Ernst & Young, a member of the CISA assembled RTF (Ransomware Task Force) has been a victim of cl0p ransomware group from the MoveIT 0day exploit.
Information via Brett Callow
Information via Brett Callow
π€£113π9π€―8π«‘6π5π4β€2π2π€©2π―1
Today Polish authorities announced they made several arrests. The arrested people are allegedly connected to DdoS attack providers.
They released footage of the arrests. These are two images from the video.
The "Do not disturb" is the cherry on top.
They released footage of the arrests. These are two images from the video.
The "Do not disturb" is the cherry on top.
π€£113π«‘13π€―7β€4π€4π₯°1π’1π1
Media is too big
VIEW IN TELEGRAM
Here is the full video of the Polish CBZC (Central Bureau for Combating Cybercrime) arresting individuals associated with DDoS as a Service providers.
Viewer discretion is advised. The levels of dorkiness are off of the charts.
Viewer discretion is advised. The levels of dorkiness are off of the charts.
π58π«‘25π€ͺ14π€£11π’9π₯2β€1π1π1
We asked Lockbit ransomware group administrative staff their thoughts on the recent arrest of their affiliate Ruslan Magomedovich Astamirov.
Lockbit staff replied: "he should have practiced better opsec."
Lockbit staff replied: "he should have practiced better opsec."
π€£87π56π«‘9π€ͺ8π6π5π€―2π―2π1
Google has sold Google Domains to SquareSpace for $180,000,000.
Reminder that any product Google produces, they will kill off and send to the infamous Google graveyard.
Reminder that any product Google produces, they will kill off and send to the infamous Google graveyard.
π€58π14π«‘14π7β€2π₯°2π1
The United States government has put a $10,000,000 bounty on any individual associated with cl0p ransomware group.
π€£89π19π«‘16π₯°7π6π±4π€ͺ4β€βπ₯3π₯2π1π€1
vx-underground staff are at max capacity. Every staff member is currently busy.
We have several large projects still in the works. Thank you to everyone who supports us with merchandise purchases or monthly donations.
P.S. We fixed the Discord bot. Thank you for notifying us.
We have several large projects still in the works. Thank you to everyone who supports us with merchandise purchases or monthly donations.
P.S. We fixed the Discord bot. Thank you for notifying us.
β€77π«‘21π12π€£5π4
cl0p ransomware group has historically been quiet. They rarely addressed journalists or spoke with researchers. It's nice seeing them comment on the BBC article about them (albeit on their blog).
cl0p, if you're reading this message: your name makes us think of little horsies π₯°π₯°
cl0p, if you're reading this message: your name makes us think of little horsies π₯°π₯°
β€βπ₯73π€£42π₯°9π4π4π«‘4π―2π2β€1
cl0p ransomware group claims to have ransomed Sony and PWC.
cl0p claims to have exfiltrated 120GB of data and archives from PWC.
cl0p has not stated how much data (if any) was exfiltrated from Sony.
cl0p claims to have exfiltrated 120GB of data and archives from PWC.
cl0p has not stated how much data (if any) was exfiltrated from Sony.
π₯44π7π«‘6π5π€2β€1
Mark Zuckerberg has agreed to fight Elon Musk in a cage fight (?). This is not satire.
Elon Musk agreed to fight Mark Zuckerberg. Mark Zuckerberg replied on Instagram "Send me location", a reference to Russian MMA fighter Khabib Nurmagomedov challenging Conor McGregor at UFC 229.
Elon Musk agreed to fight Mark Zuckerberg. Mark Zuckerberg replied on Instagram "Send me location", a reference to Russian MMA fighter Khabib Nurmagomedov challenging Conor McGregor at UFC 229.
π€£113π€ͺ21π6π€―4π«‘4β€1
We've updated the vx-underground malware sample collection.
- TriangleDB
- CaddyWiper
- DoubleZeroWiper
- BlisterLoader
- HeaderTip
- Denoia
- Remcos
- WizardUpdate
- Blackcat
- Sharkbot
- AvosLocker
- NetSupportRAT
- Mirai
- IcedId
Check it out here: https://samples.vx-underground.org/samples/Families/
- TriangleDB
- CaddyWiper
- DoubleZeroWiper
- BlisterLoader
- HeaderTip
- Denoia
- Remcos
- WizardUpdate
- Blackcat
- Sharkbot
- AvosLocker
- NetSupportRAT
- Mirai
- IcedId
Check it out here: https://samples.vx-underground.org/samples/Families/
π34π₯13β€7π«‘4
TriangleDB is (or was) allegedly developed by the United States government. This iOS spyware was delivered via an iOS 0day exploit chain.
Apple has now patched the exploits.
Apple has now patched the exploits.
π₯63π6π«‘2π1
DeepInstinct released a paper on a new malware family titled "PindOS". PindOS is named as such because the user-agent in the malware is "PindOS".
Interesting that this malware family user-agent is "PindOS" because "ΠΏΠΈΠ½Π΄ΠΎΡ", pronounced "pindos", is a derogatory term in post-soviet countries used to describe people from the United States of America. Pindos is a derivative of "Pindostan", "Pindosia", or "United States of Pindostan".
More information:
https://www.deepinstinct.com/blog/pindos-new-javascript-dropper-delivering-bumblebee-and-icedid
Interesting that this malware family user-agent is "PindOS" because "ΠΏΠΈΠ½Π΄ΠΎΡ", pronounced "pindos", is a derogatory term in post-soviet countries used to describe people from the United States of America. Pindos is a derivative of "Pindostan", "Pindosia", or "United States of Pindostan".
More information:
https://www.deepinstinct.com/blog/pindos-new-javascript-dropper-delivering-bumblebee-and-icedid
Deep Instinct
PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID | Deep Instinct
Deep Instinctβs Threat Research Lab recently noticed a new strain of a JavaScript-based dropper that is delivering Bumblebee and IcedID. The dropper contains comments in Russian and employs the unique user-agent string βPindOSβ, which may be a reference toβ¦
π61π11π€7π€£6β€5π«‘5π1
June 15th the United States military released a report regarding unknown, and unsolicited, smartwatches being sent to United States service members.
These devices are attempting to collect user data on military officials.
More information:
https://www.cid.army.mil/Media/Press-Center/Article-Display/Article/3429159/cid-lookout-unsolicited-smartwatches-received-by-mail/
These devices are attempting to collect user data on military officials.
More information:
https://www.cid.army.mil/Media/Press-Center/Article-Display/Article/3429159/cid-lookout-unsolicited-smartwatches-received-by-mail/
π28π±6π4π«‘2β€1