Tag Archive for: Ecosystem

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

/in


Fraud Management & Cybercrime
,
Ransomware

With Over $1 Billion in Annual Proceeds, Don’t Expect Attackers to Give Up the Life

Mathew J. Schwartz
(euroinfosec)


February 23, 2024    

Post-LockBit, How Will the Ransomware Ecosystem Evolve?
All hail the disruption of LockBit – but the ransomware scene will continue to evolve. (Image: Shutterstock)

Once the dust settles on the LockBit disruption, what will be the state of ransomware?

See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors


Expect attackers to continue refining their tactics for maximizing profits via a grab bag of the same strategies, including forcibly encrypting systems and charging for a decryptor, stealing data and threatening to dump it, creating scary public personae, or a combination of the above.


LockBit, which was disrupted this week by law enforcement, is one of the most successful ransomware groups in history. Canadian intelligence tied it to 44% of all ransomware attacks globally in 2022. Blockchain analytics firm Chainalysis said that since the start of 2023, LockBit has received the second-highest amount of traceable ransom payments of any ransomware group.


All that appears to have ended, at least for now. “We have hacked the hackers,” National Crime Agency Director General Graeme Biggar said this week of the joint operation, which featured 10 countries’ law enforcement agencies. It disrupted the group’s infrastructure, arrested suspects in Poland and Ukraine, sanctioned multiple Russians and more (see: Breach Roundup: More Fallout From the LockBit Takedown).


“It…

Source…

Deeper Network Expands Ecosystem with Cardano (ADA) Emurgo Investment and ADSC Development

/in


Santa Clara, California–(Newsfile Corp. – September 21, 2023) – The Deeper Network, a leading innovator in the blockchain-based internet security and privacy space, is thrilled to announce significant developments in its ecosystem, further strengthening its position in the cybersecurity and blockchain industries. With the recent investment from Emurgo, the prominent venture arm of Cardano (ADA), as a strategic investor who believes in the future of the Deeper Network’s ecosystem, developments have been sped up building out its Web3 ecosystem.

Cannot view this image? Visit: https://spinsafe.com/wp-content/uploads/2023/09/Deeper-Network-Expands-Ecosystem-with-Cardano-ADA-Emurgo-Investment-and.jpg

Deeper Network Expands Ecosystem with Cardano (ADA) Emurgo Investment and ADSC Development

To view an enhanced version of this graphic, please visit:
https://images.newsfilecorp.com/files/8722/181339_deeper1en.jpg

Cardano (ADA) Emurgo Investment: Fueling the Future of Web3
Cardano (ADA) Emurgo, well-known for its commitment to fostering blockchain adoption and innovation, has recognized the immense potential of Deeper Network in revolutionizing internet security and Web3 through decentralized technologies. Their investment is a testament to Deeper Network’s vision of creating a safer and more open internet for all.

The investment from Emurgo will enable Deeper Network to accelerate its development efforts and expand its range of decentralized solutions for internet security, benefiting users worldwide.

ADSC built on the Deeper Network: A Powerful Combination
The Deeper Network is excited to celebrate the development of ADSC, a blockchain project built on the Deeper Chain engineered to transform the conventional paradigms of online advertising. The recent integration facilitates a more secure and personalized online experience, enabling users to selectively engage with advertisements while preserving their privacy and data sovereignty. This integration signifies a synergy of expertise and resources, with Deeper Network’s providing its tech and hardware which are committed to security, privacy and the benefits of Web3.

Russell Liu, CEO of Deeper Network, shared his enthusiasm: “We are honored to welcome ADSC to the Deeper Network family. Their expertise in advanced digital technologies will play a pivotal role in driving our innovation and research…

Source…

“The Battle of Mobile Ecosystems: Apple vs. Android – Which One Reigns Supreme?” #100

/in



Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem

/in


Several commercial spyware vendors developed and used zero-day exploits against iOS and Android users last year. However, their exploit chains also relied on known vulnerabilities to work, highlighting the importance of both users and device manufacturers to speed up the adoption of security patches.

“The zero-day exploits were used alongside n-day exploits and took advantage of the large time gap between the fix release and when it was fully deployed on end-user devices,” researchers with Google’s Threat Analysis Group (TAG) said in a report detailing the attack campaigns. “Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits.”

The iOS spyware exploit chain

Apple has a much tighter grip on its mobile ecosystem being both the sole hardware manufacturer of iOS devices and the creator of the software running on them. As such, iPhones and iPads have historically had a much better patch adoption rate than Android, where Google creates the base OS and then tens of device manufacturers customize it for their own products and maintain their own separate firmware.

In November 2022, Google TAG detected an attack campaign via SMS that targeted both iOS and Android users in Italy, Malaysia, and Kazakhstan using exploit chains for both platforms. The campaign involved bit.ly shortened URLs that, when clicked, directed users to a web page delivering the exploits then redirected them to legitimate websites, such as the shipment tracking portal for Italian logistics company BRT or a popular news site from Malaysia.

The iOS exploit chain combined a remote code execution vulnerability in WebKit, Apple’s website rendering engine used in Safari and iOS, that was unknown and unpatched at the time. The flaw, now tracked as CVE-2022-42856, was patched in January after Google TAG reported it to Apple.

However, a remote code execution flaw in the web browser engine is not enough to compromise a device, because mobile operating systems like iOS and Android use sandboxing techniques to limit the privileges of the browser….

Source…