Cisco Talos conducted an analysis of the top 14 data kidnapping groups from 2023 to 2024 to reveal their attack chains and highlight their tactics, techniques, and protocols. They also identified the most exploited vulnerabilities used by ransomware actors. The typical ransomware attack chain begins with the threat actor gaining access to the targeted entity … Read more
MSSP Alert provides daily updates on news, analysis, and discussions in the realm of MSSPs, MSPs, and cybersecurity. Today’s market news highlights companies such as Syxsense, EasyVista, NCC Group, CyCognito, Cequence, IG Technologies, Netwrix, Cytactic, Adobe, Citrix, Ticketmaster, and Outpost24. Pentera has released an update to RansomwareReady, focusing on protecting Linux environments from ransomware attacks. … Read more
A new report from Cisco Talos highlights the evolving tactics of ransomware groups and the importance of defending against them. Ransomware groups like ALPHV/Blackcat are constantly adapting their methods to target victims more effectively, using techniques such as phishing and exploiting vulnerabilities. New groups like Hunters International, Cactus, and Akira have also emerged, each with … Read more
Ransomware attackers are increasing their focus on avoiding detection in order to prolong their presence on targeted networks, a recent report from Cisco Talos indicates. This shift is driven by the rise of the double-extortion ransomware model, where hackers not only encrypt systems but also threaten to leak stolen data unless a ransom is paid. … Read more
A new ransomware-as-a-service called Eldorado has been targeting Windows and VMware ESXi environments in the US since March, primarily in the education, real estate, and healthcare sectors. Eldorado, which first appeared on the RAMP forum, offers an affiliate program for partners to customize their attacks, taking advantage of Go programs for cross-platform functionality and encryption … Read more
In a recent discussion, cybersecurity experts highlighted the importance of monitoring DNS traffic to identify malicious activity within a network. By analyzing data and correlating it with information from news articles, social media, and cybersecurity researchers, professionals can detect patterns that may indicate potential threats. One key example cited was the correlation between spikes in … Read more
Eldorado, a new ransomware-as-a-service (RaaS) group, has been linked to 16 ransomware attacks, with 13 occurring in the United States. The group targets VMware ESX servers and focuses on industries such as real estate, education, professional services, healthcare, and manufacturing. Eldorado first appeared on the “RAMP” forum in March 2024 and distributes versions of the … Read more
A cybersecurity research team has identified a new ransomware called Eldorado that is targeting organizations globally. This ransomware is operated as Ransomware-as-a-Service (RaaS), allowing for decentralized deployment and a wider range of malware variants. The Eldorado ransomware encrypts files using the ChaCha20 algorithm and employs the RSA-OAEP scheme for key encryption. RaaS enables customers to … Read more
In March, a new ransomware called Eldorado, operating as a service (RaaS), has targeted victims in the United States across various sectors such as real estate, education, healthcare, and manufacturing. The cybercriminals behind Eldorado have been actively promoting their service on RAMP forums and seeking partners to join their program. Eldorado is a unique ransomware … Read more
In March, a new ransomware called Eldorado emerged, targeting victims in the US across various industries. The cybercriminals behind Eldorado are actively promoting their malicious service on forums and seeking partners to join their program. The ransomware can encrypt both Windows and Linux systems using different variants and unique encryption algorithms. It also deletes shadow … Read more