Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-09 09:15:45 |
Medical software firm urges password resets after ransomware attack (lien direct) |
Medatixx, a German medical software vendor whose products are used in over 21,000 health institutions, urges customers to change their application passwords following a ransomware attack that has severely impaired its entire operations. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 19:11:32 |
U.S. offers $10 million reward for leaders of REvil ransomware (lien direct) |
The U.S. is offering up to $10 million for identifying or locating leaders in the REvil (Sodinokibi) ransomware operation, including $5 million leading to the arrest of affiliates. [...] |
Ransomware
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 13:26:45 |
(Déjà vu) US sanctions Chatex cryptoexchange used by ransomware gangs (lien direct) |
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 13:18:02 |
US seizes $6 million from REvil ransomware, arrest Kaseya hacker (lien direct) |
The United States Department of Justice today has announced charges against a REvil ransomware affiliate responsible for the attack against the Kaseya MSP platform on July 2nd and seizing more than $6 million from another REvil partner. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 09:51:57 |
REvil ransomware affiliates arrested in Romania and Kuwait (lien direct) |
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 09:27:49 |
(Déjà vu) MediaMarkt hit by Hive ransomware, initial $240 million ransom (lien direct) |
Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-08 09:27:49 |
Electronics retail giant MediaMarkt hit by ransomware attack (lien direct) |
Electronics retail giant MediaMarkt has suffered a ransomware attack causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-07 11:46:27 |
Operation Cyclone deals blow to Clop ransomware operation (lien direct) |
A thirty-month international law enforcement operation codenamed 'Operation Cyclone' targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. [...] |
Ransomware
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-05 18:05:04 |
The Week in Ransomware - November 5th 2021 - Placing bounties (lien direct) |
Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations. [...] |
Ransomware
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-05 12:03:55 |
FBI: Ransomware gangs hit several tribal-owned casinos in the last year (lien direct) |
The Federal Bureau of Investigation (FBI) says that multiple ransomware gangs have hit tribal entities over the last year, taking down their systems and impacting businesses and public services. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-04 15:03:45 |
Phishing emails deliver spooky zombie-themed MirCop ransomware (lien direct) |
A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-04 12:39:34 |
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware (lien direct) |
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware. [...] |
Ransomware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-04 07:22:01 |
(Déjà vu) Lockean multi-ransomware affiliates linked to attacks on French orgs (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-04 07:22:01 |
Lockean multi-RaaS affiliate linked to attacks against French businesses (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-03 13:22:25 |
(Déjà vu) UK Labour Party discloses data breach after ransomware attack (lien direct) |
The UK Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a third-party organization that was managing the party's data. [...] |
Ransomware
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-03 12:47:42 |
BlackMatter ransomware moves victims to LockBit after shutdown (lien direct) |
With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware site for continued extortion. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-03 01:59:46 |
BlackMatter ransomware claims to be shutting down due to police pressure (lien direct) |
The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 07:59:18 |
FBI: Ransomware targets companies during mergers and acquisitions (lien direct) |
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 10:13:59 |
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-30 11:02:01 |
Chaos ransomware targets gamers via fake Minecraft alt lists (lien direct) |
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 17:43:14 |
The Week in Ransomware - October 29th 2021 - Making arrests (lien direct) |
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 05:07:49 |
(Déjà vu) Police arrest hackers behind over 1,800 ransomware attacks (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 05:07:49 |
Police arrest criminals behind Norsk Hydro ransomware attack (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 09:02:21 |
Ransomware gangs use SEO poisoning to infect visitors (lien direct) |
Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 07:26:09 |
German investigators identify REvil ransomware gang core member (lien direct) |
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 16:37:26 |
NRA: No comment on Russian ransomware gang attack claims (lien direct) |
The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 14:35:13 |
Free decryptor released for Atom Silo and LockFile ransomware (lien direct) |
Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] |
Ransomware
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:52:12 |
Babuk ransomware decryptor released to recover files for free (lien direct) |
Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...] |
Ransomware
Tool
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:00:00 |
(Déjà vu) Malicious NPM libraries install ransomware, password stealer (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:00:00 |
Malicious Roblox NPMs drop ransomware and password stealers (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-26 09:59:00 |
FBI: Ranzy Locker ransomware hit at least 30 US companies this year (lien direct) |
The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-25 10:31:42 |
Hackers used billing software zero-day to deploy ransomware (lien direct) |
An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-24 11:27:06 |
BlackMatter ransomware victims quietly helped using secret decryptor (lien direct) |
Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-22 17:47:32 |
The Week in Ransomware - October 22nd 2021 - Striking back (lien direct) |
Between law enforcement operations, REvil's second shut down, and ransomware gangs' response to the hacking of their servers, it has been quite the week. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-22 14:02:21 |
DarkSide ransomware rushes to cash out $7 million in Bitcoin (lien direct) |
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-22 11:48:53 |
Groove ransomware calls on all extortion gangs to attack US interests (lien direct) |
The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-22 10:06:38 |
Italian celebs\' data exposed in ransomware attack on SIAE (lien direct) |
The Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) has announced an investigation into a data breach of the country's copyright protection agency. [...] |
Ransomware
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-21 15:07:54 |
Evil Corp demands $40 million in new Macaw ransomware attacks (lien direct) |
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-21 12:24:13 |
(Déjà vu) Hacking gang creates fake firm to hire pentesters for ransomware attacks (lien direct) |
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-21 12:24:13 |
FIN7 tries to trick pentesters into launching ransomware attacks (lien direct) |
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-19 10:51:19 |
(Déjà vu) BlackByte ransomware decryptor released to recover files for free (lien direct) |
A free decryptor for the BlackByte ransomware has been released, allowing past victims to recover their files for free. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-19 08:00:00 |
New Karma ransomware group likely a Nemty rebrand (lien direct) |
Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang. [...] |
Ransomware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 18:03:04 |
(Déjà vu) FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 18:03:04 |
FBI, CISA, NSA shares defense tips for BlackMatter ransomware attacks (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 10:55:01 |
Suspected Chinese hackers behind attacks on ten Israeli hospitals (lien direct) |
A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 05:52:47 |
(Déjà vu) Sinclair TV stations crippled by weekend ransomware attack (lien direct) |
TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer the downtime was caused by a ransomware attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 05:52:47 |
Ransomware attack likely behind Sinclair TV stations downtime (lien direct) |
TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer the downtime was caused by a ransomware attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-17 19:19:46 |
REvil ransomware shuts down again after Tor sites were hijacked (lien direct) |
The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-15 16:35:36 |
The Week in Ransomware - October 15th 2021 - Disrupting ransoms (lien direct) |
This week, senior officials from over thirty countries held virtual conferences on disrupting ransomware operations and attacks. [...] |
Ransomware
|
|
|