdoor Leverages Dropbox in Espionage Attacks

Researchers have discovered a previously undocumented backdoor and document stealer, which they have linked to the Russian-speaking Turla advanced persistent threat (APT) espionage group. The malware, which researchers call “Crutch,” is able to bypass security measures by abusing legitimate tools – including the file-sharing service Dropbox – in order to hide behind normal network traffic. … Continue reading Turla’s ‘Crutch’ Backdoor Leverages Dropbox in Espionage Attacks

Misconfigured Docker Servers Under Attack by Xanthe Malware

Researchers have discovered a Monero cryptomining botnet they call Xanthe, which has been exploiting incorrectly configured Docker API installations in order to infect Linux systems. Xanthe was first discovered in a campaign that employed a multi-modular botnet, as well as a payload that is a variant of the XMRig Monero cryptocurrency miner. Researchers said that … Continue reading Misconfigured Docker Servers Under Attack by Xanthe Malware

Driven by Ransomware, Cyber Claims Rise in Number & Value

Companies are on track to file 27% more cyber claims in 2020, one insurer estimates, while another underwriter finds five out of every 100 companies file a claim each year. Cyberattacks and security incidents have become the top business risk for companies, with the number of insurance claims rising 27% in the first nine months … Continue reading Driven by Ransomware, Cyber Claims Rise in Number & Value

Ransomware Grows Easier to Spread, Harder to Block

Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations. Ransomware, already a major enterprise threat, is growing more problematic as operators brainstorm new ways to make their attacks easier to launch and more devastating for victims. Mitchell Clarke and Tom Hall, both principal incident response consultants for Mandiant, … Continue reading Ransomware Grows Easier to Spread, Harder to Block

Sopra Steria expects €50 million loss after Ryuk ransomware attack

French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million. Sopra Steria is a European information technology firm with 46,000 employees in 25 countries providing a large array of IT services, including consulting, systems integration, … Continue reading Sopra Steria expects €50 million loss after Ryuk ransomware attack