Tag Archive for: sophos

Cheap, independently produced ‘Junk Gun’ ransomware infiltrates dark web: Sophos

/in


Sophos, a global leader of innovative security solutions that defeat cyberattacks, recently released a new report titled, “‘Junk Gun’ Ransomware: Peashooters Can Still Pack a Punch,” which offers new insights into an emergent threat in the ransomware landscape.

Since June 2023, Sophos X-Ops has discovered 19 ‘junk gun’ ransomware variants—cheap, independently produced and crudely constructed ransomware variants—on the dark web, reads a press release.

The developers of these junk gun variants are attempting to disrupt the traditional affiliate-based ransomware-as-a-service (RaaS) model that has dominated the ransomware racket for nearly a decade.


The Business Standard Google News
Keep updated, follow The Business Standard’s Google news channel

Instead of selling or buying ransomware to or as an affiliate, attackers are creating and selling unsophisticated ransomware variants for a one-time cost—which other attackers sometimes see as an opportunity to target small and medium-sized businesses (SMBs), and even individuals.

As noted in the Sophos report, the median price for these junk-gun ransomware variants on the dark web was $375, significantly cheaper than some kits for RaaS affiliates, which can cost more than $1,000. The report indicates that cyber attackers have deployed four of these variants in attacks. While the capabilities of junk-gun ransomware vary widely, their biggest selling points are that the ransomware requires little or no supporting infrastructure to operate, and the users aren’t obligated to share their profits with the creators.

Junk gun ransomware discussions are taking place primarily on English-speaking dark web forums aimed at lower-tier criminals, rather than well-established Russian-speaking forums frequented by prominent attacker groups. These new variants offer an attractive way for newer cybercriminals to get started in the ransomware world, and, alongside the advertisements for these cheap ransomware variants, are numerous posts requesting advice and tutorials on how to get started.

To learn more about junk gun ransomware and the latest change in the ransomware ecosystem, read “Junk Gun Ransomware: Peashooters Can Still Pack a Punch” on Sophos.com.

Source…

ZeroOutages Launches Bundled LEO Satellite Net Featuring Integrated Sophos Industry-Awarded Managed Internet Security

/in


ZeroOutagesZeroOutages

ZeroOutages

ZeroOutages Unveils Revolutionary Bundled LEO Satellite Internet Featuring Integrated Sophos Industry-Awarded Managed Internet Security

Los Angeles, CA, April 15, 2024 (GLOBE NEWSWIRE) — ZeroOutages, a leading provider of innovative networking solutions, proudly announces the global launch of its groundbreaking bundled Low Earth Orbit (LEO) Satellite Internet service, combined with integrated Sophos industry-awarded Managed Threat Detection and Response (MDR), Extended Detection and Response (XDR) and Zero Trust Network Access (ZTNA) Internet security solutions.

This pioneering offering from ZeroOutages marks a significant advancement in the realm of satellite-based internet connectivity. Leveraging the latest advancements in LEO satellite technology, ZeroOutages has engineered a solution that not only delivers high-speed internet access but also ensures uncompromised security with the integration of Sophos’ renowned internet security suite.

The partnership with Sophos, a globally recognized leader in cybersecurity, underscores ZeroOutages’ commitment to providing comprehensive and robust solutions to its customers. By integrating Sophos’ industry-awarded internet security features directly into its bundled LEO Satellite Internet service, ZeroOutages empowers businesses and individuals globally with a seamless, reliable, and secure internet experience, even in the most remote locations.

Key features of ZeroOutages’ Bundled LEO Satellite Internet with Integrated Sophos Industry-Awarded Internet Security include:

  1. High-Speed Connectivity: ZeroOutages’ LEO Satellite Internet offers blazing-fast internet speeds, enabling users to stay connected and productive regardless of their geographical location.

  2. Global Coverage & Global Deployment: With a constellation of LEO satellites in orbit, ZeroOutages ensures global coverage, delivering internet access to even the most remote and underserved regions.

  3. Integrated Security: By incorporating Sophos’ industry-awarded internet security suite, ZeroOutages provides robust protection against cyber threats such as malware, ransomware, phishing attacks, and more, safeguarding users’ data and privacy.

  4. Seamless Integration: The…

Source…

Ransomware remains biggest threat to SMBs, says Sophos Threat Report

/in


Sophos has found that ransomware remains the principal threat to small and medium-sized businesses (SMBs), despite a stabilisation in the number of attacks.

The 2024 Threat Report identified that data and credential theft malware, including keyloggers, spyware, and stealers, also constituted nearly 50% of all malware detections targeting SMBs.

Attackers use this stolen information to gain unauthorised remote access, extort victims, deploy ransomware, and more.

Data and Credential Theft: A Rising Concern for SMBs

Christopher Budd, Director of Sophos X-Ops Research, stressed the growing allure of data as a currency among cybercriminals, especially towards SMBs that often rely on singular service or software applications for entire operations.

“There’s a reason that more than 90% of all cyberattacks reported to Sophos in 2023 involved data or credential theft,” Budd explained, highlighting the criticality of securing access to essential business applications to prevent financial theft and unauthorised access.

“Let’s say attackers deploy an infostealer on their target’s network to steal credentials and then get hold of the password for the company’s accounting software.

“Attackers could then gain access to the targeted company’s financials and have the ability to funnel funds into their own accounts,” said Budd.

Ransomware Dominates Cyberthreat Landscape

Despite a stabilisation in the number of attacks, ransomware remains the principal threat to SMBs.

Sophos Incident Response (IR) identified LockBit, Akira, and BlackCat as the top ransomware gangs targeting SMBs, alongside attacks by older and lesser-known ransomware variants.

The report notes a 62% increase in ransomware attacks involving remote encryption between 2022 and 2023, and highlights instances of small businesses attacked through vulnerabilities in their managed service providers’ (MSPs) software.

Evolving Tactics in Social Engineering

The Sophos report also sheds light on the sophistication of business email compromise (BEC) and social engineering attacks, now the second highest type of attacks after ransomware.

Attackers are engaging in more elaborate tactics, including extended email conversations and phone…

Source…

Sophos: Ransomware is crippling retail organizations

/in


Retail organizations faced a growing threat from ransomware attacks, with fewer managing to stop the encryption of their data. Sophos, a cybersecurity leader, revealed that only a quarter of retailers prevented data encryption during attacks in the last year, marking a decline from previous years. 

This trend indicated a struggle to intercept ongoing ransomware assaults.

“Retailers are losing ground in the battle against ransomware,” said Chester Wisniewski, director, global field CTO, Sophos. “Ransomware criminals have been encrypting increasingly greater percentages of their retail victims in the last three years, as evidenced by the steadily declining rate of retailers stopping cybercriminal attacks in progress. Retailers must up their defensive game by setting up security that detects and responds to intrusions earlier in the attack chain.” 

Sophos: Cybercriminals run contests to advance techniques
Cybercriminals scam each other — Sophos

Organizations that paid the ransom faced significantly higher recovery costs compared to those who restored their data from backups. Despite nearly half of the retail victims yielding to ransom demands, their median recovery expenses were four times greater. 

Wisniewski stressed the importance of robust defenses and rebuilding systems rather than funding cybercriminals.

Key findings outlined the escalating rate of encryption in the retail sector, with a majority falling victim to data encryption by ransomware. Although the percentage of attacks slightly decreased, the time taken for recovery varied, with fewer organizations managing swift restoration.

Boosting cyber defense

Sophos recommended various strategies to boost defenses against ransomware, including enhanced security tools, Zero Trust Network Access, adaptive technologies, and continual threat detection and response. The cybersecurity-as-a-service provider emphasized the necessity of proactive measures such as regular backups, data recovery drills, and updated incident response plans, alongside maintaining stringent security practices like timely patching and constant security tool evaluations.

The survey, participated by 3,000…

Source…