Image depicting a URL in the browser's address bar.
Threat Intelligence

Campaign TypoSquatting PyPI Packages with Malicious Packages Containing Crypto Wallet Replacing Malware

Posted on February 14, 2023

By Lee Clark, RH-ISAC Cyber Threat Intel Analyst & Writer

On February 10, 2023, Phylum security researchers reported a resurgence in a previously seen campaign typosquatting legitimate Python PyPI packages with malicious packages to deliver a malware with cryptocurrency wallet clipboard replacing capabilities. Context  In November 2022, Phylum reported a similar campaign “in which threat actors attempted to replace cryptocurrency addresses in developer clipboards with…

Read More
International Airline Service Interruptions
Threat Intelligence

International Airline Service Interruptions

Posted on May 26, 2022

By Lee Clark, Cyber Threat Intelligence Analyst & Writer

Context On May 25, 2022, multiple flights in India were grounded for several hours after the airline confirmed a ransomware attack on their internal systems that also disrupted their website functionality. On May 26, 2022, a small airline cancelled all flights leaving Gatwick in the United Kingdom from 1 to 3 p.m. BST due to…

Read More
5 Most Common Types of Ransomware
Ransomware

5 Most Common Ransomware Types in 2022

Posted on March 3, 2022

By Natalie Paskoski, RH-ISAC Manager of Marketing & Communications

Colonial Pipeline. JBS. Kaseya. 2021 was a record year for high-profile, expensive ransomware attacks. In 2022 we can only expect this to continue, as ransomware-as-a-service expands threat actor accessibility to tools, and new double/triple extortion ransomware attacks raise potential profits even higher. Although the retail and hospitality sector has not been hit nearly as hard…

Read More