hive – Computer Security Articles

Credit to Author: Andrew Brandt| Date: Tue, 08 Aug 2023 10:00:11 +0000

A collection of very specific behaviors, observed by Sophos X-Ops incident response analysts in the lead-up to four separate ransomware attacks in the first quarter of 2023, indicates an unexpected connection between the attacks. In the parlance of the Managed Detection and Response (MDR) team, the peculiarly similar details constitute a threat activity cluster that […]

MalwareBytes Security

January 28, 2023 admin

Hive! Hive! Hive! Ransomware site submerged by FBI

Categories: News

Categories: Ransomware

Tags: DoJ

Tags: FBI

Tags: Europol

Tags: HIve

Tags: ransomware

Tags: RDP

Tags: Patch management

Tags: Vulnerability

Tags: phishing

The DoJ, FBI, and Europol have released details about a months-long international disruption campaign against the Hive ransomware group

(Read more…)

The post Hive! Hive! Hive! Ransomware site submerged by FBI appeared first on Malwarebytes Labs.

MalwareBytes Security

December 12, 2022 admin

A week in security (December 5 – 11)

Categories: News

Tags: Lock and Code S03E25

Tags: lock & code

Tags: lock and code

Tags: S03E25

Tags: Dustin Childs

Tags: Eufy

Tags: Snapchat

Tags: Apple

Tags: Apple AirTag

Tags: Google Chrome

Tags: V8 vulnerability

Tags: Hive

Tags: Facebook hoax

Tags: PayPal phish

Tags: Lazarus Group

Tags: SIM swapper

Tags: festive scam

Tags: holiday scams

Tags: Android vulnerability

Tags: Bluetooth

Tags: SaaS

Tags: SaaS best practices

Tags: Epic Games

Tags: Threat Intelligence Reports

The most interesting security related news from the week of December 5 to 11.

(Read more…)

The post A week in security (December 5 – 11) appeared first on Malwarebytes Labs.

Security Sophos

August 10, 2022 admin

Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack

Credit to Author: Matt Wixey| Date: Wed, 10 Aug 2022 11:00:50 +0000

After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point.

Security Sophos

August 9, 2022 admin

Multiple attackers increase pressure on victims, complicate incident response

Credit to Author: Matt Wixey| Date: Tue, 09 Aug 2022 11:00:04 +0000

Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers

MalwareBytes Security

August 4, 2022 admin

Ransomware review: July 2022

Credit to Author: Threat Intelligence Team| Date: Thu, 04 Aug 2022 20:48:37 +0000

BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared

The post Ransomware review: July 2022 appeared first on Malwarebytes Labs.

Microsoft Security

July 5, 2022 admin

Hive ransomware gets upgrades in Rust

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Tue, 05 Jul 2022 16:00:00 +0000

With its latest variant carrying several major upgrades, Hive proves it’s one of the fastest evolving ransomware payload, exemplifying the continuously changing ransomware ecosystem.

The post Hive ransomware gets upgrades in Rust appeared first on Microsoft Security Blog.

Independent Krebs

May 31, 2022 admin

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Credit to Author: BrianKrebs| Date: Tue, 31 May 2022 19:57:58 +0000

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.