Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-10 18:32:32 |
FinalSite: No school data stolen in ransomware attack behind site outages (lien direct) |
FinalSite announced today the findings of a six-day investigation into last week's ransomware attack, stating it found no evidence schools' data accessed or stolen by hackers. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-10 16:09:01 |
Linux version of AvosLocker ransomware targets VMware ESXi servers (lien direct) |
AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-07 17:50:34 |
The Week in Ransomware - January 7th 2022 - Watch out for USB drives (lien direct) |
With the holidays these past two weeks, there have been only a few known ransomware attacks and little research released. Here is what we know. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-07 13:14:19 |
(Déjà vu) FBI: Hackers use BadUSB to target defense firms with ransomware (lien direct) |
The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-07 08:20:29 |
QNAP warns of ransomware targeting Internet-exposed NAS devices (lien direct) |
QNAP has warned customers today to secure Internet-exposed network-attached storage (NAS) devices immediately from ongoing ransomware and brute-force attacks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-06 19:34:06 |
FinalSite ransomware attack shuts down thousands of school websites (lien direct) |
FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. [...] |
Ransomware
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-01-06 17:09:12 |
Night Sky is the latest ransomware targeting corporate networks (lien direct) |
It's a new year, and with it comes a new ransomware to keep an eye on called 'Night Sky' that targets corporate networks and steals data in double-extortion attacks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-29 14:01:07 |
(Déjà vu) Ransomware gang coughs up decryptor after realizing they hit the police (lien direct) |
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-29 14:01:07 |
AvosLocker ransomware gives free decryptor to US police dept (lien direct) |
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-27 11:19:45 |
QNAP NAS devices hit in surge of ech0raix ransomware attacks (lien direct) |
Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-27 02:56:34 |
Shutterfly services disrupted by Conti ransomware attack (lien direct) |
Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-24 16:34:18 |
The Week in Ransomware - December 24th 2021 - No rest for the weary (lien direct) |
The holiday season is here, but there is no rest for our weary admins as ransomware gangs are still conducting attacks over the Christmas and New Years breaks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-24 11:26:18 |
Rook ransomware is yet another spawn of the leaked Babuk code (lien direct) |
A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make "a lot of money" by breaching corporate networks and encrypting devices. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-24 11:00:32 |
Global IT services provider Inetum hit by ransomware attack (lien direct) |
Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-23 12:47:14 |
AvosLocker ransomware reboots in Safe Mode to bypass security tools (lien direct) |
Recent AvosLocker ransomware attacks are characterized by a focus on disabling endpoint security solutions that stand in the way of threat actors. [...] |
Ransomware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-21 17:37:20 |
PYSA ransomware behind most double extortion attacks in November (lien direct) |
Security analysts from NCC Group report that ransomware attacks in November 2021 increased over the past month, with double-extortion continuing to be a powerful tool in threat actors' arsenal. [...] |
Ransomware
Tool
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-21 08:06:10 |
Windows 10 21H2 adds ransomware protection to security baseline (lien direct) |
Microsoft has released the final version of security configuration baseline settings for Windows 10, version 21H2, available today from the Microsoft Security Compliance Toolkit. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-17 18:37:23 |
The Week in Ransomware - December 17th 2021 - Enter Log4j (lien direct) |
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...] |
Ransomware
Vulnerability
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-17 15:25:06 |
TellYouThePass ransomware revived in Linux, Windows Log4j attacks (lien direct) |
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. [...] |
Ransomware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-17 11:28:39 |
Logistics giant warns of BEC emails following ransomware attack (lien direct) |
Hellmann Worldwide is warning customers of an increase in fraudulent calls and emails regarding payment transfer and bank account changes after a recent ransomware attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-17 10:00:00 |
Conti ransomware uses Log4j bug to hack VMware vCenter servers (lien direct) |
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. [...] |
Ransomware
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-16 15:48:04 |
McMenamins breweries hit by a Conti ransomware attack (lien direct) |
Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company's operations. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-16 12:20:59 |
Microsoft: Khonsari ransomware hits self-hosted Minecraft servers (lien direct) |
Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-14 17:02:25 |
New ransomware now being deployed in Log4Shell attacks (lien direct) |
The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers. [...] |
Ransomware
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-13 12:57:29 |
Kronos ransomware attack may cause weeks of HR solutions downtime (lien direct) |
Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-13 07:51:05 |
Police arrests ransomware affiliate behind high-profile attacks (lien direct) |
Romanian law enforcement authorities arrested a ransomware affiliate suspected of hacking and stealing sensitive info from the networks of multiple high-profile companies worldwide, including a large Romanian IT company with clients from the retail, energy, and utilities sectors. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-10 19:37:35 |
The Week in Ransomware - December 10th 2021 - Project CODA (lien direct) |
This week has quite a bit of ransomware news, including arrests, a new and sophisticated ransomware, and an attack bringing down 300 supermarkets in England. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-10 09:12:25 |
Australian govt raises alarm over Conti ransomware attacks (lien direct) |
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-09 16:47:28 |
ALPHV BlackCat - This year\'s most sophisticated ransomware (lien direct) |
The new ALPHV ransomware operation, aka BlackCat, launched last month and could be the most sophisticated ransomware of the year, with a highly-customizable feature set allowing for attacks on a wide range of corporate environments. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-08 14:25:26 |
Microsoft: Secured-core servers help prevent ransomware attacks (lien direct) |
Microsoft says the first Secured-core certified Windows Server and Microsoft Azure Stack HCI devices are now available to protect customers' networks from security threats, including ransomware attacks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 18:21:46 |
Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) |
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] |
Ransomware
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 15:37:57 |
Alleged ransomware affiliate arrested for healthcare attacks (lien direct) |
A 31-year old Canadian national has been charged in connection to ransomware attacks against organizations in the United States and Canada, a federal indictment unsealed today shows. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 13:19:53 |
New Cerber ransomware targets Confluence and GitLab servers (lien direct) |
Cerber ransomware is back, as a new ransomware family adopts the old name and targets Atlassian Confluence and GitLab servers using remote code execution vulnerabilities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 10:06:39 |
STOP Ransomware vaccine released to block encryption (lien direct) |
German security software company G DATA has released a vaccine that will block STOP Ransomware from encrypting victims' files after infection. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 02:39:46 |
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet (lien direct) |
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Although there is no indication of card or payment information being affected, information pertaining to guest bookings was potentially leaked. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-03 18:34:06 |
The Week in Ransomware - December 3rd 2021 - Seizing Bitcoin (lien direct) |
For this week's 'Week in Ransomware' article we have included the latest ransomware news over the past two weeks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-03 12:16:45 |
FBI: Cuba ransomware breached 49 US critical infrastructure orgs (lien direct) |
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-01 20:18:12 |
Planned Parenthood LA discloses data breach after ransomware attack (lien direct) |
Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...] |
Ransomware
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-01 11:21:48 |
Microsoft Exchange servers hacked to deploy BlackByte ransomware (lien direct) |
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 16:46:32 |
(Déjà vu) FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs (lien direct) |
The FBI seized $2.2 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 16:46:32 |
FBI seized $2.2M from affiliate of REvil, Gandcrab ransomware gangs (lien direct) |
The FBI seized $2.2 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. [...] |
Ransomware
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 06:56:06 |
Yanluowang ransomware operation matures with experienced affiliates (lien direct) |
An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-26 10:31:37 |
(Déjà vu) Marine services provider Swire Pacific Offshore hit by ransomware (lien direct) |
Swire Pacific Offshore (SPO) has discovered an unauthorized network infiltration onto its IT systems, resulting in the compromise of some employee data. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-26 10:31:37 |
Marine services giant Swire Pacific Offshore hit by ransomware (lien direct) |
Swire Pacific Offshore (SPO) has discovered an unauthorized network infiltration onto its IT systems, resulting in the compromise of some employee data. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-22 13:45:00 |
US govt warns of increased ransomware risks during holidays (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-19 19:19:16 |
The Week in Ransomware - November 19th 2021 - Targeting Conti (lien direct) |
While last week was full of arrests and law enforcement actions, this week has been much quieter, with mostly new research released. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-19 14:05:11 |
(Déjà vu) Emotet botnet comeback orchestrated by Conti ransomware gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator, who was convinced by members of the Conti ransomware gang. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-19 14:05:11 |
Emotet botnet comeback hatched by ex-Ryuk member now part of Conti gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator convinced by ex-members of the Ryuk ransomware gang. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-18 11:42:58 |
New Memento ransomware switches to WinRar after failing at encryption (lien direct) |
A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-17 13:31:23 |
Russian ransomware gangs start collaborating with Chinese hackers (lien direct) |
There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. [...] |
Ransomware
|
|
|