VPN service favored by cybercriminals are forced to shutdown

DoubleVPN’s services were mainly promoted on Russian and English language underground hacking and cybercriminal forums, offering anonymity by hiding the identities and locations of various types of scammers, fraudsters, and even ransomware operators.

Three challenges to meet as businesses transition to working from anywhere

Change isn’t just about physical equipment or experiences, it’s also about mindset. The crisis forced change at a rate that many didn’t think possible. But to make these IT investments successful long-term means also changing the cultural mindset within the organisation, removing traditional biases around remote working and recognising that work is what you do, not where you do it.

Cisco Talos finds nearly 70% of ransomware attacks result from cybercrime tools

The top variants between November 2020 and January 2021 were Ryuk and Vatet. Cisco Talos has also observed variants of Egregor and WastedLocker continuing to target organizations across the globe.

Adversaries spend 250+ hours undetected in target networks on average

Ransomware featured in 81% of incidents and 69% of attacks involved the use of the remote desktop protocol (RDP) for lateral movement inside the network.

Remediation steps for the Microsoft Exchange Server Vulnerabilities

These vulnerabilities let adversaries access Exchange Servers and potentially gain long-term access to victims’ environments. While the Microsoft Threat Intelligence Center (MSTIC) attributes the initial campaign with high confidence to HAFNIUM.