What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-01 10:00:00 | From Thanos to Prometheus: When Ransomware Encryption Goes Wrong (lien direct) | IBM Security X-Force researchers have recently reverse-engineered Prometheus ransomware samples as part of ongoing incident response operations. X-Force has found that samples that infected organizational networks featured flawed encryption. This allowed our team to develop a fast-acting decryptor and help customers recover from the attack without a decryption key. While rare, ransomware developers can make […] | Ransomware | ||
 |
2021-11-01 09:14:00 | Euro Police Swoop on 12 Suspected Ransomware Gang Members (lien direct) | Joint international operation began in 2019 | Ransomware | ||
 |
2021-10-31 13:32:52 | Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure (lien direct) | Chaos Ransomware operators target gamers’ Windows devices using Minecraft alt lists as a lure and promoting them on gaming forums. Minecraft is one of the most popular games in the world, it had more than 140 million monthly active players in August 2021. Cybercriminals are attempting to exploit this popularity, the Chaos Ransomware gang is […] | Ransomware | ||
|
2021-10-31 09:30:41 | Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham (lien direct) | Conti ransomware gang hit high society jeweller Graff and threatens to release private details of world leaders, actors and tycoons The latest attack of the Conti ransomware gang makes the headlines, the threat actors hit high society jeweller Graff and asked the payment of a multi-million ransom to avoid leaking details of world leaders, actors […] | Ransomware Threat Guideline | ||
 |
2021-10-30 13:00:00 | The SolarWinds Hackers Are Looking for Their Next Big Score (lien direct) | Plus: Gas station hacks in Iran, ransomware arrests in Europe, and more of the week's top security news. | Ransomware | ||
 |
2021-10-30 11:28:44 | Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide (lien direct) | 12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups.
The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting in the seizure of cash |
Ransomware | ||
 |
2021-10-30 11:02:01 | Chaos ransomware targets gamers via fake Minecraft alt lists (lien direct) | The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...] | Ransomware | ||
 |
2021-10-29 23:22:06 | Europol announce “targeting” of 12 suspects in ransomware attacks (lien direct) | More anti-ransomware activity by law enforcement, this time in Switzerland and Ukraine. | Ransomware | ||
|
2021-10-29 22:49:42 | ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD (lien direct) | The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. Researchers at the cybersecurity firm believe that the new encryptors are still under development. Both variants are written in Golang, […] | Ransomware Malware | ||
|
2021-10-29 21:35:39 | An Apparent Ransomware Hack Puts the NRA in a Bind (lien direct) | The group behind the reported attack is under sanctions from the US Treasury, which means a payout could come with penalties for the victim. | Ransomware Hack | ||
|
2021-10-29 20:48:20 | Papua New Guinea \'s finance ministry was hit by a ransomware (lien direct) | A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that Papua New Guinea’s finance ministry was hit by a ransomware attack that disrupted government payments and operations. The ransomware infected the Department of Finance’s Integrated Financial Management System a week ago, said the finance minister […] | Ransomware | ||
 |
2021-10-29 20:30:00 | Cybercrime: Europol arrests 12 people for ransomware activities possibly affecting 1,800 victims in 71 countries (lien direct) | The European police force stated the ransomware activities targeted critical infrastructures and mostly large corporations. | Ransomware | ||
|
2021-10-29 18:13:08 | Police arrested 12 individuals involved in 1800 ransomware attacks worldwide (lien direct) | Europol and Norwegian Police arrested 12 individuals over ransomware attacks on organizations worldwide, including critical infrastructure operators. A joint operation conducted by Europol, the Norwegian Police and other authorities led to the arrest of 12 individuals over ransomware attacks on organizations worldwide, including critical infrastructure operators. The suspects were involved in more than 1,800 ransomware […] | Ransomware | ||
|
2021-10-29 17:43:14 | The Week in Ransomware - October 29th 2021 - Making arrests (lien direct) | This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...] | Ransomware | ||
 |
2021-10-29 15:49:18 | (Déjà vu) Webinar November 11th: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat | ||
 |
2021-10-29 13:00:33 | Australia\'s Response to the Rise of Ransomware (lien direct) | The Australian Government released Australia's Ransomware Action Plan, which identifies initiatives to address the rise of ransomware across key themes | Ransomware | ||
 |
2021-10-29 12:15:32 | 76% of UK healthcare organisations want government to ban ransomware payments (lien direct) | A new study from Obrela Security Industries has revealed that 76 percent of UK healthcare organisations would support the government introducing legislation to make it illegal for healthcare organisations to pay ransom demands to cybercriminals. The study was carried out in September 2021 and examined the attitudes of 100 cybersecurity managers in UK healthcare organisations. […] | Ransomware | ||
|
2021-10-29 12:08:44 | Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) | The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] | Ransomware Malware | ||
 |
2021-10-29 11:58:17 | 12 People Arrested Over Ransomware Attacks on Critical Infrastructure (lien direct) | Europol and Norwegian Police on Friday announced the arrests of 12 individuals suspected of being involved in ransomware attacks launched against companies around the world, including critical infrastructure organizations. | Ransomware | ||
|
2021-10-29 11:16:44 | Ransomware attack hits Papua New Guinea\'s finance department (lien direct) | Papua New Guinea's finance department acknowledged late Thursday that its payment system, which manages access to hundreds of millions of dollars in foreign aid money, was hit with a ransomware attack. The attack on the Department of Finance's Integrated Financial Management System (IFMS) occurred at 1 a.m. local time on Oct. 22, according to a […] | Ransomware | ||
 |
2021-10-29 05:39:32 | Ransomware : une douzaine de personnes arrêtées en Ukraine et en Suisse (lien direct) | Les pirates utilisaient trois services de ransomware différents, dont LockerGoga qui avait infecté la société Altran en janvier 2019.  |
Ransomware | ||
|
2021-10-29 05:07:49 | (Déjà vu) Police arrest hackers behind over 1,800 ransomware attacks (lien direct) | The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] | Ransomware | ||
|
2021-10-29 05:07:49 | Police arrest criminals behind Norsk Hydro ransomware attack (lien direct) | The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] | Ransomware | ||
 |
2021-10-28 20:04:35 | Suspected REvil Gang Insider Identified (lien direct) | German investigators have identified a deep-pocketed, big-spending Russian billionaire whom they suspect of being a core member of the REvil ransomware gang. | Ransomware | ||
|
2021-10-28 18:33:49 | FBI Publishes Indicators of Compromise for Ranzy Locker Ransomware (lien direct) | The Federal Bureau of Investigation (FBI) this week released a Flash report to publicly share indicators of compromise (IOCs) for the Ranzy Locker ransomware. | Ransomware | ||
|
2021-10-28 17:40:31 | Free Decryption Tools Available for Babuk, AtomSilo and LockFile Ransomware (lien direct) | Cybersecurity company Avast on Wednesday announced the availability of free decryption tools for three pieces of ransomware: Babuk, AtomSilo and LockFile. Users and organizations that had their files encrypted by these ransomware families can use the decryptors to recover their files. | Ransomware | ||
|
2021-10-28 17:00:00 | 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR (lien direct) | “How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization […] | Ransomware Threat | ★★★★ | |
 |
2021-10-28 16:10:10 | Growing Ransomware Danger Demands Layered Defense of Your Endpoints (lien direct) | Ransomware is more dangerous than ever before. Why? It's partly because successful attacks don't just affect the victim anymore. | Ransomware | ||
 |
2021-10-28 15:13:32 | FBI warns of Ranzy Locker ransomware threat, as over 30 companies hit (lien direct) | The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, as it offers advice for other organisations on how they can better protect their businesses from attack. Read more in my article on the Tripwire State of Security blog. | Ransomware | ||
|
2021-10-28 13:37:49 | German investigators identify crypto millionaire behind REvil operations (lien direct) | German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the REvil ransomware gang. REvil ransomware gang is one of the most successful ransomware operations, the group and its affiliated hit hundreds of organizations worldwide. On July 2, the gang hit the Kaseya cloud-based MSP platform impacting MSPs and their […] | Ransomware | ||
|
2021-10-28 13:25:42 | Free decryption tools for AtomSilo, Babuk, and LockFire ransomware released by Avast (lien direct) | There is some more good news for those who have fallen foul of ransomware. Czech security firm Avast has developed decryption utilities for victims of not one, not two, but three different ransomware strains - meaning that victims who have been hit may be spared paying a ransom to their attackers. | Ransomware | ||
|
2021-10-28 13:00:00 | Roundup: 2021 Energy & Utility Data Breaches and Defenses in the News (lien direct) | Ransomware is evolving. How long until it takes down operational technology? In May 2021, Colonial Pipeline, one of the largest fuel pipelines in the United States, faced a ransomware attack. The company, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor, shut down work […] | Ransomware | ||
|
2021-10-28 12:45:50 | S3 Ep56: Cryptotrading rodent, ransomware hackback, and a Docusign phish [Podcast] (lien direct) | Latest episode - listen now! Serious security explained with personality in plain English. | Ransomware | ||
|
2021-10-28 12:07:02 | Grief Ransomware Targets NRA (lien direct) | Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. | Ransomware | ||
|
2021-10-28 12:00:00 | (Déjà vu) Webinar: Live Attack Simulation - EMEA Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat | ||
|
2021-10-28 09:18:45 | Smashing Security podcast #249: Devious licks, Netflix, and sensitive hackers (lien direct) | Ransomware attackers have got hurt feelings, what does Netflix know about you, and why are schoolkids stealing lavatory seats? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by 1Password's Matt Davey. | Ransomware | ||
|
2021-10-28 09:02:21 | Ransomware gangs use SEO poisoning to infect visitors (lien direct) | Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] | Ransomware | ||
 |
2021-10-28 08:01:01 | Road to Security Predictions 2022 avec Charles Carmakal, SVP et CTO de Mandiant \\ Road to Security Predictions 2022 with Charles Carmakal, Mandiant\\'s SVP and CTO (lien direct) |
mandiant pense à l'avenir!Nous savons que l'apprentissage de l'histoire n'est que la moitié de la bataille, si nous voulons rester en avance sur les attaquants, nous devons réfléchir et planifier les scénarios les plus probables de l'année à venir.Tout récemment, Sandra Joyce, EVP, Global Intel & Advanced Practices, a partagé ses réflexions sur Ce qu'elle s'attend à voir en 2022.
Pour maintenir la conversation, nous avons demandé à Charles Carmakal, Mandiant SVP et CTO, de fournir son point de vue pour l'année à venir.Semblable à Sandra, Charles pense également aux ransomwares et à l'extorsion multiforme.Charles soupçonne que nous verrons
Mandiant is thinking about the future! We know that learning from history is only half the battle-if we want to stay ahead of attackers, we need to think about and plan for the likeliest scenarios in the coming year. Just recently Sandra Joyce, EVP, Global Intel & Advanced Practices, shared her thoughts on what she expects to see in 2022. To keep the conversation going, we asked Charles Carmakal, Mandiant SVP and CTO, to provide his perspective on the coming year. Similar to Sandra, Charles is also thinking about ransomware and multifaceted extortion. Charles suspects that we will see |
Ransomware | ★★ | |
 |
2021-10-28 08:00:00 | How ransomware crews pile on the pressure to get victims to pay (lien direct) | Pas de details / No more details | Ransomware | ||
|
2021-10-28 07:26:09 | German investigators identify REvil ransomware gang core member (lien direct) | German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] | Ransomware | ||
 |
2021-10-28 05:00:00 | Quarterly Report: Incident Response trends from Q3 2021 (lien direct) | Ransomware again dominated the threat landscape, while BEC grew
By David Liebenberg and Caitlin Huey.
Once again, ransomware was the most dominant threat observed in Cisco Talos Incident Response (CTIR) engagements this quarter.
CTIR helped resolve several significant...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Ransomware Threat | ||
|
2021-10-28 00:05:43 | Malicious NPM Libraries Caught Installing Password Stealer and Ransomware (lien direct) | Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware.
The bogus packages - named "noblox.js-proxy" and "noblox.js-proxies" - were found to |
Ransomware | ||
 |
2021-10-28 00:00:00 | Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers (lien direct) | FortiGuard Labs recently discovered a variant of the Chaos ransomware that not only encrypts certain files but also destroys others and appears to target Minecraft gamers in Japan. Our threat analysis examines how this new ransomware variant works.
|
Ransomware Threat | ||
|
2021-10-27 23:35:08 | Avast releases free decrypters for AtomSilo and LockFile ransomware families (lien direct) | Security firm Avast released today decryptors for AtomSilo and LockFile ransomware that allow victims to recover their files for free. Cyber security firm Avast has released today decryption utilities for AtomSilo and LockFile ransomware that allow the victims to recover their files for free. Experts pointed out that AtomSilo and LockFile ransomware only have a […] | Ransomware | ||
|
2021-10-27 22:25:08 | Grief ransomware gang hit US National Rifle Association (NRA) (lien direct) | Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. The NRA was added to the list of compromised organizations on the leak site […] | Ransomware | ||
|
2021-10-27 20:28:56 | Ransomware Attacks Are Evolving. Your Security Strategy Should, Too (lien direct) | Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti. | Ransomware | ||
|
2021-10-27 19:58:37 | (Déjà vu) Avast released a free decryptor for Babuk ransomware (lien direct) | Researchers from cybersecurity firm Avast released a decryption tool for Babuk ransomware that allows victims to recover their files for free. Cybersecurity firm Avast has released a decryption tool for Babuk ransomware that allows victims to recover their files for free. The decryptor was created using the leaked source code and decryption keys. Babuk is […] | Ransomware Tool | ||
|
2021-10-27 16:37:26 | NRA: No comment on Russian ransomware gang attack claims (lien direct) | The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] | Ransomware | ||
|
2021-10-27 16:00:00 | The Weaponization of Operational Technology (lien direct) | Contributed to this research: Adam Laurie and Sameer Koranne. Given the accelerating rise in operational technology (OT) threats, this blog will address some of the most common threats IBM Security X-Force is observing against organizations with OT networks, including ransomware and vulnerability exploitation. IBM will also highlight several measures that can enhance security for OT […] | Ransomware Vulnerability | ||
|
2021-10-27 14:35:13 | Free decryptor released for Atom Silo and LockFile ransomware (lien direct) | Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] | Ransomware Tool |
To see everything:
Our RSS (filtrered)
