noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

UC Davis Health System

What to know about HPV, the HPV vaccine and cervical cancer screening
City of New York, NY

Transcript: Mayor Adams releases FY25 Executive Budget and Holds Q-and-A
M&T Bank Corporation

M&T Bank Corporation to Participate in the RBC Capital Markets US Banks[...]

Technology

BlackBerry Ltd.

08/01/2021 | News release | Distributed by Public on 08/02/2021 10:23

BlackBerry Protects Against RansomEXX Ransomware Attacks

RESEARCH & INTELLIGENCE / 08.01.21 / The Cylance Research and Intelligence Team

A RansomEXX ransomware attack has paralyzed Ecuador's state-run telecom provider Corporación Nacional de Telecomunicaciones (CNT) and prompted the Ecuadorian government to declare a state of 'institutional emergency.' The attack left CNT security professionals scrambling to restore services and keep customers' information safe.

First seen in mid-2020, RansomEXX is a ransomware variant designed to target Windows® OS users. Considered to be operated by a threat group dubbed Gold Dupont, RansomEXX is considered a 'big-game hunter,' since it targets larger organizations that can afford to pay huge ransoms to get their compromised systems restored. The group has been linked to similar attacks on high profile victims, including Konica Minolta and The Texas Department of Transportation (TxDOT).

The cybercriminals behind RansomEXX appear to have ploughed some of their profits back into R&D, creating a Linux® version designed to target the Linux-based internal systems that many companies rely on in their production environments. This new method of attack has become a rising trend among big game hunter criminals, such as the groups behind recent attacks using Mespinoza (Pysa) and other ransomware variants.

BlackBerry Protects Against RansomEXX

The BlackBerry Research & Intelligence Team has analyzed the attack methods used by this threat, and in addition to recommending basic cyber hygiene steps, strongly urges BlackBerry customers to ensure their systems have the following BlackBerry® Cyber Suite components enabled with a blocking policy.

BlackBerry Cyber Suite and BlackBerry Guard stop these attacks.

BlackBerry customers can feel confident that our AI-driven BlackBerry Cyber Suite, as well as our Managed Detection & Response (MDR) solution BlackBerry® Guard, are all well-equipped to mitigate the risks posed by threat actors like those behind RansomEXX:

BlackBerry® Protect provides automated malware prevention, application and script control, memory protection, and device policy enforcement.
BlackBerry® Optics extends the threat prevention by using artificial intelligence (AI) to prevent security incidents. It provides true AI-based incident prevention, root cause analysis, smart threat hunting, and automated detection and response capabilities.
The BlackBerry Mobile Threat Detection solution prevents and detects advanced malicious threats at the device and application levels. It combines the mobile endpoint management capabilities of BlackBerry® Unified Endpoint Manager with advanced AI-driven threat protection, to get in front of malicious cyberattacks in a Zero Trust environment.
BlackBerry® Persona creates trust based on behavior analytics, app usage, and network and process invocation patterns. It uses adaptive risk scoring to provide continuous authentication.
BlackBerry Guard customers are proactively protected against RansomEXX attacks. Our 24/7 MDR solution customers receive:
- Alerts monitored in real-time
- Corrective policies applied while discovering gaps in policy implementation
- Prioritized threat hunting
- The latest threat intelligence for fast-moving threats

At BlackBerry, we take a prevention-first and artificial-intelligence-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill-chain.

By stopping malware at this stage, BlackBerry® solutions help organizations increase their resilience. It also helps reduce infrastructure complexity and streamline security management to ensure business, people, and endpoints are secure.

BlackBerry Assistance

The BlackBerry Incident Response team can work with organizations of any size and across any vertical, to evaluate and enhance their endpoint security posture and proactively maintain the security, integrity, and resilience of their network infrastructure.

For emergency assistance, please email us at [email protected], or use our handraiser form.

Learn more about the latest cybersecurity threats and threat actors in the BlackBerry 2021 Annual Threat Report.

About The Cylance Research and Intelligence Team

Exploring the boundaries of the information security field

The Cylance Research and Intelligence team explores the boundaries of the information security field identifying emerging threats and remaining at the forefront of attacks. With insights gained from these endeavors, Cylance stays ahead of the threats.

Back

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format