Connect with us
Cuba ransomware hacked fifty critical infrastructure organizations in the United Cuba ransomware hacked fifty critical infrastructure organizations in the United

Security

Cuba ransomware hacked fifty critical infrastructure organizations in the United States in a month

Published

on

Since the beginning of its malicious campaign, the group has demanded a total of $ 74 million from its victims and received more than $ 40 million.

FBI USA reported that in November 2021, Cuba ransomware compromised the networks of at least 49 critical infrastructure organizations in the United States, including those in the financial and public sectors, as well as healthcare, manufacturing and IT.

Since the beginning of its malicious campaign in the United States, the group has demanded a total of $ 74 million from its victims and received more than $ 40 million.

Cuba ransomware enters attacked networks using the Hancitor downloader, which makes it easier for attackers to access previously compromised networks. Hackers use Hancitor (Chancitor) to deliver info-stealers, Remote Access Trojans (RATs) and various ransomware programs.

In particular, Zscaler specialists recorded the use of a downloader to distribute the Vawtrak Trojan to steal data. However, he has since switched to password stealing software, including Pony and Ficker, and most recently Cobalt Strike.

For initial hacking, Hancitor hackers use phishing emails and stolen credentials, exploit vulnerabilities in Microsoft Exchange, or use Remote Desktop Protocol (RDP) tools.

Using the access provided by Hancitor, using Windows services (PowerShell, PsExec, etc.) Cuba operators remotely deploy the ransomware payload on the attacked network and encrypt files by adding the .cuba extension.

In a notice issued jointly with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI asked system administrators and information security experts who discovered Cuba activity on their networks to provide any malicious information to the local FBI cyber unit.

Click to comment

Leave a Reply

Your email address will not be published.

Components

4 TB of security from Samsung. External SSD T7 Shield is now available in a new version for 420 euros

Published

on

4 TB of security from Samsung External SSD T7 Shield

Samsung has decided to release a new version of its secure external SSD T7 Shield.

4 TB of security from Samsung.  External SSD T7 Shield is now available in a new version for 420 euros

The device was introduced almost a year ago in 1 and 2 TB versions. Now, a 4 TB modification is entering the market.

In Europe, they ask for 420 euros for such an SSD. For comparison, the prices for the younger versions are 135 and 220 euros.

Recall, T7 Shield offers a good level of protection. There is also protection against water and moisture (IP65), and protection against falls from a height of up to 3 meters. Actually, since this is a solid state drive, it is likely that it will survive a much more serious fall.

The device is equipped with a USB-C 3.2 Gen 2 interface and offers read and write speeds of 1050 and 1000 MB/s, respectively. The device weighs only about 100 g.

Continue Reading

Security

ChatGPT can be used to write viruses and ransomware – this was confirmed by information security specialists

Published

on

ChatGPT can be used to write viruses and ransomware

Network resources reported that examples appeared on the network of how the popular chat bot ChatGPT writes code for viruses. Network security company Check Point Research discovered this and said that the use of AI increases the danger from hackers. On the thematic forums, the first information about the successful writing of viruses using ChatGPT has already appeared.

ChatGPT can be used to write viruses and ransomware - this was confirmed by information security specialists

One example was a program that, after refinement, can be turned into “extortionist”. It can encrypt data on the user’s PC and will require payment for decryption. In a more advanced version of the program, penetration into the target server is provided, from where hackers already gain access to all the data of the victim

In addition, the neural network can write phishing emails – this has already been checked by Check Point Research specialists themselves. The letter also contained an Excel file with an embedded macro that was launched when the file was opened.

However, this is not all. Experts were able to get AI to create scripts for scanning network ports and other tools.

At the same time, Check Point Research believes that it is too early to say that ChatGPT has become a new tool for hackers, but the attacker community has already become interested in it. Note that earlier the system was already able to pretend to be a Linux machine, as well as write a number of programs and websites.

Continue Reading

Security

“Germany has not taken seriously the security threat posed by China.” The country has increased dependence on Huawei

Published

on

Germany has not taken seriously the security threat posed by

Despite the huge number of sanctions imposed by the US and other countries against Huawei, Germany has only increased its dependence on this Chinese company.

Germany has not taken seriously the security threat posed by

According to a recent Strand Consult report cited by Reuters, Germany has become even more dependent on Huawei to build 5G infrastructure than it was when building 4G networks. More specifically, Huawei accounts for 59% of all 5G network equipment in Germany. We are talking about base stations and related equipment. For comparison, in the case of 4G networks, Huawei’s share in Germany is 57%. What’s interesting is the fact that Huawei’s share in this area is higher in Berlin than in Beijing, where the company faces serious competition from ZTE.

According to the report, there are signs that Germany has not taken seriously the security threat posed by China. At the same time, Huawei equipment is simply cheaper than analogues of European players in this market, which is why a number of countries, including Germany, continue to purchase Huawei products.

Continue Reading

Most Popular