Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-12-01 20:18:12 |
Planned Parenthood LA discloses data breach after ransomware attack (lien direct) |
Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...] |
Ransomware
Data Breach
|
|
|
|
2021-12-01 11:21:48 |
Microsoft Exchange servers hacked to deploy BlackByte ransomware (lien direct) |
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...] |
Ransomware
|
|
|
|
2021-11-30 16:46:32 |
(Déjà vu) FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs (lien direct) |
The FBI seized $2.2 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. [...] |
Ransomware
|
|
|
|
2021-11-30 16:46:32 |
FBI seized $2.2M from affiliate of REvil, Gandcrab ransomware gangs (lien direct) |
The FBI seized $2.2 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. [...] |
Ransomware
|
|
★★★★
|
|
2021-11-30 06:56:06 |
Yanluowang ransomware operation matures with experienced affiliates (lien direct) |
An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] |
Ransomware
Malware
|
|
|
|
2021-11-26 10:31:37 |
(Déjà vu) Marine services provider Swire Pacific Offshore hit by ransomware (lien direct) |
Swire Pacific Offshore (SPO) has discovered an unauthorized network infiltration onto its IT systems, resulting in the compromise of some employee data. [...] |
Ransomware
|
|
|
|
2021-11-26 10:31:37 |
Marine services giant Swire Pacific Offshore hit by ransomware (lien direct) |
Swire Pacific Offshore (SPO) has discovered an unauthorized network infiltration onto its IT systems, resulting in the compromise of some employee data. [...] |
Ransomware
|
|
|
|
2021-11-22 13:45:00 |
US govt warns of increased ransomware risks during holidays (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season. [...] |
Ransomware
|
|
|
|
2021-11-19 19:19:16 |
The Week in Ransomware - November 19th 2021 - Targeting Conti (lien direct) |
While last week was full of arrests and law enforcement actions, this week has been much quieter, with mostly new research released. [...] |
Ransomware
|
|
|
|
2021-11-19 14:05:11 |
(Déjà vu) Emotet botnet comeback orchestrated by Conti ransomware gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator, who was convinced by members of the Conti ransomware gang. [...] |
Ransomware
|
|
|
|
2021-11-19 14:05:11 |
Emotet botnet comeback hatched by ex-Ryuk member now part of Conti gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator convinced by ex-members of the Ryuk ransomware gang. [...] |
Ransomware
|
|
|
|
2021-11-18 11:42:58 |
New Memento ransomware switches to WinRar after failing at encryption (lien direct) |
A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software. [...] |
Ransomware
|
|
|
|
2021-11-17 13:31:23 |
Russian ransomware gangs start collaborating with Chinese hackers (lien direct) |
There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. [...] |
Ransomware
|
|
|
|
2021-11-16 12:35:50 |
WordPress sites are being hacked in fake ransomware attacks (lien direct) |
A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. [...] |
Ransomware
|
|
|
|
2021-11-16 10:31:03 |
Microsoft adds AI-driven ransomware protection to Defender (lien direct) |
Microsoft has introduced an AI-driven ransomware attack detection system for Microsoft Defender for Endpoint customers that complements existing cloud protection by evaluating risks and blocking actors at the perimeter. [...] |
Ransomware
|
|
|
|
2021-11-14 10:00:00 |
US Education Dept urged to boost K-12 schools\' ransomware defenses (lien direct) |
The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks. [...] |
Ransomware
|
|
|
|
2021-11-12 16:07:06 |
The Week in Ransomware - November 12th 2021 - Targeting REvil (lien direct) |
This week, law enforcement struck a massive blow against the REvil ransomware operation, with multiple arrests announced and the seizure of cryptocurrency. [...] |
Ransomware
|
|
|
|
2021-11-12 12:14:17 |
FTC shares ransomware defense tips for small US businesses (lien direct) |
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [...] |
Threat
Ransomware
|
|
|
|
2021-11-11 11:04:00 |
Magniber ransomware gang now exploits Internet Explorer flaws in attacks (lien direct) |
The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. [...] |
Ransomware
|
|
|
|
2021-11-11 08:54:03 |
New bill sets ransomware attack response rules for US financial orgs (lien direct) |
New legislation introduced this week by US lawmakers aims to set ransomware attack response "rules of road" for US financial institutions. [...] |
Ransomware
|
|
|
|
2021-11-10 10:52:26 |
TrickBot teams up with Shatak phishers for Conti ransomware attacks (lien direct) |
A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. [...] |
Threat
Ransomware
|
|
|
|
2021-11-09 09:54:21 |
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks (lien direct) |
The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-11-09 09:15:45 |
Medical software firm urges password resets after ransomware attack (lien direct) |
Medatixx, a German medical software vendor whose products are used in over 21,000 health institutions, urges customers to change their application passwords following a ransomware attack that has severely impaired its entire operations. [...] |
Ransomware
|
|
|
|
2021-11-08 19:11:32 |
U.S. offers $10 million reward for leaders of REvil ransomware (lien direct) |
The U.S. is offering up to $10 million for identifying or locating leaders in the REvil (Sodinokibi) ransomware operation, including $5 million leading to the arrest of affiliates. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-08 13:26:45 |
(Déjà vu) US sanctions Chatex cryptoexchange used by ransomware gangs (lien direct) |
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions. [...] |
Ransomware
|
|
|
|
2021-11-08 13:18:02 |
US seizes $6 million from REvil ransomware, arrest Kaseya hacker (lien direct) |
The United States Department of Justice today has announced charges against a REvil ransomware affiliate responsible for the attack against the Kaseya MSP platform on July 2nd and seizing more than $6 million from another REvil partner. [...] |
Ransomware
|
|
|
|
2021-11-08 09:51:57 |
REvil ransomware affiliates arrested in Romania and Kuwait (lien direct) |
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims. [...] |
Ransomware
|
|
|
|
2021-11-08 09:27:49 |
(Déjà vu) MediaMarkt hit by Hive ransomware, initial $240 million ransom (lien direct) |
Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
|
2021-11-08 09:27:49 |
Electronics retail giant MediaMarkt hit by ransomware attack (lien direct) |
Electronics retail giant MediaMarkt has suffered a ransomware attack causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
|
2021-11-07 11:46:27 |
Operation Cyclone deals blow to Clop ransomware operation (lien direct) |
A thirty-month international law enforcement operation codenamed 'Operation Cyclone' targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-05 18:05:04 |
The Week in Ransomware - November 5th 2021 - Placing bounties (lien direct) |
Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-05 12:03:55 |
FBI: Ransomware gangs hit several tribal-owned casinos in the last year (lien direct) |
The Federal Bureau of Investigation (FBI) says that multiple ransomware gangs have hit tribal entities over the last year, taking down their systems and impacting businesses and public services. [...] |
Ransomware
|
|
|
|
2021-11-04 15:03:45 |
Phishing emails deliver spooky zombie-themed MirCop ransomware (lien direct) |
A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes. [...] |
Ransomware
|
|
|
|
2021-11-04 12:39:34 |
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware (lien direct) |
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware. [...] |
Threat
Ransomware
|
|
|
|
2021-11-04 07:22:01 |
(Déjà vu) Lockean multi-ransomware affiliates linked to attacks on French orgs (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
|
2021-11-04 07:22:01 |
Lockean multi-RaaS affiliate linked to attacks against French businesses (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
|
2021-11-03 13:22:25 |
(Déjà vu) UK Labour Party discloses data breach after ransomware attack (lien direct) |
The UK Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a third-party organization that was managing the party's data. [...] |
Ransomware
Data Breach
|
|
|
|
2021-11-03 12:47:42 |
BlackMatter ransomware moves victims to LockBit after shutdown (lien direct) |
With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware site for continued extortion. [...] |
Ransomware
|
|
|
|
2021-11-03 01:59:46 |
BlackMatter ransomware claims to be shutting down due to police pressure (lien direct) |
The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations. [...] |
Ransomware
|
|
|
|
2021-11-02 07:59:18 |
FBI: Ransomware targets companies during mergers and acquisitions (lien direct) |
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. [...] |
Ransomware
|
|
|
|
2021-11-01 10:13:59 |
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...] |
Ransomware
|
|
|
|
2021-10-30 11:02:01 |
Chaos ransomware targets gamers via fake Minecraft alt lists (lien direct) |
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...] |
Ransomware
|
|
|
|
2021-10-29 17:43:14 |
The Week in Ransomware - October 29th 2021 - Making arrests (lien direct) |
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...] |
Ransomware
|
|
|
|
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
|
2021-10-29 05:07:49 |
(Déjà vu) Police arrest hackers behind over 1,800 ransomware attacks (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
|
2021-10-29 05:07:49 |
Police arrest criminals behind Norsk Hydro ransomware attack (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
|
2021-10-28 09:02:21 |
Ransomware gangs use SEO poisoning to infect visitors (lien direct) |
Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] |
Ransomware
|
|
|
|
2021-10-28 07:26:09 |
German investigators identify REvil ransomware gang core member (lien direct) |
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] |
Ransomware
|
|
|
|
2021-10-27 16:37:26 |
NRA: No comment on Russian ransomware gang attack claims (lien direct) |
The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] |
Ransomware
|
|
|
|
2021-10-27 14:35:13 |
Free decryptor released for Atom Silo and LockFile ransomware (lien direct) |
Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] |
Ransomware
Tool
|
|
|