Ransomware Attacks Hit A Record High

The number of successful ransomware attacks is increasing, according to the NCC Group who monitor criminal data leak websites,  listing ransom 514 victims in September 2023. This breaks the record set in July this year, when criminal forums on the Dark Web listed 502 victim organisations.

Evidence from these sites is considered reliable, with the US still the most attacked country.

A new ransomware gang Rhysida runs as a ransomware-as-a-service operation, according to research from Kaspersky. Notably, Rhysida has a unique self-deletion mechanism which works on current on older versions of MS Windows.

Several technology companies have confessed to being ransom victims, including Cloudflare and the password management specialist, LastPass. Recently. VMware urged users to patch their software to fix multiple vulnerabilities. The notice was later updated with a warning that threat actors now have exploit code to take advantage of an unpatched server.

Intrusive Data Collection

The increased threat to users is not limited to criminal  ransom exploits. Intrusive collection of personal user data by legitimate apps is also increasing. According to research published by crypto experts at The Money Mongers, Meta's new App Threads, designed as a competitor to TwitterX  is the most invasive of the 100 apps it studied. The other apps reviewed include Instagram, Facebook, Messenger, LinkedIn and Uber Eats.

According to this research, Threads collects as much as 86 per cent of its users’ personal data, a particular concern when around half of all the apps studied share their user data with third parties.

That may be defensible on the basis that in almost every case legitimate apps ask users to consent to their data being used for financial gain, however.  its doubtful that many users read the full terms & conditions before giving their consent.

NCC Group:    Kaspersky:    US Justice Dept:    ITWorld Canada:   Securelist:      MoneyMongers

Image: fernando arcos

You Might Also Read:

Cyber Risk & Ransomware In 2023:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Online Conflict In Gaza & Ukraine
Major Outage: British Library Suffers A Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

CERT.at

CERT.at

CERT.at is the Austrian national Computer Emergency Response Team.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

National Authority for Electronic Certification and Cyber Security (AKCESK)

National Authority for Electronic Certification and Cyber Security (AKCESK)

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

LUCY Security

LUCY Security

LUCY is the answer when you want to increase your IT security, maintain your cyber security awareness, or test your IT defenses.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

PureID

PureID

Protect your enterprise with PureAUTH #IAMFirewall, Resilient SSO platform, purpose built to provide Passwordless Authentication & Zero Trust Access, by default.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.

Cyber Grant

Cyber Grant

Cyber Grant excel in designing cybersecurity solutions for data protection. Our approach and vision, centered on ease-of-use, establish us as a benchmark in the industry for safeguarding information.