Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-24 12:06:51 |
A ransomware gang made $260,000 in 5 days using the 7zip utility (lien direct) |
A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program. [...] |
Ransomware
|
|
|
|
2021-04-23 18:20:27 |
The Week in Ransomware - April 23rd 2021 - A brutal week (lien direct) |
This week has been brutal, not because of many ransomware variants released but due to a single ransomware campaign that affected thousands of people. [...] |
Ransomware
|
|
|
|
2021-04-21 13:44:57 |
Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices (lien direct) |
A massive ransomware campaign targeting QNAP devices worldwide is underway, and users are finding their files now stored in password-protected 7zip archives. [...] |
Ransomware
|
|
|
|
2021-04-20 16:39:29 |
REvil gang tries to extort Apple, threatens to sell stolen blueprints (lien direct) |
The REvil ransomware gang asked Apple to "buy back" stolen product blueprints to avoid having them leaked on REvil's leak site before today's Apple Spring Loaded event where the new iMac was introduced. [...] |
Ransomware
|
|
|
|
2021-04-18 14:10:15 |
Discord Nitro gift codes now demanded as ransomware payments (lien direct) |
In a novel approach to ransom demands, a new ransomware calling itself 'NitroRansomware' encrypts victim's files and then demands a Discord Nitro gift code to decrypt files. [...] |
Ransomware
|
|
|
|
2021-04-17 10:15:42 |
Ryuk ransomware operation updates hacking techniques (lien direct) |
Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. [...] |
Ransomware
|
|
|
|
2021-04-16 19:14:46 |
The Week in Ransomware - April 16th 2021 - The Houston Rockets (lien direct) |
It has been a pretty quiet week with only a few large attacks disclosed and only a few new ransomware variants released. The highest-profile attack this week is the NBA's Houston Rockets who were transparent about their ransomware attack. [...] |
Ransomware
|
|
|
|
2021-04-13 18:40:48 |
Capcom: Ransomware gang used old VPN device to breach the network (lien direct) |
Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. [...] |
Ransomware
|
|
|
|
2021-04-12 12:54:28 |
Dutch supermarkets run out of cheese after ransomware attack (lien direct) |
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. [...] |
Ransomware
|
|
|
|
2021-04-09 16:47:02 |
The Week in Ransomware - April 9th 2021 - Massive ransom demands (lien direct) |
Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently. [...] |
Ransomware
|
|
|
|
2021-04-09 14:52:36 |
Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (lien direct) |
Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. [...] |
Ransomware
Threat
Guideline
|
|
|
|
2021-04-07 16:06:13 |
REvil ransomware now changes password to auto-login in Safe Mode (lien direct) |
A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. [...] |
Ransomware
Threat
|
|
|
|
2021-04-07 13:12:19 |
New Cring ransomware hits unpatched Fortinet VPN devices (lien direct) |
A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies' networks. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-04-06 18:00:33 |
Windows XP makes ransomware gangs work harder for their money (lien direct) |
A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago. [...] |
Ransomware
Threat
|
|
|
|
2021-04-06 12:17:36 |
Ransomware hits TU Dublin and National College of Ireland (lien direct) |
The National College of Ireland is working on restoring IT services after being hit by a ransomware attack over the weekend that forced the college to take IT systems offline. [...] |
Ransomware
|
|
|
|
2021-04-04 10:00:00 |
Sierra Wireless resumes production after ransomware attack (lien direct) |
Canadian IoT solutions provider Sierra Wireless announced that it resumed production at its manufacturing sites after it halted it due to a ransomware attack that hit its internal network and corporate website on March 20. [...] |
Ransomware
|
|
|
|
2021-04-03 09:31:22 |
Ransomware gang leaks data from Stanford, Maryland universities (lien direct) |
Stolen personal and financial information of students at Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group earlier this week. [...] |
Ransomware
|
|
|
|
2021-04-02 14:17:55 |
Asteelflash electronics maker hit by REvil ransomware attack (lien direct) |
Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. [...] |
Ransomware
Guideline
|
|
|
|
2021-04-02 07:03:11 |
Ransomware gang wanted $40 million in Florida schools cyberattack (lien direct) |
Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. [...] |
Ransomware
Threat
|
|
|
|
2021-03-29 14:00:25 |
Harris Federation hit by ransomware attack affecting 50 schools (lien direct) |
The IT systems and email servers of London-based nonprofit multi-academy trust Harris Federation were taken down by a ransomware attack on Saturday. [...] |
Ransomware
|
|
|
|
2021-03-28 18:53:34 |
Ransomware admin is refunding victims their ransom payments (lien direct) |
After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back. [...] |
Ransomware
|
|
|
|
2021-03-28 10:41:12 |
CompuCom MSP expects over $20M in losses after ransomware attack (lien direct) |
American managed service provider CompuCom is expecting losses of over $20 million following this month's DarkSide ransomware attack that took down most of its systems. [...] |
Ransomware
|
|
★★★
|
|
2021-03-27 09:41:12 |
FatFace sends controversial data breach email after ransomware attack (lien direct) |
British clothing brand FatFace has sent a controversial 'confidential' data breach notification to customers after suffering a ransomware attack earlier this year. [...] |
Ransomware
Data Breach
|
|
|
|
2021-03-26 19:45:19 |
The Week in Ransomware - March 26th 2021 - Attacks increase (lien direct) |
Ransomware attacks against the enterprise continue in the form of Accellion data leaks, full-fledged ransomware attacks, and more ransomware gangs targeting Microsoft Exchange. [...] |
Ransomware
|
|
|
|
2021-03-26 15:42:58 |
(Déjà vu) Ransomware gang urges victims\' customers to demand a ransom payment (lien direct) |
A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. [...] |
Ransomware
|
|
|
|
2021-03-26 15:42:58 |
Ransomware gang urges victims\' customers to fight for their privacy (lien direct) |
A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. [...] |
Ransomware
|
|
|
|
2021-03-26 12:03:34 |
(Déjà vu) Microsoft: Black Kingdom ransomware group hacked 1.5K Exchange servers (lien direct) |
Microsoft has discovered web shells deployed by Black Kingdom operators on approximately 1,500 Exchange servers vulnerable to ProxyLogon attacks. [...] |
Ransomware
|
|
|
|
2021-03-26 12:03:34 |
Microsoft: Black Kingdom ransomware hacked 1.5K Exchange servers (lien direct) |
Microsoft has discovered web shells deployed by Black Kingdom operators on approximately 1,500 Exchange servers vulnerable to ProxyLogon attacks. [...] |
Ransomware
|
|
|
|
2021-03-26 03:30:00 |
FBI exposes weakness in Mamba ransomware, DiskCryptor (lien direct) |
An alert from the U.S. Federal Bureau of Investigation about Mamba ransomware reveals a weak spot in the encryption process that could help targeted organizations recover from the attack without paying the ransom. [...] |
Ransomware
|
|
|
|
2021-03-25 14:26:17 |
Insurance giant CNA hit by new Phoenix CryptoLocker ransomware (lien direct) |
Insurance giant CNA has suffered a ransomware attack using a new variant called Phoenix CryptoLocker that is possibly linked to the Evil Corp hacking group. [...] |
Ransomware
|
|
|
|
2021-03-25 13:34:35 |
Evil Corp switches to Hades ransomware to evade sanctions (lien direct) |
Hades ransomware has been linked to the Evil Corp cybercrime gang who uses it to evade sanctions imposed by the Treasury Department's Office of Foreign Assets Control (OFAC). [...] |
Ransomware
|
|
|
|
2021-03-23 16:20:38 |
Ransomware gang leaks data stolen from Colorado, Miami universities (lien direct) |
Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. [...] |
Ransomware
|
|
|
|
2021-03-23 12:46:10 |
High-availability server maker Stratus hit by ransomware (lien direct) |
Stratus Technologies has suffered a ransomware attack that required systems to be taken offline to prevent the attack's spread. [...] |
Ransomware
|
|
★★★
|
|
2021-03-23 11:39:53 |
Ransomware attack shuts down Sierra Wireless IoT maker (lien direct) |
Sierra Wireless, a world-leading IoT solutions provider, today disclosed a ransomware attack that forced it to halt production at all manufacturing sites. [...] |
Ransomware
Guideline
|
|
|
|
2021-03-22 09:07:01 |
(Déjà vu) Microsoft Exchange servers now targeted by Black Kingdom ransomware (lien direct) |
Another ransomware operation known as 'Black Kingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. [...] |
Ransomware
|
|
|
|
2021-03-22 09:07:01 |
Microsoft Exchange servers now targeted by BlackKingdom ransomware (lien direct) |
Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. [...] |
Ransomware
|
|
|
|
2021-03-19 17:40:01 |
The Week in Ransomware - March 19th 2021 - Highest ransom ever! (lien direct) |
While the beginning of this week was fairly quiet, it definitely ended with a bang as news came out of the largest ransom demand yet. [...] |
Ransomware
|
|
|
|
2021-03-19 11:11:09 |
Computer giant Acer hit by $50 million ransomware attack (lien direct) |
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. [...] |
Ransomware
Threat
|
|
|
|
2021-03-19 11:11:09 |
REvil ransomware says they hit Acer, Acer reports "abnormal situations" (lien direct) |
The REvil ransomware operation claims to have stolen unencrypted data after hacking electronics and computer giant Acer. [...] |
Ransomware
|
|
|
|
2021-03-19 07:15:00 |
REvil ransomware has a new \'Windows Safe Mode\' encryption mode (lien direct) |
The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. [...] |
Ransomware
|
|
|
|
2021-03-16 11:22:25 |
FBI warns of escalating Pysa ransomware attacks on education orgs (lien direct) |
The Federal Bureau of Investigation (FBI) Cyber Division has warned system administrators and cybersecurity professionals of increased Pysa ransomware activity targeting educational institutions. [...] |
Ransomware
|
|
|
|
2021-03-12 18:51:27 |
The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers (lien direct) |
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. [...] |
Ransomware
|
|
|
|
2021-03-11 19:39:25 |
(Déjà vu) Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits (lien direct) |
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...] |
Ransomware
|
|
|
|
2021-03-11 19:39:25 |
New DEARCRY Ransomware is targeting Microsoft Exchange Servers (lien direct) |
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...] |
Ransomware
|
|
|
|
2021-03-10 08:35:58 |
Ryuk ransomware hits 700 Spanish government labor agency offices (lien direct) |
The systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. [...] |
Ransomware
|
|
|
|
2021-03-09 10:07:00 |
GandCrab ransomware affiliate arrested for phishing attacks (lien direct) |
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. [...] |
Ransomware
|
|
|
|
2021-03-08 16:20:06 |
New Sarbloh ransomware supports Indian farmers\' protest (lien direct) |
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. [...] |
Ransomware
|
|
|
|
2021-03-08 10:21:59 |
Flagstar Bank hit by data breach exposing customer, employee data (lien direct) |
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. [...] |
Ransomware
Data Breach
|
|
|
|
2021-03-06 12:47:07 |
Ransomware gang plans to call victim\'s business partners about attacks (lien direct) |
The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim's business partners to generate ransom payments. [...] |
Ransomware
|
|
|
|
2021-03-05 18:53:22 |
The Week in Ransomware - March 5th 2021 - Targeting service providers (lien direct) |
This week we have seen ransomware attacks targeting online service providers and MSPs to not only encrypt the victim but also cause significant outages for their customers. [...] |
Ransomware
|
|
|