What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-22 13:46:59 | Kaseya obtains universal decryptor for REvil ransomware victims (lien direct) | Kaseya received a universal decryptor that allows victims of the July 2nd REvil ransomware attack to recover their files for free. [...] | Ransomware | ||
|
2021-07-22 11:25:39 | Ransomware gang breached CNA\'s network via fake browser update (lien direct) | Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data, and deployed ransomware payloads in a ransomware attack that hit its network in March 2021. [...] | Ransomware Guideline | ||
|
2021-07-18 11:22:44 | Ransomware hits law firm counseling Fortune 500, Global 500 companies (lien direct) | Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. [...] | Ransomware Data Breach | ||
|
2021-07-18 10:16:32 | Comparis customers targeted by scammers after ransomware attack (lien direct) | Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. [...] | Ransomware Data Breach Guideline | ||
|
2021-07-17 11:44:22 | HelloKitty ransomware is targeting vulnerable SonicWall devices (lien direct) | CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [...] | Ransomware Threat | ||
|
2021-07-17 09:53:43 | Ecuador\'s state-run CNT telco hit by RansomEXX ransomware (lien direct) | Ecuador's state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support. [...] | Ransomware | ||
|
2021-07-16 15:42:25 | The Week in Ransomware - July 16th 2021 - REvil disappears (lien direct) | Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia. [...] | Ransomware | ||
|
2021-07-15 11:13:34 | Linux version of HelloKitty ransomware targets VMware ESXi servers (lien direct) | The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage. [...] | Ransomware | ||
|
2021-07-14 11:39:24 | (Déjà vu) SonicWall warns of \'critical\' ransomware risk to EOL SMA 100 VPN appliances (lien direct) | SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...] | Ransomware | ||
|
2021-07-14 11:39:24 | SonicWall warns of \'critical\' ransomware risk to SMA 100 VPN appliances (lien direct) | SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...] | Ransomware | ||
|
2021-07-14 10:00:01 | Detonating Ransomware on My Own Computer (Don\'t Try This at Home) (lien direct) | Ransomware attacks are a daily occurrence, announcing new levels of danger and confusion to an already complicated business of protecting data. How it behaves can tell us lot about a ransomware attack - so I recently detonated Conti ransomware in a controlled environment to demonstrate the importance of proper cyber protection. [...] | Ransomware | ||
|
2021-07-14 03:32:00 | Trickbot updates its VNC module for high-value targets (lien direct) | The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...] | Ransomware Malware Threat | ||
|
2021-07-13 10:49:54 | REvil ransomware gang\'s web sites mysteriously shut down (lien direct) | The infrastructure and websites for the REvil ransomware operation have mysteriously gone offline as of last night. [...] | Ransomware | ||
|
2021-07-12 16:33:25 | Interpol urges police to unite against \'potential ransomware pandemic\' (lien direct) | Interpol (International Criminal Police Organisation) Secretary General Jürgen Stock urged police agencies and industry partners to work together to prevent what looks like a future ransomware pandemic. [...] | Ransomware | ||
|
2021-07-12 12:33:40 | Fashion retailer Guess discloses data breach after ransomware attack (lien direct) | American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. [...] | Ransomware Data Breach | ||
|
2021-07-11 16:50:25 | Kaseya patches VSA vulnerabilities used in REvil ransomware attack (lien direct) | Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers. [...] | Ransomware | ||
|
2021-07-10 10:00:00 | Biden asks Putin to crack down on Russian-based ransomware gangs (lien direct) | President Biden asked Russian President Putin during a phone call today to take action against ransomware groups operating within Russia's borders behind the ongoing wave of attacks impacting the United States and other countries worldwide. [...] | Ransomware | ||
|
2021-07-09 15:46:51 | The Week in Ransomware - July 9th 2021 - A flawed attack (lien direct) | This week's news focuses on the aftermath of REvil's ransomware attack on MSPs and customers using zero-day vulnerabilities in Kaseya VSA. The good news is that it has not been as disruptive as we initially feared. [...] | Ransomware | ||
|
2021-07-09 07:29:40 | Insurance giant CNA reports data breach after ransomware attack (lien direct) | CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. [...] | Ransomware Data Breach Guideline | ||
|
2021-07-08 16:33:56 | REvil victims are refusing to pay after flawed Kaseya ransomware attack (lien direct) | The REvil ransomware gang's attack on MSPs and their customers last week outwardly should have been successful, yet changes in their typical tactics and procedures have led to few ransom payments. [...] | Ransomware | ||
|
2021-07-07 14:31:10 | White House urges mayors to review local govts\' cybersecurity posture (lien direct) | Following recent ransomware attacks, Deputy National Security Advisor Anne Neuberger asked US mayors to immediately hold a meeting with the heads of state agencies to evaluate their cybersecurity posture. [...] | Ransomware | Uber | |
|
2021-07-07 08:50:19 | Fake Kaseya VSA security update backdoors networks with Cobalt Strike (lien direct) | Threat actors are trying to capitalize on the ongoing Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security updates. [...] | Ransomware Spam Threat | ||
|
2021-07-06 17:09:27 | US warns of action against ransomware gangs if Russia refuses (lien direct) | White House Press Secretary Jen Psaki says that the US will take action against cybercriminal groups from Russia if the Russian government refuses to do so. [...] | Ransomware | ||
|
2021-07-06 07:59:59 | Kaseya: Roughly 1,500 businesses hit by REvil ransomware attack (lien direct) | Kaseya says the REvil supply-chain ransomware attack breached the systems of roughly 60 of its direct customers using the company's VSA on-premises product. [...] | Ransomware | ||
|
2021-07-05 10:35:57 | CISA, FBI share guidance for victims of Kaseya ransomware attack (lien direct) | CISA and the Federal Bureau of Investigation (FBI) have shared guidance for managed service providers (MSPs) and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform. [...] | Ransomware | ||
|
2021-07-05 04:59:25 | REvil ransomware asks $70 million to decrypt all Kaseya attack victims (lien direct) | REvil ransomware has set a price for decrypting all systems locked during the Kaseya supply-chain attack. The gang wants $70 million in Bitcoin for the tool that allows all affected businesses to recover their files. [...] | Ransomware Tool | ||
|
2021-07-04 13:35:22 | REvil is increasing ransoms for Kaseya ransomware attack victims (lien direct) | The REvil ransomware gang is increasing the ransom demands for victims encrypted during Friday's Kaseya ransomware attack. [...] | Ransomware | ||
|
2021-07-04 11:31:52 | Kaseya was fixing zero-day just as REvil ransomware sprung their attack (lien direct) | The zero-day vulnerability used to breach on-premise Kaseya VSA servers was in the process of being fixed, just as the REvil ransomware gang used it to perform their massive Friday attack. [...] | Ransomware Vulnerability | ||
|
2021-07-03 12:40:28 | The Week in Ransomware - July 2nd 2021 - MSPs under attack (lien direct) | Friday afternoon, we saw the largest ransomware attack ever conducted after the REvil ransomware gang used a zero-day vulnerability in the Kaseya VSA management software to encrypt MSPs and their customers worldwide. [...] | Ransomware Vulnerability | ||
|
2021-07-03 11:15:43 | Coop supermarket closes 500 stores after Kaseya ransomware attack (lien direct) | Swedish supermarket chain Coop has shut down approximately 500 stores after they were affected by an REvil ransomware attack targeting managed service providers through a supply-chain attack. [...] | Ransomware | ||
|
2021-07-03 10:00:00 | US chemical distributor shares info on DarkSide ransomware data theft (lien direct) | World-leading chemical distribution company Brenntag has shared additional info on what data was stolen from its network by DarkSide ransomware operators during an attack from late April 2021 that targeted its North America division. [...] | Ransomware Guideline | ||
|
2021-07-02 15:56:07 | (Déjà vu) REvil ransomware hits 1,000+ companies in MSP supply-chain attack (lien direct) | A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. [...] | Ransomware | ||
|
2021-07-02 15:56:07 | REvil ransomware hits 200 companies in MSP supply-chain attack (lien direct) | A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. [...] | Ransomware | ||
|
2021-07-02 08:39:59 | US insurance giant AJG reports data breach after ransomware attack (lien direct) | Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. [...] | Ransomware Data Breach | ||
|
2021-07-01 19:25:34 | Babuk ransomware is back, uses new version on corporate networks (lien direct) | After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks. [...] | Ransomware | ||
|
2021-07-01 16:11:15 | Trickbot cybercrime group linked to new Diavol ransomware (lien direct) | FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet. [...] | Ransomware | ||
|
2021-07-01 15:16:40 | VirusTotal ordered to reveal private info of stolen HSE data downloaders (lien direct) | An Irish court has ordered VirusTotal to provide the information of subscribers who downloaded or uploaded confidential data stolen from Ireland's national health care service during a ransomware attack. [...] | Ransomware | ||
|
2021-06-30 19:01:14 | Leaked Babuk Locker ransomware builder used in new attacks (lien direct) | A leaked tool used by the Babuk Locker operation to create custom ransomware executables is now being used by another threat actor in a very active campaign targeting victims worldwide. [...] | Ransomware Tool Threat | ||
|
2021-06-30 16:26:33 | CISA releases new ransomware self-assessment security audit tool (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET). [...] | Ransomware Tool | ||
|
2021-06-29 20:59:31 | Lorenz ransomware decryptor recovers victims\' files for free (lien direct) | Dutch cybersecurity firm Tesorion has released a free decryptor for the Lorenz ransomware, allowing victims to recover some of their files for free without paying a ransom. [...] | Ransomware | ||
|
2021-06-28 17:26:32 | REvil ransomware\'s new Linux encryptor targets ESXi virtual machines (lien direct) | The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. [...] | Ransomware | ||
|
2021-06-25 19:09:49 | The Week in Ransomware - June 25th 2021 - Back in Business (lien direct) | It has been relatively quiet this week, with few attacks revealed and few new ransomware variants released. However, some interesting information came out that we have summarized below. [...] | Ransomware | ||
|
2021-06-24 15:56:07 | Binance exchange helped track down Clop ransomware money launderers (lien direct) | Cryptocurrency exchange service Binance played an important part in the recent arrests of Clop ransomware group members, helping law enforcement in their effort to identify, and ultimately detain the suspects. [...] | Ransomware | ★★ | |
|
2021-06-23 16:00:49 | (Déjà vu) Healthcare giant Grupo Fleury hit by REvil ransomware attack (lien direct) | Brazilian medical diagnostic company Grupo Fleury has suffered a ransomware attack that has disrupted business operations after the company took its systems offline. [...] | Ransomware | ||
|
2021-06-23 16:00:49 | Healthcare giant Grupo Fleury hit by alleged REvil ransomware attack (lien direct) | Brazilian medical diagnostic company Grupo Fleury has suffered a ransomware attack that has disrupted business operations after the company took its systems offline. [...] | Ransomware | ||
|
2021-06-23 11:53:28 | Tulsa warns of data breach after Conti ransomware leaks police citations (lien direct) | The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online. [...] | Ransomware Data Breach | ||
|
2021-06-23 09:00:00 | PYSA ransomware backdoors education orgs using ChaChi malware (lien direct) | The PYSA ransomware gang has been using a remote access Trojan (RAT) dubbed ChaChi to backdoor the systems of healthcare and education organizations and steal data that later gets leveraged in double extortion ransom schemes. [...] | Ransomware Malware | ||
|
2021-06-23 03:35:32 | Clop ransomware is back in business after recent arrests (lien direct) | The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again. [...] | Ransomware | ||
|
2021-06-22 10:09:37 | Mysterious ransomware payment traced to a sensual massage site (lien direct) | A ransomware targeting an Israeli company has led researchers to track a portion of a ransom payment to a website promoting sensual massages. [...] | Ransomware | ||
|
2021-06-21 11:56:19 | ADATA suffers 700 GB data leak in Ragnar Locker ransomware attack (lien direct) | The Ragnar Locker ransomware gang have published download links for more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
