Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-02-05 10:15:32 |
Linux version of Royal Ransomware targets VMware ESXi servers (lien direct) |
Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines. [...] |
Ransomware
Malware
|
|
★★
|
|
2023-02-03 14:20:48 |
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide (lien direct) |
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. [...] |
Ransomware
Vulnerability
|
|
★★★
|
|
2023-02-02 09:13:26 |
Ransomware attack on ION Group impacts derivatives trading market (lien direct) |
The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and corporations for trading, investment management, and market analytics. [...] |
Ransomware
|
|
★★
|
|
2023-02-01 13:38:40 |
Arnold Clark customer data stolen in attack claimed by Play ransomware (lien direct) |
Arnold Clark, self-described as Europe's largest independent car retailer, is notifying some customers that their personal information has been stolen in a December 23 cyberattack claimed by the Play ransomware group. [...] |
Ransomware
|
|
★★★
|
|
2023-01-26 15:41:44 |
US offers $10M bounty for Hive ransomware links to foreign governments (lien direct) |
The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group (or other threat actors) with foreign governments. [...] |
Ransomware
Threat
|
|
★★
|
|
2023-01-26 10:14:55 |
(Déjà vu) Hive ransomware disrupted after FBI hacks gang\'s systems (lien direct) |
Today, the Hive ransomware Tor payment and data leak sites were seized as part of an international law enforcement operation involving the US Department of Justice, FBI, Secret Service, Europol, and Germany's BKA and Polizei. [...] |
Ransomware
|
|
★★
|
|
2023-01-26 10:14:55 |
Hive ransomware dark web sites seized by law enforcement (lien direct) |
Today, the Hive ransomware Tor payment and data leak sites were seized as part of an international law enforcement operation involving the US Department of Justice, FBI, Secret Service, Europol, and Germany's BKA and Polizei. [...] |
Ransomware
|
|
★
|
|
2023-01-24 18:07:45 |
Ransomware access brokers use Google ads to breach your network (lien direct) |
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks. [...] |
Ransomware
Threat
|
|
★★
|
|
2023-01-19 14:21:11 |
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner (lien direct) |
Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. [...] |
Ransomware
|
|
★★★
|
|
2023-01-16 07:15:34 |
Avast releases free BianLian ransomware decryptor (lien direct) |
Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. [...] |
Ransomware
Malware
|
|
★★
|
|
2023-01-13 19:17:55 |
The Week in Ransomware - January 13th 2023 - LockBit in the spotlight (lien direct) |
The LockBit ransomware operation has again taken center stage in the ransomware news, as we learned yesterday they were behind the attack on Royal Mail. [...] |
Ransomware
|
|
★★
|
|
2023-01-12 11:31:36 |
Vice Society ransomware claims attack on Australian firefighting service (lien direct) |
Australia's Fire Rescue Victoria has disclosed a data breach caused by a December cyberattack that is now claimed by the Vice Society ransomware gang. [...] |
Ransomware
Data Breach
|
|
★★
|
|
2023-01-05 17:58:30 |
Rackspace: Customer email data accessed in ransomware attack (lien direct) |
Rackspace revealed on Thursday that attackers behind last month's incident accessed some of its customers' Personal Storage Table (PST) files which can contain a wide range of information, including emails, calendar data, contacts, and tasks. [...] |
Ransomware
|
|
★
|
|
2023-01-03 15:13:35 |
Rail giant Wabtec discloses data breach after Lockbit ransomware attack (lien direct) |
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. [...] |
Ransomware
Data Breach
|
|
★★
|
|
2023-01-03 11:40:00 |
Royal ransomware claims attack on Queensland University of Technology (lien direct) |
The Royal ransomware gang has claimed responsibility for a recent cyberattack on the Queensland University of Technology and begun to leak data allegedly stolen during the security breach. [...] |
Ransomware
|
|
★★
|
|
2023-01-01 15:54:56 |
Ransomware gang cloned victim\'s website to leak stolen data (lien direct) |
The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim's site to publish stolen data on it. [...] |
Ransomware
|
|
★★★
|
|
2022-12-30 11:44:55 |
LockBit ransomware claims attack on Port of Lisbon in Portugal (lien direct) |
A cyberattack hitting the Port of Lisbon Administration (APL), the third-largest port in Portugal, on Christmas day has been claimed by the LockBit ransomware gang. [...] |
Ransomware
|
|
★★
|
|
2022-12-30 11:09:56 |
Canadian mining firm shuts down mill after ransomware attack (lien direct) |
The Copper Mountain Mining Corporation (CMMC), a Canadian copper mining company in British Columbia, has announced it has become the target of a ransomware attack that impacted its operations. [...] |
Ransomware
|
|
★★★
|
|
2022-12-28 13:40:37 |
Royal ransomware claims attack on Intrado telecom provider (lien direct) |
The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday. [...] |
Ransomware
|
|
★★
|
|
2022-12-28 08:54:26 |
Ransomware attack at Louisiana hospital impacts 270,000 patients (lien direct) |
The Lake Charles Memorial Health System (LCMHS) is sending out notices of a data breach affecting thousands of people who have received care at one of its medical centers. [...] |
Ransomware
Data Breach
Medical
|
|
★★
|
|
2022-12-22 08:00:00 |
FIN7 hackers create auto-attack platform to breach Exchange servers (lien direct) |
The notorious FIN7 hacking group uses an auto-attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. [...] |
Ransomware
|
|
★★★
|
|
2022-12-20 17:33:13 |
Ransomware gang uses new Microsoft Exchange exploit to breach servers (lien direct) |
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code execution (RCE) on vulnerable servers through Outlook Web Access (OWA). [...] |
Ransomware
Threat
|
|
★★
|
|
2022-12-19 16:40:52 |
Play ransomware claims attack on German hotel chain H-Hotels (lien direct) |
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages for the company. [...] |
Ransomware
|
|
★★★
|
|
2022-12-16 13:47:12 |
Colombian energy supplier EPM hit by BlackCat ransomware attack (lien direct) |
Colombian energy company Empresas Públicas de Medellín (EPM) suffered a BlackCat/ALPHV ransomware attack on Monday, disrupting the company's operations and taking down online services. [...] |
Ransomware
|
|
★★★
|
|
2022-12-14 13:24:00 |
Microsoft patches Windows zero-day used to drop ransomware (lien direct) |
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. [...] |
Ransomware
Malware
Vulnerability
Threat
|
|
★★
|
|
2022-12-13 16:24:20 |
LockBit claims attack on California\'s Department of Finance (lien direct) |
The Department of Finance in California has been the target of a cyberattack now claimed by the LockBit ransomware gang. [...] |
Ransomware
|
|
★★★
|
|
2022-12-12 18:34:25 |
Play ransomware claims attack on Belgium city of Antwerp (lien direct) |
The Play ransomware operation has claimed responsibility for a recent cyberattack on the Belgium city of Antwerp. [...] |
Ransomware
|
|
★
|
|
2022-12-11 11:22:33 |
(Déjà vu) Clop ransomware uses TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★★
|
|
2022-12-11 11:22:33 |
Clop ransomware partners with TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★
|
|
2022-12-09 14:51:48 |
Rackspace warns of phishing risks following ransomware attack (lien direct) |
Cloud computing provider Rackspace warned customers on Thursday of increased risks of phishing attacks following a ransomware attack affecting its hosted Microsoft Exchange environment. [...] |
Ransomware
|
|
★★
|
|
2022-12-08 15:27:11 |
CommonSpirit Health ransomware attack exposed data of 623,000 patients (lien direct) |
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack. [...] |
Ransomware
Threat
|
|
★★★
|
|
2022-12-06 10:31:18 |
Rackspace confirms outage was caused by ransomware attack (lien direct) |
Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage. [...] |
Ransomware
|
|
★★★
|
|
2022-12-05 15:41:11 |
Ransomware attack forces French hospital to transfer patients (lien direct) |
The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that hit on Saturday evening. [...] |
Ransomware
|
|
★★
|
|
2022-12-02 17:51:35 |
The Week in Ransomware - December 2nd 2022 - Disrupting Health Care (lien direct) |
This week's big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country's largest healthcare providers. [...] |
Ransomware
|
|
★★
|
|
2022-11-30 18:25:53 |
Keralty ransomware attack impacts Colombia\'s health care system (lien direct) |
The Keralty multinational healthcare organization suffered a RansomHouse ransomware attack on Sunday, disrupting the websites and operations of the company and its subsidiaries. [...] |
Ransomware
|
|
★★
|
|
2022-11-29 17:57:18 |
Trigona ransomware spotted in increasing attacks worldwide (lien direct) |
A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. [...] |
Ransomware
|
|
★★
|
|
2022-11-25 12:18:23 |
Vice Society ransomware claims attack on Cincinnati State college (lien direct) |
The Vice Society ransomware operation has claimed responsibility for a cyberattack on Cincinnati State Technical and Community College, with the threat actors now leaking data allegedly stolen during the attack. [...] |
Ransomware
Threat
|
|
★★
|
|
2022-11-20 10:07:14 |
(Déjà vu) New ransomware encrypts files, then steals your Discord account (lien direct) |
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] |
Ransomware
|
|
|
|
2022-11-20 10:07:14 |
New AxLocker ransomware encrypts files, then steals your Discord account (lien direct) |
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] |
Ransomware
|
|
|
|
2022-11-17 15:07:02 |
Previously unidentified ARCrypter ransomware expands worldwide (lien direct) |
A previously unknown 'ARCrypter' ransomware that compromised key organizations in Latin America is now expanding its attacks worldwide. [...] |
Ransomware
|
|
|
|
2022-11-09 11:43:27 |
Medibank warns customers their data was leaked by ransomware gang (lien direct) |
Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems. [...] |
Ransomware
|
|
|
|
2022-11-08 17:56:13 |
LockBit affiliate uses Amadey Bot malware to deploy ransomware (lien direct) |
A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. [...] |
Ransomware
Malware
|
|
|
|
2022-11-07 12:50:26 |
Ransomware gang threatens to release stolen Medibank data (lien direct) |
A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. [...] |
Ransomware
|
|
|
|
2022-11-03 14:25:59 |
LockBit ransomware claims attack on Continental automotive giant (lien direct) |
The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental. [...] |
Ransomware
|
|
|
|
2022-10-28 16:08:28 |
The Week in Ransomware - October 28th 2022 - Healthcare leaks (lien direct) |
This week, we learned of healthcare data leaks out of Australia, information about existing attacks, and reports on how ransomware gangs operate and partner with malware developers for initial access. [...] |
Ransomware
Malware
|
|
|
|
2022-10-27 14:05:38 |
Australian Clinical Labs says patient data stolen in ransomware attack (lien direct) |
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. [...] |
Ransomware
Data Breach
|
|
|
|
2022-10-25 04:49:21 |
Hive claims ransomware attack on Tata Power, begins leaking data (lien direct) |
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. In data leak screenshots seen by BleepingComputer, Hive operators are seen leaking data it claims to have stolen from Tata Power, indicating the ransom negotiations failed. [...] |
Ransomware
|
|
|
|
2022-10-24 10:51:38 |
Pendragon car dealer refuses $60 million LockBit ransomware demand (lien direct) |
Pendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt files and not leak them. [...] |
Ransomware
|
|
|
|
2022-10-21 06:00:00 |
BlackByte ransomware uses new data theft tool for double-extortion (lien direct) |
A BlackByte ransomware affiliate is using a new custom data stealing tool called 'ExByte' to steal data from compromised Windows devices quickly. [...] |
Ransomware
Tool
|
|
|
|
2022-10-20 11:03:41 |
OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) |
OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] |
Ransomware
Malware
|
|
|