Something New to Cring About

New Cring and a Ransomware Record, 

Acer Ransom Doubles to $100,000,000.00

By Dominic Alvieri

April 9th, 2021


The CyberSecurity Show on Blogger


DoppelPaymer, Egregor, REvil and Ryuk

The deadline has come and gone and with it a cool $50 Million more. 2021 has started off where 2020 left off with a new ransomware record. Acer,  Shell, T-Mobile, US Cellular and Molson Coors have all also been targets of ransomware this year. 

REvil holds the current record request...for now.



2021 Ransomware records
Ransomware targets in 2021.


Phishing is still the number one entry for malware.

Email phishing is still the number one entry point for ransomware and industry reports 90% of all malware access is initially placed by gaining access to corporate networks is through phishing. Antivirus is no longer enough to protect your network. 

Blacklist the items? Reactive management won't suffice. How can you blacklist the unknown?
The whitelist is the target. Corporate mailing lists, executives, vendors, invoices...


CISA website for information to reduce the risk of malware.
Visit CISA.gov for more on how to reduce the risk of ransomware.

Caution Over Cring 

Great security research from Kaspersky this weekend of a new strain of malware called Cring first spotted in the wild in January of this year. Cring targets unpatched vulnerable Fortigate VPN servers. Encrypting the servers to initially gain access. Patching delays have caught cybersecurity teams off guard for which there is no excuse. Updates have been available. 

The Cring attack continues after initial entry has been gained and an application was used to further gain credentialed access to other accounts and deployed Cobalt Strike and finished off the attack by employing PowerShell scripts on the encrypted compromised Fortigate VPN servers. This is an advanced attack and caution should be taken. Update immediately. 


100,000,000 million reasons to worry.

Update and Patch


The ransomware payment of choice is still Bitcoin and with the ever rising cryptocurrency the future is bright for ransomware gangs and dim for poorly managed cybersecurity teams.

One letter can make all of the difference. 

The spoof of the week



Spoof from Morocco.

 
Spoofs come from all over the world like this one I received from Morocco. The site above would be the correct domain from a request from this university. One letter does make all of the difference. That is basically the essence of cybersecurity. One letter, one packet, one file changes everything.

The 2021 cyber attack onslaught shows no signs of slowing down and Covid is still around. 
Stay vigilant, patched and safe online and off.

Did I mention to patch?


The CyberSecurity Show


The CyberSecurity Show
by Dominic Alvieri
Twitter @AlvieriD

Comments

Post a Comment

Popular posts from this blog

2020 Software is Killing

Image
   Ransomware leads to death.         By Dominic Alvieri, @AlvieriD    September 22nd, 2020.     Did anyone notice ransomware literally just killed someone?     Ransomware just got upgraded to Murderware. German police are treating the cybersecurity event as a homicide. A lifesaving surgery was cancelled at the last minute in Dusseldorf University Hospital on Wednesday, September 9th due to a ransomware attack on the hospital. The patient was immediately rerouted to the next hospital available about 20 miles away. The patient passed away during the ambulance trip. The digital footprints are familiar.  Reports allege that the attack intended to attack a university (Heinrich Heine University) and redirected to Dusseldorf University Hospital. A woman was arriving for a lifesaving procedure when the ransomware attack took down the hospitals IT systems.  The vulnerability in question is a Citrix VPN appliance controll...
Read more