Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-06-04 13:13:47 |
(Déjà vu) Business services giant Conduent hit by Maze Ransomware (lien direct) |
The Maze Ransomware operators are claiming to have successfully attacked business services giant Conduent, where they stole unencrypted files and encrypted devices on their network. [...] |
Ransomware
|
|
|
|
2020-06-04 13:13:47 |
Business services giant Conduent allegedly hit by Maze Ransomware (lien direct) |
The Maze Ransomware operators are claiming to have successfully attacked business services giant Conduent, where they stole unencrypted files and encrypted devices on their network. [...] |
Ransomware
|
|
|
|
2020-06-04 11:00:00 |
New Tycoon ransomware targets both Windows and Linux systems (lien direct) |
A new human-operated ransomware strain is being deployed in highly targeted attacks targeting small to medium size organizations in the software and education industries since at least December 2019. [...] |
Ransomware
|
|
|
|
2020-06-03 17:42:44 |
Netwalker ransomware continues assault on US colleges, hits UCSF (lien direct) |
The Netwalker Ransomware operators claim to have successfully attacked the University of California San Francisco (UCSF), stolen unencrypted data, and encrypted their computers. [...] |
Ransomware
|
|
|
|
2020-06-03 01:08:54 |
Ransomware gangs team up to form extortion cartel (lien direct) |
Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence. [...] |
Ransomware
|
|
|
|
2020-06-02 13:59:35 |
REvil ransomware creates eBay-like auction site for stolen data (lien direct) |
The operators of the REvil ransomware have launched a new auction site used to sell victim's stolen data to the highest bidder. [...] |
Ransomware
|
|
|
|
2020-06-01 03:32:00 |
Ransomware locks down the Nipissing First Nation (lien direct) |
The Nipissing First Nation administration stopped a ransomware attack in its tracks but not soon enough to prevent disruption of communications. [...] |
Ransomware
|
|
|
|
2020-05-29 17:51:52 |
The Week in Ransomware - May 29th 2020 - Quiet before the storm? (lien direct) |
For the most part, this week has been fairly quiet with not a lot of new ransomware released and only a few large-scale ransomware attacks. [...] |
Ransomware
|
|
|
|
2020-05-28 13:02:39 |
Michigan State University network breached in ransomware attack (lien direct) |
Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution's network will be leaked to the public. [...] |
Ransomware
Threat
|
|
|
|
2020-05-27 09:52:35 |
Ransomware\'s big jump: ransoms grew 14 times in one year (lien direct) |
Ransomware has become one of the most insidious threats in the past couple of years, with actors scaling up their operations to the point that the average ransom demand increased more than 10 times in one year. [...] |
Ransomware
|
|
|
|
2020-05-26 12:51:22 |
List of ransomware that leaks victims\' stolen files if not paid (lien direct) |
Starting last year, ransomware operators have escalated their extortion strategies by stealing files from victims before encrypting their data. These stolen files are then used as further leverage to force victims to pay. [...] |
Ransomware
|
|
★★★
|
|
2020-05-26 12:23:33 |
New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map (lien direct) |
A new ransomware threat called [F]Unicorn has been encrypting computers in Italy by tricking victims into downloading a fake contact tracing app that promises to bring real-time updates for COVID-19 infections. [...] |
Ransomware
Threat
|
|
★★★
|
|
2020-05-24 11:29:00 |
Hackers leak credit card info from Costa Rica\'s state bank (lien direct) |
Maze ransomware operators have published credit card data stolen from the Bank of Costa Rica (BCR). They threaten to leak similar files on a weekly basis. [...] |
Ransomware
|
|
|
|
2020-05-22 15:59:49 |
The Week in Ransomware - May 22nd 2020 - Constantly Innovating (lien direct) |
Ransomware operators continue to leak data for their victims and develop new ways to infect victims without being detected by security software. [...] |
Ransomware
|
|
|
|
2020-05-22 11:51:22 |
Ransomware encrypts from virtual machines to evade antivirus (lien direct) |
Ragnar Locker is deploying Windows XP virtual machines to encrypt victim's files while evading detecting from security software installed on the host. [...] |
Ransomware
|
|
|
|
2020-05-21 14:32:10 |
Hackers tried to use Sophos Firewall zero-day to deploy Ransomware (lien direct) |
Hackers tried to exploit a zero-day in the Sophos XG firewall to distribute ransomware to Windows machines but were blocked by a hotfix issued by Sophos. [...] |
Ransomware
|
|
|
|
2020-05-20 17:06:32 |
Vigilante hackers target \'scammers\' with ransomware, DDoS attacks (lien direct) |
A hacker has been taking justice into their own hands by targeting "scam" companies with ransomware and denial of service attacks. [...] |
Ransomware
|
|
|
|
2020-05-20 14:36:55 |
Snake ransomware leaks patient data from Fresenius Medical Care (lien direct) |
Medical data and personally identifiable information belonging to patients at a Fresenius Medical Care unit are currently available online on a paste website. [...] |
Ransomware
|
|
|
|
2020-05-19 11:27:39 |
NetWalker adjusts ransomware operation to only target enterprise (lien direct) |
NetWalker ransomware group is moving away from phishing for malware distribution and has adopted a network-intrusion model focusing on huge businesses only. [...] |
Ransomware
Malware
|
|
|
|
2020-05-18 19:51:59 |
REvil Ransomware found buyer for Trump data, now targeting Madonna (lien direct) |
REvil ransomware group claims to have buyers ready for documents containing damaging information about US President Donald Trump and is preparing to auction data on international celebrity Madonna. [...] |
Ransomware
|
|
|
|
2020-05-18 09:32:20 |
Ransomware attack impacts Texas Department of Transportation (lien direct) |
A new ransomware attack is affecting the Texas government. This time, hackers got into the network of the state's Department of Transportation (TxDOT). [...] |
Ransomware
|
|
|
|
2020-05-18 03:36:00 |
FBI warns of ProLock ransomware decryptor not working properly (lien direct) |
Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. [...] |
Ransomware
Threat
|
|
|
|
2020-05-16 14:13:38 |
The Week in Ransomware - May 15th 2020 - REvil targets Trump (lien direct) |
This week, we saw some interesting news about ransomware features being added and continued attackers against high profile victims. [...] |
Ransomware
|
|
|
|
2020-05-15 12:45:28 |
Wannabe ransomware operators arrested before hospital attacks (lien direct) |
Law enforcement in Romania today arrested a group of individuals that were planning ransomware attacks against healthcare institutions in the country. [...] |
Ransomware
|
|
|
|
2020-05-15 07:15:00 |
Ransomware recruits affiliates with huge payouts, automated leaks (lien direct) |
The Netwalker ransomware operation is recruiting potential affiliates with the possibility of million-dollar payouts and an auto-publishing data leak blog to help drive successful ransom payments. [...] |
Ransomware
|
|
|
|
2020-05-14 12:02:44 |
ProLock Ransomware teams up with QakBot trojan for network access (lien direct) |
ProLock is a relatively new malware on the ransomware scene but has quickly attracted attention by targeting businesses and local governments and demanding huge ransoms for file decryption. [...] |
Ransomware
Malware
|
|
|
|
2020-05-13 10:51:36 |
Ransomware now demands extra payment to delete stolen files (lien direct) |
A ransomware family has begun a new tactic of not only demanding a ransom for a decryptor but also demanding a second ransom not to publish files stolen in an attack. [...] |
Ransomware
|
|
|
|
2020-05-12 18:01:57 |
Healthcare giant Magellan Health hit by ransomware attack (lien direct) |
Fortune 500 company Magellan Health Inc announced today that it was the victim of a ransomware attack on April 11, 2020, which led to the theft of personal information from one of its corporate servers. [...] |
Ransomware
|
|
|
|
2020-05-11 15:28:15 |
Texas Courts hit by ransomware, network disabled to limit spread (lien direct) |
The Texas court system was hit by ransomware on Friday night, May 8th, which led to the branch network including websites and servers being disabled to block the malware from spreading to other systems. [...] |
Ransomware
Malware
|
|
|
|
2020-05-11 12:41:46 |
Maze ransomware fails to encrypt Pitney Bowes, steals files (lien direct) |
Global business services company Pitney Bowes recently stopped an attack from Maze ransomware operators before the encryption routine could be deployed but the actor still managed to steal some data. [...] |
Ransomware
|
|
|
|
2020-05-10 10:18:32 |
Sodinokibi ransomware can now encrypt open and locked files (lien direct) |
The Sodinokibi (REvil) ransomware has added a new feature that makes it easier to encrypt all files, even those that are opened and locked by another process. [...] |
Ransomware
|
|
|
|
2020-05-08 18:43:14 |
The Week in Ransomware - May 8th 2020 - Attacks Continue (lien direct) |
Ransomware operators continue their worldwide attacks against healthcare organizations and businesses, while leaking the data of victims who do not pay a ransom. [...] |
Ransomware
|
|
|
|
2020-05-08 11:33:50 |
REvil ransomware threatens to leak A-list celebrities\' legal docs (lien direct) |
The Sodinokibi ransomware group threatens to release hundreds of gigabytes of legal documents from a prominent entertainment and law firm that counts dozens of international stars as their clients. [...] |
Ransomware
|
|
|
|
2020-05-06 15:20:14 |
Large scale Snake Ransomware campaign targets healthcare, more (lien direct) |
The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. [...] |
Ransomware
|
|
|
|
2020-05-05 14:35:44 |
Toll Group hit by ransomware a second time, deliveries affected (lien direct) |
The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware. [...] |
Ransomware
|
|
|
|
2020-05-04 17:09:11 |
LockBit ransomware self-spreads to quickly encrypt 225 systems (lien direct) |
A feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. [...] |
Ransomware
Threat
|
|
|
|
2020-05-04 15:18:12 |
New VCrypt Ransomware locks files in password-protected 7ZIPs (lien direct) |
A new ransomware called VCrypt is targeting French victims by utilizing the legitimate 7zip command-line program to create password-protected archives of data folders. [...] |
Ransomware
|
|
|
|
2020-05-02 11:30:00 |
Sodinokibi, Ryuk ransomware drive up average ransom to $111,000 (lien direct) |
The first quarter of the year recorded an increase of the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware operators. [...] |
Ransomware
|
|
|
|
2020-05-01 18:19:52 |
The Week in Ransomware - May 1st 2020 - Banishing the Shade (lien direct) |
For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...] |
Ransomware
Threat
|
|
|
|
2020-05-01 13:00:25 |
New phishing campaign packs an info-stealer, ransomware punch (lien direct) |
A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware. [...] |
Ransomware
Malware
|
|
|
|
2020-04-30 15:21:25 |
Shade Ransomware Decryptor can now decrypt over 750K victims (lien direct) |
Kaspersky has released an updated decryptor for the Shade Ransomware (Troldesh) that allows all victims who have their files encrypted to recover them for free. [...] |
Ransomware
|
|
|
|
2020-04-30 11:00:12 |
Clop ransomware leaks ExecuPharm\'s files after failed ransom (lien direct) |
Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. [...] |
Ransomware
|
|
|
|
2020-04-28 14:04:30 |
Microsoft releases guidance on blocking ransomware attacks (lien direct) |
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems. [...] |
Ransomware
Patching
|
|
|
|
2020-04-28 07:24:28 |
Lucy malware for Android adds file-encryption for ransomware ops (lien direct) |
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...] |
Ransomware
Malware
Threat
|
|
|
|
2020-04-27 11:47:31 |
Shade Ransomware shuts down, releases 750K decryption keys (lien direct) |
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...] |
Ransomware
|
|
|
|
2020-04-24 19:09:31 |
The Week in Ransomware - April 24th 2020 - High Profile Attacks (lien direct) |
There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals. [...] |
Ransomware
|
|
|
|
2020-04-23 17:32:22 |
SeaChange video platform allegedly hit by Sodinokibi ransomware (lien direct) |
A video delivery platform company is the latest victim of the Sodinokibi Ransomware, who has posted images of data they claim to have stolen from the company during a cyberattack. [...] |
Ransomware
|
|
|
|
2020-04-21 16:34:25 |
DoppelPaymer Ransomware hits Los Angeles County city, leaks files (lien direct) |
The City of Torrance of the Los Angeles metropolitan area, California, has allegedly been attacked by the DoppelPaymer Ransomware, having unencrypted data stolen and devices encrypted. [...] |
Ransomware
|
|
|
|
2020-04-18 13:45:29 |
IT services giant Cognizant suffers Maze Ransomware cyber attack (lien direct) |
Information technologies services giant Cognizant suffered a cyber attack Friday night allegedly by the operators of the Maze Ransomware, BleepingComputer has learned. [...] |
Ransomware
|
|
|
|
2020-04-18 10:00:00 |
US govt: Hacker used stolen AD credentials to ransom hospitals (lien direct) |
Hackers have deployed ransomware on the systems of U.S. hospitals and government entities using Active Directory credentials stolen months after exploiting a known remote code execution (RCE) vulnerability in their Pulse Secure VPN servers. [...] |
Ransomware
Vulnerability
|
|
|