Ransomware Eruption: Novel Locker Malware Flows From ‘Volcano Demon'

Attackers clear logs before exploitation and use "no caller ID" numbers to negotiate ransoms, complicating detection and forensics efforts. [TechWeb]( Follow Dark Reading: [RSS]( July 04, 2024 LATEST SECURITY NEWS & COMMENTARY [Ransomware Eruption: Novel Locker Malware Flows From ‘Volcano Demon']( Attackers clear logs before exploitation and use "no caller ID" numbers to negotiate ransoms, complicating detection and forensics efforts. [Intel CPUs Face Spectre-Like 'Indirector' Attack That Leaks Data]( "Indirector" targets a speculative execution component in silicon that previous research has largely overlooked. [Bay Area Credit Union Struggles to Recover After Ransomware Attack]( Tens of thousands of Patelco customers remain without access to their accounts, with no estimates for when systems will be restored. [Ransomware Extortion Demands Soar to $5.2M per Attack]( The highest ransom demanded by threat actors this year so far was nearly 20 times last year's average. [Friend or Foe? AI's Complicated Role in Cybersecurity]( Staying informed about the latest AI security solutions and best practices is critical in remaining a step ahead of increasingly clever cyberattacks. [Hacker Busted for 'Evil Twin' Wi-Fi That Steals Airline Passenger Data]( Australian cops arrest man found with a portable Wi-Fi access device in his carry-on luggage, allegedly used for standing up scam Wi-Fi networks on flights. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Patch Now: Cisco Zero-Day Under Fire From Chinese APT]( Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware. [Dark Reading Confidential: Meet the Ransomware Negotiators]( Episode 2: Incident response experts-turned-ransomware negotiators Ed Dubrovsky, COO and managing partner of CYPFER, and Joe Tarraf, chief delivery officer of Surefire Cyber, explain how they interact with cyber threat actors who hold victim organizations' systems and data for ransom. Among their fascinating stories: how they negotiated with cybercriminals to restore operations in a hospital NICU where lives were at stake, and how they helped a church, where the attackers themselves "got a little religion." [Thinking About Security, Fast & Slow]( To be effective, managing risk demands both fast responses and strategic thinking. [Stress-Testing Our Security Assumptions in a World of New & Novel Risks]( Categorizing and stress-testing fundamental assumptions is a necessary exercise for any leader interested in ensuring long-term security and resilience in the face of an uncertain future. ['RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems]( The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root. [MORE]( PRODUCTS & RELEASES [Bloom Health Centers Provides Notice of Data Security Incident]( [Human Technology Inc. — Notification of Data Breach]( [Implementing Zero Trust and Mitigating Risk: ISC2 Courses to Support Your Development]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Patch Now: Cisco Zero-Day Under Fire From Chinese APT]( Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware. LATEST FROM THE EDGE [Networking Without the Hangover]( How Sober in Cyber is redefining professional connections in the security industry. LATEST FROM DR TECHNOLOGY [3 Ways to Chill Attacks on Snowflake]( Multifactor authentication is a good first step, but businesses should look to collect and analyze data to hunt for threats, manage identities more closely, and limit the impact of attacks. LATEST FROM DR GLOBAL [South Africa National Healthcare Lab Still Reeling From Ransomware Attack]( The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn. WEBINARS - [Search Capabilities with PostgreSQL: From Standard to Semantic]( In the digital age, the ability to sift through vast amounts of text data efficiently and effectively is crucial. PostgreSQL, a robust open-source relational database, offers various search functionalities that cater to multiple needs, from simple pattern matching to linguistic ... - [Generative AI: Use Cases and Risks in 2024]( This webinar reviews use cases and risks in the leading generative AI applications and models, including market favorites ChatGPT, DALL-E 2, and AutoGPT. [View More Dark Reading Webinars >>]( WHITE PAPERS - [Threat Hunting in the Cloud: Adapting to the New Landscape]( - [Threat Hunting's Evolution:From On-Premises to the Cloud]( - [A Watershed Moment for Threat Detection and Response]( - [Google Threat Intelligence]( - [A Year in Review of Zero-Days Exploited In-the-Wild in 2023]( - [5 Essential Insights into Generative AI for Security Leaders]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( - [2023 Global Threat Report]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124383&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.04.24&sp_cid=54149&utm_content=DR_NL_Dark%20Reading%20Daily_07.04.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#80 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)