Ransomware Attacks Hit A Record High

The number of successful ransomware attacks is increasing, according to the NCC Group who monitor criminal data leak websites,  listing ransom 514 victims in September 2023. This breaks the record set in July this year, when criminal forums on the Dark Web listed 502 victim organisations.

Evidence from these sites is considered reliable, with the US still the most attacked country.

A new ransomware gang Rhysida runs as a ransomware-as-a-service operation, according to research from Kaspersky. Notably, Rhysida has a unique self-deletion mechanism which works on current on older versions of MS Windows.

Several technology companies have confessed to being ransom victims, including Cloudflare and the password management specialist, LastPass. Recently. VMware urged users to patch their software to fix multiple vulnerabilities. The notice was later updated with a warning that threat actors now have exploit code to take advantage of an unpatched server.

Intrusive Data Collection

The increased threat to users is not limited to criminal  ransom exploits. Intrusive collection of personal user data by legitimate apps is also increasing. According to research published by crypto experts at The Money Mongers, Meta's new App Threads, designed as a competitor to TwitterX  is the most invasive of the 100 apps it studied. The other apps reviewed include Instagram, Facebook, Messenger, LinkedIn and Uber Eats.

According to this research, Threads collects as much as 86 per cent of its users’ personal data, a particular concern when around half of all the apps studied share their user data with third parties.

That may be defensible on the basis that in almost every case legitimate apps ask users to consent to their data being used for financial gain, however.  its doubtful that many users read the full terms & conditions before giving their consent.

NCC Group:    Kaspersky:    US Justice Dept:    ITWorld Canada:   Securelist:      MoneyMongers

Image: fernando arcos

You Might Also Read:

Cyber Risk & Ransomware In 2023:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Online Conflict In Gaza & Ukraine
Major Outage: British Library Suffers A Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

Ensconce Data Technology (EDT)

Ensconce Data Technology (EDT)

EDT’s focus is on providing solutions to properly sanitize Solid State Drives (SSD) and Magnetic Drives (HDD) before they are disposed or redeployed.

BLUECYFORCE

BLUECYFORCE

BLUECYFORCE is the leading professional training and cyber defense training organization in France.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

Quantinuum

Quantinuum

Quantinuum is the combination of Cambridge Quantum with Honeywell Quantum Solutions, structured to drive the future of quantum computing.

Ballistic Ventures

Ballistic Ventures

Ballistic Ventures is a new kind of venture capital firm, built by and for cybersecurity entrepreneurs and investors.

Novacoast

Novacoast

Novacoast helps organizations find, create & implement solutions for a powerful security posture through advisory, engineering, development & managed services.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

Prophaze Technologies

Prophaze Technologies

Prophaze enable organizations and SaaS providers to improve their web application cybersecurity and reduce costs through AI automation.

Mindsprint

Mindsprint

Mindsprint (formerly Olam Technology and Business Services - OTBS) are a leading edge technology and business services firm.

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

Viatel Technology Group

Viatel Technology Group

Viatel Technology Group is a complete digital services provider. We have over 26 years’ experience delivering fully managed security, networking, cloud and communications services.

FearsOff

FearsOff

FearsOff is a global information security company serving clients worldwide. White hat operators with a black hat mindset to emulate real world attacks and everchanging threat vectors.