Cybercrime

The debate around banning ransomware payments is highly nuanced, and we must take care to avoid overt victim-blaming, in favour of an open and honest approach, says SASIG’s Martin Smith

https://www.computerweekly.com/opinion/The-ransomware-debate-to-pay-or-not-to-pay

Ransomware attacks against public and private sector bodies in the UK have surged in recent years, according to a new report by the government’s cyber security agency.

https://www.pinsentmasons.com/out-law/news/ransomware-attacks-surge-across-uk

A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets

https://www.computerweekly.com/news/252509689/Alert-over-spate-of-Iran-linked-BitLocker-attacks

The operators of a new ransomware called Memento are quick to retool for ‘success’ if they run up against a competent defender, says Sophos

https://www.computerweekly.com/news/252509698/Memento-ransomware-gang-quick-to-retool-for-optimum-outcome

National Cyber Security Centre has helped to thwart multiple cyber incidents that could have seriously disrupted the UK’s response to the pandemic

https://www.computerweekly.com/news/252509550/One-fifth-of-NCSC-supported-cyber-incidents-linked-to-Covid-19

Europol said the two suspected REvil affiliates were allegedly responsible for 5,000 ransomware infections and received approximately half a million euros in ransom payments.

https://searchsecurity.techtarget.com/news/252509234/REvil-ransomware-affiliates-arrested-in-international-takedown

Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited

https://www.computerweekly.com/news/252509331/November-Patch-Tuesday-drop-fixes-bugs-in-Excel-Exchange-Server

US government puts up a $10m reward for information on the DarkSide ransomware gang, the group that attacked Colonial Pipeline six months ago

https://www.computerweekly.com/news/252509151/US-offers-10m-reward-for-intel-on-DarkSide-ransomware-gang

A botnet of "thousands of compromised GitLab instances" is reportedly launching powerful DDoS attacks through a known vulnerability that patched months ago, according to a Google security engineer.

https://searchsecurity.techtarget.com/news/252509093/DDoS-botnet-exploiting-known-GitLab-vulnerability

Businesses and governments have been put on alert to guard against Trojan Source hacking attacks

https://www.computerweekly.com/news/252508879/Businesses-and-governments-urged-to-take-action-over-Trojan-Source-supply-chain-attacks