Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-31 20:00:00 |
Raspberry Robin worm used as ransomware prelude (lien direct) |
>Categories: NewsCategories: RansomwareTags: Raspberry Robin
Tags: FakeUpdates
Tags: LockBit
Tags: Clop
Tags: ransomware
Microsoft warns that the Raspberry Robin worm has triggered payload alerts on devices of almost 1,000 organizations in the past 30 days and is used to introduce ransomware.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-26 23:45:00 |
US agencies issue warning about DAIXIN Team ransomware (lien direct) |
>Categories: NewsCategories: RansomwareTags: DAIXIN
Tags: FBI
Tags: CISA
Tags: HHS
Tags: ransomware team
Tags: DAIXIN Team
Tags: ransomware
The FBI, CISA, and HSH have issued a joint advisory about a new threat to healthcare organizations
(Read more...)
|
Threat
Ransomware
|
|
★★
|
|
2022-10-20 11:15:00 |
Venus ransomware targets remote desktop services (lien direct) |
>Categories: NewsTags: Venus Ransomware
Tags: RDP
Tags: remote desktop services
Tags: encrypt
Tags: fraud
Tags: ransom
We take a look at reports of Venus ransomware targeting remote desktop services/RDP.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-19 19:45:00 |
Ransomware attack freezes newspaper printing system (lien direct) |
>Categories: NewsCategories: RansomwareStimme Mediengruppe, a German media group, halted production of printed newspapers after a ransomware attack on Friday.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-19 11:00:00 |
DeadBolt ransomware gang tricked into giving victims free decryption keys (lien direct) |
>Categories: NewsCategories: RansomwareTags: Dutch
Tags: law enforcement
Tags: DeadBolt
Tags: ransomware
Tags: decryption keys
Tags: responders.nu
With the idea provided by an incident response company, Dutch police used a clever trick to get 150 DeadBolt ransomware decryption keys for free.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-12 16:15:00 |
Top 5 ransomware detection techniques: Pros and cons of each (lien direct) |
>Categories: BusinessDetecting ransomware can be tricky. Attackers use obfuscation and evasion techniques to avoid detection, and new ransomware variants are produced every day. In this post, we look at five ransomware detection techniques and their pros and cons.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-04 11:00:00 |
Ransomware review: September 2022 (lien direct) |
>Categories: Threat IntelligenceIn September, LockBit accounted for almost half of all known ransomware attacks.
(Read more...)
|
Ransomware
|
|
|
|
2022-10-04 08:00:00 |
Ransomware-affected school district refuses to pay, gets stolen data released (lien direct) |
>Categories: NewsTags: compromise
Tags: ransomware
Tags: leak
Tags: extortion
Tags: LAUSD
Data stolen from Los Angeles Unified School District has been leaked online, after staff refused to pay the ransom related to a ransomware attack.
(Read more...)
|
Ransomware
|
|
|
|
2022-09-26 13:30:00 |
Calling in the ransomware negotiator, with Kurtis Minder: Lock and Code S03E20 (lien direct) |
>Categories: PodcastThis week on Lock and Code, we speak with Kurtis Minder, CEO of GroupSense, about how a company decides to bring in a ransomware negotiator when it's hit with the destructive malware.
(Read more...)
|
Ransomware
|
|
|
|
2022-09-23 09:00:00 |
A first look at the builder for LockBit 3.0 Black (lien direct) |
>Categories: NewsCategories: RansomwareTags: LockBit
Tags: builder
Tags: leaked
The LockBit gang's latest ransomware builder has been leaked, and we have a copy
(Read more...)
|
Ransomware
|
|
|
|
2022-09-08 12:00:00 |
Ransomware review: August 2022 (lien direct) |
>Categories: Threat IntelligenceLockBit remained the dominant ransomware variant in August, as it has all year. At the other end of the scale REvil's revival in slow motion continued with a single victim listed.
(Read more...)
|
Ransomware
|
|
|
|
2022-09-07 12:00:00 |
Warning issued about Vice Society ransomware targeting the education sector (lien direct) |
>Categories: NewsCategories: RansomwareTags: FBI
Tags: CISA
Tags: StopRansomware
Tags: Vice Society
Tags: HelloKitty
Tags: SonicWall
Tags: PrintNightmare
Tags: LAUSD
The FBI, CISA, and the MS-ISAC have released a joint Cybersecurity Advisory after observing Vice Society threat actors disproportionately targeting the education sector with ransomware attacks.
(Read more...)
|
Threat
Ransomware
|
|
|
|
2022-08-17 09:00:00 |
Ransomwater confusion, does the criminal know who the victim is? (lien direct) |
>Categories: NewsCategories: RansomwareTags: ransomware
Tags: Clop
Tags: Thames Water
Tags: hoax
Tags: South Staffs Water
Tags: vital infrastructure
The Clop ransomware gang made a mistake in identifying who exactly their victim was, but they got it right in the end
(Read more...)
|
Ransomware
|
|
|
|
2022-08-16 14:45:00 |
CISA and FBI issue alert about Zeppelin ransomware (lien direct) |
>Categories: NewsCategories: RansomwareTags: Zeppelin
Tags: ransomware
Tags: RDP
Tags: Sonicwall
Tags: phishing
Tags: malvertising
Tags: backups
Tags: authentication
Tags: mfa
Tags: patching
Tags: EDR
The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) to raise awareness about Zeppelin ransomware
(Read more...)
|
Ransomware
|
|
|
|
2022-08-09 12:00:00 |
Can your EDR handle a ransomware attack? 6-point checklist for an anti-ransomware EDR (lien direct) |
>Categories: BusinessIn this post, a cybersecurity expert gives his 6-point checklist of features your EDR should have to stop ransomware.
(Read more...)
|
Ransomware
|
|
|
|
2022-08-04 20:48:37 |
Ransomware review: July 2022 (lien direct) |
>BlackBasta lined up behind LockBit as the second most prevalent ransomware in July, a number of new gangs appeared, and an old one reappeared
|
Ransomware
|
|
|
|
2022-08-04 13:19:33 |
Ransomware protection with Malwarebytes EDR: Your FAQs, answered! (lien direct) |
>Malwarebytes security experts answer some of your most frequently asked questions about ransomware and how our EDR can help.
|
Ransomware
|
|
|
|
2022-07-29 16:33:28 |
The ransomware landscape changes as fewer victims decide to pay (lien direct) |
>A considerable drop in the median of ransom payments and several other circumstances are causing the ransomware landscape to change.
|
Ransomware
|
|
|
|
2022-07-27 11:56:55 |
Simplifying the fight against ransomware: An expert explains (lien direct) |
>Fighting against ransomware can be difficult-especially if your organization has limited IT resources to begin with. But Adam Kujawa, security evangelist and director of Malwarebytes Labs, has a few tips for overburdened IT folks looking to simplify their fight against ransomware. In this post, we'll break down Kujawa's observations about ransomware and three tips on...
|
Ransomware
|
|
|
|
2022-07-21 14:27:14 |
Demo: Your data has been encrypted! Stopping ransomware attacks with Malwarebytes EDR (lien direct) |
>Malwarebytes Endpoint Detection and Response can fight-and defeat-advanced ransomware that other security solutions miss. In this post, we'll walk through what it looks like to deal with a ransomware attack using Malwarebytes EDR.
|
Ransomware
|
|
|
|
2022-07-20 15:50:14 |
Another ransomware payment recovered by the Justice Department (lien direct) |
>The Justice Department announced it was able to forfeit ransomware payments made by health care organizations in Kansas and Colorado.
|
Ransomware
|
|
|
|
2022-07-14 16:09:41 |
Elden Ring maker Bandai Namco hit by ransomware and data leaks (lien direct) |
>We take a look at a major ransomware attack impacting video game giant Bandai Namco, laced with the potential threat of data leakage.
|
Threat
Ransomware
|
|
|
|
2022-07-10 21:43:29 |
North Korean APT targets US healthcare sector with Maui ransomware (lien direct) |
CISA warns of an unusual ransomware.
|
Ransomware
|
|
|
|
2022-07-01 21:40:25 |
Ransomware review: June 2022 (lien direct) |
>LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
|
Threat
Ransomware
|
|
|
|
2022-07-01 18:21:06 |
AstraLocker 2.0 ransomware isn\'t going to give you your files back (lien direct) |
Through malice or carelessness, AstraLocker breaks the "circle of trust".
|
Ransomware
|
|
|
|
2022-06-23 16:54:11 |
Conti ransomware disappears-did it fake its own death? (lien direct) |
>The leak site essential to the operation of Conti ransomware has disappeared, but everything may not be as it appears.
|
Ransomware
|
|
|
|
2022-06-23 15:51:59 |
Dial 311 for… cybersecurity emergencies? (lien direct) |
Cybersecurity experts want a hotline for SMBs to further encourage cyber incident reporting, especially those involving ransomware attacks.
|
Ransomware
|
|
|
|
2022-06-14 12:43:08 |
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft (lien direct) |
Microsoft has warned of APT groups and ransomware authors exploiting the now patched Confluence vulnerability. We take a look at the dangers.
|
Ransomware
|
|
★★★★
|
|
2022-06-09 13:50:41 |
BlackBasta is the latest ransomware to target ESXi virtual machines on Linux (lien direct) |
>BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that targets VMware ESXi virtual machines.
|
Ransomware
Malware
|
|
|
|
2022-06-07 21:47:44 |
Ransomware Task Force priorities see progress in first year (lien direct) |
>The Ransomware Task Force's five priority recommendations, issued last year, have all seen encouraging progress from governments.
|
Ransomware
|
|
|
|
2022-06-06 23:26:16 |
RSA 2022: Prometheus ransomware\'s flaws inspired researchers to try to build a near-universal decryption tool (lien direct) |
Prometheus ransomware contained a weak random number generator that inspired researchers to try and build a one-size-fits-all decryptor.
|
Ransomware
Tool
|
|
|
|
2022-06-03 16:54:10 |
Ransomware: May 2022 review (lien direct) |
>May 2022 saw the continued dominance of LockBit, and a possible disbursement of the Conti gang into other ransomware groups.
|
Ransomware
|
|
|
|
2022-06-02 00:12:10 |
Ransomware attack turns 2022 into 1977 for Somerset County (lien direct) |
>Somerset County in New Jersey has been sent back to 1977 after a ransomware attack shut down various historical record checks.
|
Ransomware
|
|
|
|
2022-05-31 20:53:40 |
Threat profile: RansomHouse makes extortion work without ransomware (lien direct) |
>RansomHouse, a new extortion group, distances itself from ransomware. However, it seems like it had ties to ransomware groups in the past.
|
Ransomware
|
|
|
|
2022-05-25 16:25:17 |
Eerie GoodWill ransomware forces victims to publish videos of “good” deeds on social media (lien direct) |
GoodWill ransomware has victims do something other than pay a ransom to recover their files.
|
Ransomware
|
|
|
|
2022-05-23 13:35:15 |
Chicago students lose data to ransomware attackers (lien direct) |
>A recent breach notification has revealed some 490,000+ students were impacted by a ransomware attack last December.
|
Ransomware
|
|
|
|
2022-05-19 13:07:27 |
Cardiologist moonlighted as successful ransomware developer (lien direct) |
>Moises Luis Zagala, cardiologist by day, ransomware developer by night, has been charged by the US government for computer crimes.
|
Ransomware
|
|
|
|
2022-05-12 10:21:16 |
College closes down after ransomware attack (lien direct) |
>Lincoln College is the first US college or university ransomware affected so badly that it could not cope and had to close shop.
|
Ransomware
|
|
|
|
2022-05-09 15:54:15 |
Costa Rica continues defence against sustained Conti ransomware attacks (lien direct) |
Costa Rica is doing everything it can to ward off persistent and overwhelming attacks from the Conti Ransomware group.
|
Ransomware
|
|
|
|
2020-12-15 13:58:58 |
Threat profile: Egregor ransomware is making a name for itself (lien direct) |
The Egregror ransomware is quickly making a name for itself by victimizing big corporations. How does it work and what is its background?
Categories: RansomwareThreat spotlight
Tags: cobalt strikeegregorexfiltrated dataQakbotraassekhmet
(Read more...)
|
Threat
Ransomware
|
|
|
|
2020-12-09 16:03:39 |
VideoBytes: Ryuk Ransomware Targeting US Hospitals (lien direct) |
Ryuk ransomware is infecting US hospitals. But how? And why?
Categories: VideoBytes
Tags: BazarLoadercobalt strikehospitalryuk
(Read more...)
|
Ransomware
|
|
|
|
2020-12-03 16:30:00 |
VideoBytes: Is it goodbye forever to Maze ransomware? (lien direct) |
The notorious Maze ransomware group, known for its corporate targeting and data leaking extortion schemes is, apparently, shutting down operations.
Categories: VideoBytes
Tags: extortiongandcrabMazeryukshutdownSodinokibi
(Read more...)
|
Ransomware
|
|
|
|
2020-11-30 17:50:20 |
Baltimore gets hit by ransomware again, the schools this time (lien direct) |
Baltimore County Public Schools have been paralyzed by a ransomware attack. The investigation is ongoing but meanwhile schools are closed.
Categories: RansomwareReports
Tags: baltimoreBaltimore City Schoolseducationransomware
(Read more...)
|
Ransomware
|
|
|
|
2020-11-30 16:00:55 |
German users targeted with Gootkit banker or REvil ransomware (lien direct) |
After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.
Categories: MalwareThreat analysis
Tags: bankerfilelessgermangermanygootkitloaderransomwarerevil
(Read more...)
|
Ransomware
|
|
|
|
2020-11-11 20:20:42 |
RegretLocker, new ransomware, can encrypt Windows virtual hard disks (lien direct) |
Cybersecurity researchers discovered a new ransomware called RegretLocker that can quickly encrypt virtual had disks on Windows machines.
Categories:
Ransomware
Tags: .mousecontiCTemplarlockergogamedusa lockerransomwareregretlockerryukRyuk ransomwaresamsamsamsam ransomwareSodinokibisodinokibi ransomwarevirtual diskvirtual machine
(Read more...)
|
Ransomware
|
|
|
|
2020-11-03 17:38:45 |
Maze ransomware gang announces retirement (lien direct) |
On November 1, the cybercriminals behind Maze ransomware announced their retirement. Is this a reason to go all out and celebrate? We're afraid not.
Categories:
Ransomware
Tags: egregorMazeransom.sekhmetransomwareretirement
(Read more...)
|
Ransomware
|
|
|
|
2020-11-03 12:50:03 |
Hospital ransomware: Gangs are back to target healthcare (lien direct) |
With some countries and states heading back in to lockdown due to rising rates of COVID-19 infections, it seems horrible timing that hospital ransomware is back in the news.
Categories:
Ransomware
Tags: BazarBackdoorBazarLoaderBrian HonancisacontifbihealthcareHHSransomwareRansomware Response ChecklistryuktrickbotUHSUniklinikumUniversal Health Services
(Read more...)
|
Ransomware
|
|
|
|
2020-11-02 17:46:12 |
A week in security (October 26 – November 1) (lien direct) |
In this week in security (October 26 – November 1), we look at Google's Chrome zero-day patch, Cybersecurity Awareness Month, ransomware cash and far more.
Categories:
Malwarebytes news
Tags: covid-19 surveyCVE-2020-14882cybersecurity awareness monthdisinformationemail compromiseemotetfacebookGoogle ChromeGoogle patchhp printer issueoracle weblogicransomwaresatellite hackingspoofingsuncryptvastaamowanderazero dayzerologonzoom
(Read more...)
|
Ransomware
|
|
|
|
2020-10-28 15:00:00 |
Fake COVID-19 survey hides ransomware in Canadian university attack (lien direct) |
Universities are a hot target for malware right now. In this latest attack, a threat actor was targeting the University of British Columbia with the goal of distributing ransomware.
Categories:
Cybercrime
Social engineering
Tags: phishphishingransomwareUBCuniversityvaggen
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2020-10-27 17:00:00 |
Keeping ransomware cash away from your business (lien direct) |
Ransomware gangs are in the news for donating stolen funds to charitable organisations. Is this a good thing, or will it cause more trouble for the charity than it's worth?
Categories:
Cybercrime
Malware
Tags: bitcoincharitiescharitydonationsillegallawmalwaremoney launderingphishransomwareregulationsscamuk
(Read more...)
|
Ransomware
|
|
|