A naukri.com initiative
Sentinelone
3d
111
Image Credit: Sentinelone
The Good, the Bad and the Ugly in Cybersecurity – Week 22
- An Iranian national, Sina Gholinejad operating under Robbinhood ransomware, pleaded guilty to targeting U.S. cities and organizations, resulting in millions in losses from 2019 to 2024.
- Gholinejad and his conspirators infiltrated networks, deployed ransomware using vulnerabilities, and demanded Bitcoin payments, impacting cities like Baltimore and healthcare organizations.
- U.S. Treasury Department sanctioned Funnull Technology, a Philippines-based company linked to over $200 million in American losses from virtual currency scams.
- Funnull provided tools supporting malicious activities via dating apps and social media scams, enabling cybercriminals in their fraudulent activities.
- Go-Based Botnet ‘PumaBot’ targets Linux-based IoT devices via SSH brute force, with a strategic and selective infection method.
- PumaBot gains access by checking system identifiers, creating persistent services, and inserting SSH keys to maintain access, supporting lateral movement and data exfiltration.
- DragonForce Ransomware exploits SimpleHelp RMM platform vulnerabilities to target MSPs, collect sensitive data, and perform double extortion schemes.
- DragonForce has adopted a 'white-label' RaaS model, allowing affiliates to deploy customized versions of its encryptor, reflecting its ambition to dominate the post-LockBit ransomware ecosystem.
- Threat actors continue to target high-value MSPs like SimpleHelp, ConnectWise, ScreenConnect, and Kaseya to maximize the scale and impact of their campaigns.
- The evolving threat landscape with AI use in malware development and increased decentralization among threat actors poses ongoing cyber risks.
Read Full Article
6 Likes
For uninterrupted reading, download the app