Over the past two weeks, we saw the new blog from TrendMicro presenting “A deep dive into the evolution of ransomware – Part 1”. Also more relevant news such as “Social engineering – A Coinbase case study”

For more articles, check out our #onpatrol4malware blog.

Ukraine invasion blew up Russian cybercrime alliances

Source: The Register

The so-called “brotherhood” or Russian-speaking cybercriminals is yet another casualty of the war in Ukraine, albeit one that few outside of Moscow are mourning. Read more.

Defenders on high alert as backdoor attacks become more common

Source: Help Net Security

Although ransomware’s share of incidents declined only slightly from 2021 to 2022, defenders were more successful detecting and preventing ransomware, according to IBM. Read more.

Critical SQL injection vulnerabilities in MISP (fixed in v2.4.166 and v2.4.167)

Source: MISP Threat Sharing

MISP received two separate reports of two unrelated SQLi vector vulnerabilities in MISP that can lead to any authenticated user being able to execute arbitrary SQL queries in MISP. Read more.

Back in Black… Basta – Technical analysis of BlackBasta Ransomware 2.0

Source: zscaler

Zscaler ThreatLabz has been tracking prominent ransomware families and their tactics, techniques and procedures (TTPs) including the BlackBasta ransomware family. Read more.

A deep dive into the evolution of ransomware – Part 1

Source: TrendMicro

It appears that geopolitical events such as Russia’s 2022 invasion of Ukraine can be triggers for this change along with proactive defence strategies employed by authorities’ network hardening tools. Read more.

Social engineering – A Coinbase case study

Source: coinbase

Dealing with such a large number of adversaries and cybersecurity challenges is one of the reasons why I find Coinbase to be such an interesting place to work. Read more.