What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-01-10 16:01:00 | Decryptor gratuit publié pour les victimes de ransomwares de tortilla de Black Basta et Babuk \\ Free Decryptor Released for Black Basta and Babuk\\'s Tortilla Ransomware Victims (lien direct) |
Un décrypteur pour la variante Tortilla du ransomware Babuk a été & nbsp; libéré & nbsp; par Cisco Talos, permettant aux victimes ciblées par le malware de retrouver l'accès à leurs fichiers.
Le cabinet de cybersécurité a déclaré que les renseignements sur les menaces qu'il partageaient avec les autorités néerlandaises de l'application des lois avaient permis d'arrêter l'acteur de menace derrière les opérations.
La clé de chiffrement a également été partagée avec Avast,
A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast, |
Ransomware Malware Threat | ★★ | |
 |
2024-01-10 08:11:18 | La menace persistante des ransomwares: un aperçu de 2023 The Persistent Threat of Ransomware: A 2023 Overview (lien direct) |
> Alors que nous entrons dans une autre année, la menace persistante de ransomware reste une préoccupation critique pour ...
>As we enter another year, the persistent threat of ransomware remains a critical concern for... |
Ransomware Threat | ★★★ | |
 |
2024-01-09 22:00:00 | New York AG oblige la société de santé à investir 1,2 million de dollars en cybersécurité après une attaque de ransomware New York AG forces healthcare firm to invest $1.2 million in cybersecurity after ransomware attack (lien direct) |
L'État de New York oblige un fournisseur de soins de santé à investir plus de 1,2 million de dollars en cybersécurité après qu'une attaque de ransomware de 2021 a exposé les informations sensibles de plus de 250 000 personnes.Le 5 janvier, le procureur général de New York, Letitia James
The state of New York is forcing a healthcare provider to invest more than $1.2 million on cybersecurity after a 2021 ransomware attack exposed the sensitive information of more than 250,000 people. On January 5, New York Attorney General Letitia James announced that Refuah Health Center, which serves residents in the Hudson Valley, will also |
Ransomware | ★★★ | |
|
2024-01-09 19:15:00 | Des pirates turcs exploitant des serveurs MS SQL mal sécurisés à travers le monde Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe (lien direct) |
Les serveurs Microsoft SQL (MS SQL) mal sécurisés sont ciblés aux États-Unis, l'Union européenne et les régions latino-américaines (LATAM) dans le cadre d'une campagne en cours de motivation financière pour obtenir un accès initial.
"La campagne de menace analysée semble se terminer de deux manières, soit la vente de \\ 'Access \' à l'hôte compromis, soit la livraison ultime de charges utiles de ransomware", chercheurs de Securonix
Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. “The analyzed threat campaign appears to end in one of two ways, either the selling of \'access\' to the compromised host, or the ultimate delivery of ransomware payloads,” Securonix researchers |
Ransomware Threat | ★★★ | |
 |
2024-01-09 18:51:00 | Ransomware Gang donne au zoo de Toronto l'entreprise de singe Ransomware Gang Gives Toronto Zoo the Monkey Business (lien direct) |
Alors que l'enquête se poursuit, le zoo rapporte qu'il ne stockait pas les informations de carte de crédit de ses clients.
As the investigation continues, the zoo reports that it does not store the credit card information of its guests. |
Ransomware | ★★★ | |
|
2024-01-09 18:36:00 | Turkish Cyber Threat cible les serveurs MSSQL avec des ransomwares Mimic Turkish Cyber Threat Targets MSSQL Servers With Mimic Ransomware (lien direct) |
La base de données de Microsoft \\ continue d'attirer l'attention cybercriminale;La nature de ce groupe de menaces de cette vague est inconnue, les attaques n'ayant été exposées qu'après un décalage opsec.
Microsoft\'s database continues to attract cybercriminal attention; the nature of this wave\'s threat group is unknown, with the attacks having been exposed only after a happenstance OpSec lag. |
Ransomware Threat | ★★ | |
|
2024-01-09 16:15:00 | Des pirates turcs ciblant les serveurs de base de données avec des ransomwares Mimic Turkish hackers targeting database servers with Mimic ransomware (lien direct) |
Les pirates turcs visent des bases de données aux États-Unis, à l'Union européenne et en Amérique latine avec le Ransomware Mimic, selon de nouvelles recherches de la société de cybersécurité Securonix.Oleg Kolesnikov, vice-président de la recherche sur les menaces, a déclaré à enregistrer Future News que ce qui s'est le plus démarqué dans la campagne, c'est que les pirates ont personnalisé leurs attaques pour chaque victime
Turkish hackers are targeting databases in the United States, European Union and Latin America with the Mimic ransomware, according to new research from cybersecurity company Securonix. Oleg Kolesnikov, vice president of threat research, told Recorded Future News that what stood out most about the campaign was that the hackers customized their attacks for each victim |
Ransomware Threat | ★★ | |
 |
2024-01-09 16:09:01 | Victimes de ransomwares ciblées par de fausses offres de hack-back Ransomware victims targeted by fake hack-back offers (lien direct) |
Certaines organisations victimes des gangs royaux et ransomwares d'Akira ont été ciblées par un acteur de menace se faisant passer pour un chercheur en sécurité qui a promis de pirater l'attaquant d'origine et de supprimer les données de victime volées.[...]
Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data. [...] |
Ransomware Hack Threat | ★★★ | |
|
2024-01-09 15:30:00 | L'armée du Paraguay prévient un impact significatif \\ 'de ransomware après attaque contre le fournisseur d'Internet Paraguay military warns of \\'significant impact\\' of ransomware after attack on internet provider (lien direct) |
L'armée paraguayenne a publié un avertissement au cours du week-end des dangers des ransomwares après que l'un des meilleurs fournisseurs Internet du pays ait signalé de vastes problèmes d'une cyberattaque.La Direction générale des technologies de l'information et de la communication du pays - une agence au sein des forces armées connues par son acronyme digétique - publié Une alerte officielle
The Paraguayan military published a warning over the weekend about the dangers of ransomware after one of the country\'s top internet providers reported wide-ranging issues from a cyberattack. The country\'s General Directorate of Information and Communication Technologies - an agency within the armed forces known by its acronym Digetic - published an official alert on |
Ransomware | ★★ | |
 |
2024-01-09 15:11:43 | Rapport de Blackfog State of Ransomware - décembre 2023 BlackFog State of Ransomware Report- December 2023 (lien direct) |
Rapport sur l'état des ransomwares de Blackfog - décembre 2023. Ce rapport comprend toutes les attaques de ransomware divulguées publiquement et non publiques.
-
mise à jour malveillant
BlackFog State of Ransomware Report- December 2023. This report includes all publicly and non-publicly disclosed ransomware attacks. - Malware Update |
Ransomware | ★★★ | |
 |
2024-01-09 13:52:52 | LOANDEPOT met les systèmes hors ligne après une attaque de ransomware LoanDepot Takes Systems Offline Following Ransomware Attack (lien direct) |
> La société de prêts hypothécaires Loandepot a divulgué une cyberattaque entraînant un chiffrement des données et des perturbations du système.
>Mortgage lending firm LoanDepot has disclosed a cyberattack resulting in data encryption and system disruptions. |
Ransomware | ★★★ | |
|
2024-01-09 13:37:07 | Un gang de ransomware revendique une attaque contre la santé capitale Ransomware Gang Claims Attack on Capital Health (lien direct) |
> Le gang de ransomware de verrouillage prétend avoir volé plus de 7 téraoctets de données du système hospitalier Capital Health.
>The LockBit ransomware gang claims to have stolen over 7 terabytes of data from hospital system Capital Health. |
Ransomware | ★★★ | |
|
2024-01-09 13:33:00 | Le zoo de Toronto dit qu'il reste ouvert après une attaque de ransomware Toronto Zoo says it remains open after ransomware attack (lien direct) |
Le zoo de Toronto a déclaré lundi soir qu'il répondait à une attaque de ransomware détectée le 5 janvier.Une enquête sur l'incident une fois qu'elle a été découverte.Le zoo accueille plus de 1,2 million de visiteurs chaque année et possède l'une des collections d'animaux les plus diverses
The Toronto Zoo said Monday evening that it was responding to a ransomware attack detected on January 5. The organization said its staff immediately began an investigation into the incident once it was discovered. The zoo welcomes more than 1.2 million visitors each year and has one of the most diverse collections of animals of |
Ransomware | ★★ | |
 |
2024-01-09 12:30:00 | Nouvelle clé de décryptage disponible pour les victimes de ransomwares de tortilla Babuk New Decryption Key Available for Babuk Tortilla Ransomware Victims (lien direct) |
Cisco Talos a annoncé qu'une clé de décryptage pour la variante Babuk Tortilla Ransomware est disponible pour les victimes à télécharger
Cisco Talos announced that a decryption key for the Babuk Tortilla ransomware variant is available for victims to download |
Ransomware | ★★★ | |
 |
2024-01-09 11:57:12 | L'augmentation préoccupante des attaques centrées sur l'identité: tendances et faits The Concerning Rise in Identity-Centric Attacks: Trends and Facts (lien direct) |
Identity threats are by no means a new type of crime. But in today\'s increasingly digitized world, there are more opportunities for bad actors to steal identities and engage in identity-centric attacks than ever before. Unfortunately, user identities are tough for businesses to protect. The fact that these types of attacks are skyrocketing is evidence of that-in the past year alone the Identity Defined Security Alliance reports that a whopping 84% of companies experienced an identity-related security breach. In this post, we\'ll take a look at identity attack statistics and trends and provide some recent case studies to illustrate how some attacks work. We\'ll also highlight one of the most important identity threat facts-that the human element plays a crucial role in the success of these attacks. Understanding identity-centric attacks There are many types of identity attacks. When most people think of these types of crimes, they often imagine traditional identity theft scenarios: Financial identity theft, where a criminal gains access to a victim\'s financial data, like their credit card details, bank account numbers or Social Security number, to make unauthorized purchases, withdraw funds or open new accounts. Tax identity theft, where a bad actor uses a victim\'s personal information to file false tax returns and claim refunds, diverting the money to their own accounts. Employment identity theft, where a fraudster uses a victim\'s identity to get a job, potentially causing issues for that person when discrepancies arise in their employment and tax records. But identity-based attacks also target enterprises and their online users. The cybercriminals behind these attacks might aim to steal sensitive data, siphon off funds, damage or disrupt systems, deploy ransomware or worse. Those are the types of identity attacks we\'re covering here. Identity threat trends and tactics In short, identity-centric attacks are a practical calculation by bad actors: Why would they invest their time and resources to build exploits to help them get in through a virtual back door when they can just walk through the front door? But before they reap the rewards, they still have some legwork to do. Here are a few techniques that cybercriminals use to progress identity-based attacks against businesses and their users: MFA bypass attacks. Many businesses today use multifactor authentication (MFA) to protect the account of their users. It\'s more secure than using passwords alone. But of course, bad actors have found new ways to bypass commonly used MFA methods. MFA fatigue attacks are one example. People-activated malware. People often give life to malware when they fall for a phishing scam or other social engineering tactics. Malware can appear in the form of a .zip file, QR code, .html link, MS Office file and more-there are at least 60 known techniques to plant people-activated malware on corporate networks. Active Directory (AD) attacks. Most enterprises today use AD as a primary method for directory services like user authentication and authorization. Cybercriminals are keen to target AD, which touches almost every place, person and device on a network. This approach works very well, too-more than half of identity-related breaches can be traced back to AD. Cached credentials harvesting. Cached credentials are commonly stored on endpoints, in memory, in the registry, in a browser or on disk. Attackers use various tools and techniques to collect these credentials and gain access to more privileged identities. Once they have harvested these credentials, they can use them to move laterally and log into different applications. Adversaries are likely to find a good “crop” when they are harvesting cached credentials. Recent research from Proofpoint found that more than one in 10 endpoints have exposed privileged account passwords, making it one of the most common identity risks. Keep in mind that cybercriminals are always innovating, and they are quick to build or adopt tools that | Ransomware Malware Tool Threat Studies | Uber | ★★ |
|
2024-01-09 11:28:08 | Le paraguay met en garde contre les attaques de ransomwares de chasse noire après la violation de Tigo Business Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach (lien direct) |
L'armée du Paraguay met en garde contre les attaques de ransomwares de chasse noires après que les activités de Tigo ont subi une cyberattaque la semaine dernière sur le cloud et l'hébergement des services dans la division des affaires de la société.[...]
The Paraguay military is warning of Black Hunt ransomware attacks after Tigo Business suffered a cyberattack last week impacting cloud and hosting services in the company\'s business division. [...] |
Ransomware Cloud | ★★ | |
|
2024-01-09 09:30:00 | LOANDEPOT confirme l'attaque des ransomwares dans le dépôt de la SEC LoanDepot Confirms Ransomware Attack in SEC Filing (lien direct) |
Le prêteur hypothécaire LOANDEPOT a révélé une violation de ransomware entraînant des données volées et cryptées
Mortgage lender LoanDepot has revealed a ransomware breach resulting in stolen and encrypted data |
Ransomware | ★★ | |
 |
2024-01-09 05:30:27 | Securonix Threat Research Security Advisory: New Re # Turncence Attack Campaign: les pirates turcs ciblent les serveurs MSSQL pour fournir un ransomware de mimique à l'échelle du domaine Securonix Threat Research Security Advisory: New RE#TURGENCE Attack Campaign: Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware (lien direct) |
Securonix Threat Research Security Advisory: New Re # Turncence Attack Campaign: les pirates turcs ciblent les serveurs MSSQL pour fournir un ransomware de mimique à l'échelle du domaine
Securonix Threat Research Security Advisory: New RE#TURGENCE Attack Campaign: Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware |
Ransomware Threat | ★★★ | |
 |
2024-01-08 22:01:58 | Podcast de vie malveillante: devriez-vous payer des attaquants de ransomwares?Une approche de théorie des jeux Malicious Life Podcast: Should You Pay Ransomware Attackers? A Game Theory Approach (lien direct) |
|
Ransomware | ★★★ | |
|
2024-01-08 22:00:00 | Lockbit réclame l'attaque de novembre à l'hôpital du New Jersey qui a perturbé les soins aux patients LockBit claims November attack on New Jersey hospital that disrupted patient care (lien direct) |
Le gang de ransomware de Lockbit a pris le crédit de Une attaque de novembre sur un système hospitalier qui a forcé plusieurs installations multiplesDans le New Jersey et la Pennsylvanie pour annuler les rendez-vous et fonctionner sans dossiers de patients.This weekend, LockBit posted Capital Health to its extortion website, threatening to leak seven terabytes of stolen data from theentreprise.Le gang a affirmé
The LockBit ransomware gang took credit for a November attack on a hospital system that forced multiple facilities in New Jersey and Pennsylvania to cancel appointments and operate without patient files. This weekend, LockBit posted Capital Health to its extortion website, threatening to leak seven terabytes of stolen data from the company. The gang claimed |
Ransomware | ★★★ | |
|
2024-01-08 20:02:00 | Ransomware Gang prend le crédit pour l'attaque de Noël contre l'organisation mondiale luthérienne Ransomware gang takes credit for Christmas attack on global Lutheran organization (lien direct) |
Les détails sur une attaque de ransomware de Noël sur une organisation chrétienne mondiale sont devenus plus clairs cette semaine, car un gang de cybercriminalité a pris le crédit de ce qui semble être un vol de données lié.Le Conseil mondial des Églises (COE), une organisation inter-église, a déclaré le 28 décembre qu'elle avait été victime de ransomwares, mais n'avait pas offert
Details about a Christmas-season ransomware attack on a global Christian organization became clearer this week as a cybercrime gang took credit for what appears to be a related theft of data. The World Council of Churches (WCC), an inter-church organization, said on December 28 that it had been victimized by ransomware, but did not offer |
Ransomware | ★★★ | |
|
2024-01-08 18:22:00 | \\ 'Swatting \\' devient la dernière tactique d'extorsion dans les attaques de ransomwares \\'Swatting\\' Becomes Latest Extortion Tactic in Ransomware Attacks (lien direct) |
Les acteurs de la menace quittent les centres médicaux avec le choix difficile de payer la rançon ou de voir les patients en subissent les conséquences.
Threat actors leave medical centers with the difficult choice of paying the ransom or witnessing patients suffer the consequences. |
Ransomware Threat Medical | ★★★ | |
|
2024-01-08 17:16:43 | Zoo de Toronto: l'attaque des ransomwares n'a eu aucun impact sur le bien-être des animaux Toronto Zoo: Ransomware attack had no impact on animal wellbeing (lien direct) |
Le zoo de Toronto, le plus grand zoo du Canada, dit qu'une attaque de ransomware qui a frappé ses systèmes vendredi tôt n'a eu aucun impact sur les animaux, son site Web ou ses opérations quotidiennes.[...]
Toronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations. [...] |
Ransomware | ★★ | |
|
2024-01-08 16:30:00 | LOANDEPOT MORTYGYGYGENDER HIT AVEC CYBERATTADE LoanDepot mortgage lender hit with cyberattack (lien direct) |
L'un des plus grands prêteurs hypothécaires de détail aux États-Unis est au milieu d'une cyberattaque annoncée au cours du week-end.Loandepot a déclaré à Future News dans un communiqué dimanche qu'il connaît un cyber-incident, mais n'a pas dit s'il s'agissait d'une attaque de ransomware.Dans un avis sur son site Web, Loandepot a déclaré
One of the United States\' largest retail mortgage lenders is in the midst of a cyberattack announced over the weekend. LoanDepot told Recorded Future News in a statement on Sunday that it is experiencing a cyber incident but did not say if it is a ransomware attack. In a notice on its website, LoanDepot said |
Ransomware | ★ | |
 |
2024-01-08 13:17:15 | 8 janvier & # 8211;Rapport de renseignement sur les menaces 8th January – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes en cyberLes meilleures attaques et violations après Ransomware Gang Inc ont réclamé une attaque contre Xerox, la filiale de la société, Xerox Business Solution (XBS), a confirmé avoir subi une cyberattaque.Le porte-parole de Xerox a déclaré que bien que les données personnelles de XBS puissent avoir été [& # 8230;]
>For the latest discoveries in cyber research for the week of 1st January, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES After ransomware gang INC claimed an attack on Xerox, the company\'s subsidiary, Xerox Business Solution (XBS), confirmed having suffered a cyber-attack. Xerox spokesperson said that although personal data from XBS may have been […] |
Ransomware Threat | ★★ | |
 |
2024-01-08 13:15:11 | British Library: Les finances restent en bonne santé à mesure que la récupération des ransomwares continue British Library: Finances remain healthy as ransomware recovery continues (lien direct) |
Les auteurs continuent de perdre les paiements dus alors que la reconstruction des services numériques s'inscrit La bibliothèque britannique refuse des rapports suggérant les coûts de récupération pour son attaque de ransomware de 2023 peut atteindre des sommets de près de 9 millions de dollars en tant que travail pourLes services de restauration restent en cours.… | Ransomware | ★★ | |
|
2024-01-08 12:39:58 | Le prêteur hypothécaire américain LOANDEPOT confirme l'attaque des ransomwares US mortgage lender loanDepot confirms ransomware attack (lien direct) |
Le principal prêteur hypothécaire américain, Loandepot, a confirmé aujourd'hui qu'un cyber-incident divulgué au cours du week-end était une attaque de ransomware qui a conduit au chiffrement des données.[...]
Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. [...] |
Ransomware | ★★ | |
|
2024-01-08 11:11:45 | MasterCard Data Fuite, nouveau ransomware entièrement indétectable, fuite de code source de voleur insaisissable, et plus Mastercard Data Leak, New Fully Undetectable Ransomware, Elusive Stealer Source Code Leak, and More (lien direct) |
Dans les découvertes récentes dans le paysage du cyber-menace, l'équipe Web Socradar Dark a identifié ...
In recent discoveries across the cyber threat landscape, the SOCRadar Dark Web Team has identified... |
Ransomware Threat | ★★ | |
 |
2024-01-08 11:00:00 | Le siège de botnet: comment votre grille-pain pourrait renverser une société The Botnet siege: How your toaster could topple a corporation (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In addition to the overt signs of cyber threats we\'ve become conditioned to recognize, like ransomware emails and strange login requests, malicious actors are now utilizing another way to achieve their nefarious purposes — by using your everyday devices. These hidden dangers are known as botnets. Unbeknownst to most, our everyday devices, from toasters to smart fridges, can unwittingly be enlisted as footsoldiers in a digital army with the potential to bring down even corporate giants. This insidious force operates in silence, escaping the notice of even the most vigilant users. A recent report by Nokia shows that criminals are now using these devices more to orchestrate their attacks. In fact, cyber attacks targeting IoT devices are expected to double by 2025, further muddying the already murky waters. Let us go to the battlements of this siege, and we’ll tackle the topic in more depth. What is a botnet? Derived from the words “robot” and "network.", a botnet refers to a group of devices that have been infected with malicious software. Once infected, these devices are controlled remotely by a central server and are often used to carry out malicious activities such as cyber attacks, espionage, financial fraud, spam email campaigns, stealing sensitive information, or simply the further propagation of malware. How does a botnet attack work? A botnet attack begins with the infection of individual devices. Cybercriminals use various tactics to compromise these devices, such as sending malicious emails, exploiting software vulnerabilities, or tricking users into downloading malware. Everyday tech is notoriously prone to intrusion. The initial stages of building a botnet are often achieved with deceptively simple yet elegant tactics. Recently, a major US energy company fell prey to one such attack, owing to hundreds of phishing emails. By using QR code generators, the attacks combined two seemingly benign elements into a campaign that hit manufacturing, insurance, technology, and financial services companies, apart from the aforementioned energy companies. This new attack vector is now being referred to as Quishing — and unfortunately, it’s only going to become more prevalent. Once a device has been compromised, it becomes part of the botnet. The cybercriminal gains control over these infected devices, which are then ready to follow the attacker\'s commands. The attacker is then able to operate the botnet from a central command-and-control server to launch various types of attacks. Common ones include: Distributed denial-of-service (DDoS). The botnet floods a target website or server with overwhelming traffic, causing it to become inaccessible to legitimate users. Spam emails. Bots can be used to send out massive volumes of spam emails, often containing phishing scams or malware. Data theft. Botnets can steal sensitive information, such as login credentials or personal data, from the infected devices. Propagation. S | Ransomware Spam Malware Vulnerability Threat | ★★ | |
|
2024-01-08 10:53:33 | Capital Health Attack revendiqué par Lockbit Ransomware, risque de fuite de données Capital Health attack claimed by LockBit ransomware, risk of data leak (lien direct) |
L'opération de ransomware de Lockbit a revendiqué la responsabilité d'une cyberattaque de novembre 2023 sur le réseau hospitalier de la santé Capital et menace de divulguer les données volées et les chats de négociation d'ici demain.[...]
The Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...] |
Ransomware | ★★★ | |
 |
2024-01-08 08:45:00 | L'attaque des ransomwares de la bibliothèque britannique pourrait coûter jusqu'à & livre; 7m British Library ransomware attack could cost up to £7m (lien direct) |
L'opération de ransomware de Lockbit a revendiqué la responsabilité d'une cyberattaque de novembre 2023 sur le réseau hospitalier de la santé Capital et menace de divulguer les données volées et les chats de négociation d'ici demain.[...]
The Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...] |
Ransomware | ★★ | |
|
2024-01-05 22:45:00 | Universités, écoles de la maternelle à la 12 Universities, K-12 schools still recovering from cyber incidents over holiday season (lien direct) |
Les universités et les écoles primaires du monde entier ont traité des cyber-incidents et des attaques de ransomwares au cours du dernier mois alors que les pirates ont ciblé les équipes informatiques à personnel légèrement au fil des fêtes.Jeudi, l'Université Memorial de Terre-Neuve a averti qu'un incident de cybersécurité annoncé Le 31 décembre causerait des problèmespour «au moins quelques semaines».L'école,
Universities and grade schools across the world have dealt with cyber incidents and ransomware attacks over the last month as hackers targeted lightly-staffed IT teams over the holiday season. On Thursday, Memorial University in Newfoundland warned that a cybersecurity incident announced on December 31 would cause issues for “at least a few weeks.” The school, |
Ransomware | ★★ | |
|
2024-01-05 21:54:33 | Après hôpital de cancer paralysant avec des ransomwares, les crimes menacent de SWAT des patients After crippling cancer hospital with ransomware, crims threaten to swat patients (lien direct) |
Rappelez-vous le bon vieux temps où les escrocs des ransomwares ont promis de ne pas infecter les centres médicaux? Les extorqueurs menacent maintenant de SWAT Hospital Patients - appelant des menaces de bombe ou d'autres faux rapports à la police si fortement armés montrent que les flics armés montrentchez les victimes \\ 'Homes - Si les centres médicaux ne paient pas les escrocs \' ransom.…
Remember the good old days when ransomware crooks vowed not to infect medical centers? Extortionists are now threatening to swat hospital patients - calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims\' homes - if the medical centers don\'t pay the crooks\' ransom demands.… |
Ransomware Threat Medical | ★★★★ | |
|
2024-01-05 21:50:00 | Vente d'incendie: le code source du ransomware Zeppelin se vend 500 $ sur Dark Web Fire Sale: Zeppelin Ransomware Source Code Sells for $500 on Dark Web (lien direct) |
L'acheteur pourrait utiliser le code pour redémarrer le fonctionnement du Ransomware-as-a-A-Service.
The buyer could use the code to restart the up to now all-but defunct Zeppelin ransomware-as-a-service operation. |
Ransomware | ★★★ | |
|
2024-01-05 13:56:46 | Dans d'autres nouvelles: US Ransomware Attacks, 23andMe blâme les victimes, la tentative de piratage des déchets nucléaires In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt (lien direct) |
> Des histoires remarquables qui auraient pu glisser sous le radar: Rapport sur les attaques de ransomwares américaines, 23andMe blâme les victimes du piratage, la société de déchets nucléaires ciblée.
>Noteworthy stories that might have slipped under the radar: report on US ransomware attacks, 23andMe blames victims for hack, nuclear waste company targeted. |
Ransomware Hack | ★★★ | |
|
2024-01-05 06:00:31 | 2023 Année en revue: versions de contenu axées sur les menaces pour la sensibilisation à la sécurité 2023 Year in Review: Threat-Driven Content Releases for Security Awareness (lien direct) |
As a new year approaches, it is natural to reflect on recent accomplishments. At Proofpoint, we are reflecting on our work to deliver security awareness content and updated features in line with our ongoing goal to drive behavior change. Proofpoint Security Awareness integrates our rich threat intelligence, which means it taps into current and emerging attacks. Our threat analysts surface threat trends, such as artificial intelligence (AI)-enhanced vishing, malicious QR codes and remote IT support scams. And then we work quickly to release new training features and awareness material to ensure inform security administrators and educate employees about ever-evolving attacks. In 2023, our content releases focused on three areas: Delivering a threat-driven program Improving how security awareness administrators work Enhancing how people learn Let\'s review the past year and explore how Proofpoint used content releases to respond to the changing threat landscape. Image from AI Chatbot Threats training (play video). Quick turnaround for threat trends Proofpoint Security Awareness alerts customers to threats in two powerful ways-Threat Alerts and Attack Spotlights. It also continuously trains employees with threat-driven training modules. Threat Alerts These weekly releases focus on a specific and current ongoing attack. They explain what the threat is and who it might target. And they describe a specific lure, if applicable. Each alert is linked to activity that our threat analysts see happening in the wild. We recommend applicable training like simulated phishing and awareness material and include suggested email messaging. In 2023, we released Threat Alerts on: IRS-themed phishing lures for tax season (February, March, April) AI-enhanced vishing calls that impersonate loved ones (March) Malicious QR codes for credential phishing (May, August) Telephone-oriented attack delivery (TOAD) using a Geek Squad PDF lure (July, October) Charity donation scams around the Israel-Palestine crisis (October) Christmas party lures for credential phishing (November) Attack Spotlights These monthly releases cast a wider lens on attack types. They focus on a time-based or reoccurring threat that is expected to trend, typically related to holidays, travel seasons or shopping events. Each spotlight is released a month in advance with a campaign plan, awareness material and training modules, and is available in 12 core languages. In 2023, Proofpoint published these Attack Spotlight campaigns: Smishing with package delivery lures (February) Business email compromise (BEC) phishing with requests for quotations (RFQs) (April) LinkedIn phishing lures (May) Amazon phishing lures (June) Remote IT support scams (September) Gift card scams (December) Image from Attack Spotlight video (play video). Threat modules These training videos are relevant to the changing threat landscape. They are inspired by our threat intelligence and our team\'s threat landscape research. These micro-learning modules are grounded in learning science principles that are designed to drive behavior change. Each module has a concise and specific learning objective. The delivery of content is tailored to individual factors such as a person\'s role, learning style, vulnerability level and preferred language. In 2023, we covered these topics in our new threat training modules: Data loss protection AI chatbot threats Amazon phishing scams Cryptocurrency investment scams QR code dangers Multifactor authentication (MFA) Image from Threat Module video (play video). Staying ahead of generative AI attacks AI-powered systems are promoted as tools to help us work faster, and they are transforming businesses and industries. This wide-reaching access can create security risks from potential data breaches to concerns over user privacy. Your employees need to be aware of the limitations and risks of using AI-powered tools, especiall | Ransomware Tool Vulnerability Threat Studies Prediction Cloud | ★★★★ | |
|
2024-01-04 11:46:32 | Estes Express Lines indique que les données personnelles ont été volées dans une attaque de ransomware Estes Express Lines Says Personal Data Stolen in Ransomware Attack (lien direct) |
> Estes Express Lines informe plus de 21 000 personnes que leurs informations personnelles ont été volées dans une attaque de ransomware.
>Estes Express Lines is informing over 21,000 individuals that their personal information was stolen in a ransomware attack. |
Ransomware | ★★★ | |
|
2024-01-04 10:30:00 | Les experts s'affrontent sur l'interdiction de paiement des ransomwares Experts Clash Over Ransomware Payment Ban (lien direct) |
Emsisoft a appelé à une interdiction complète des paiements des ransomwares après une autre année record d'attaques
Emsisoft has called for a complete ban on ransomware payments after another record-breaking year of attacks |
Ransomware | ★★★ | |
|
2024-01-03 22:08:00 | Ransomware Group affirme la cyber violation de la filiale de Xerox Ransomware Group Claims Cyber Breach of Xerox Subsidiary (lien direct) |
Après que le personnel de la cybersécurité de Xerox a découvert la violation, ils ont amené des experts tiers pour enquêter.
After Xerox cybersecurity personnel discovered the breach, they brought in third-party experts to investigate. |
Ransomware | ★★ | |
|
2024-01-03 16:46:00 | \\ 'Black Basta Buster \\' exploite le bogue du ransomware pour la récupération de fichiers \\'Black Basta Buster\\' Exploits Ransomware Bug for File Recovery (lien direct) |
Un outil permet désormais que les fichiers de victime chiffrés par le gang Black Basta Cybercriminal soient entièrement ou partiellement récupérables, selon leur taille.
A tool now allows for victim files encrypted by the Black Basta cybercriminal gang to be fully or partially recoverable, depending on their size. |
Ransomware Tool | ★★ | |
 |
2024-01-03 15:57:52 | Ransomware Lockbit 3.0 perturbe les soins d'urgence dans plusieurs hôpitaux allemands Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals (lien direct) |
|
Ransomware | ★★ | |
|
2024-01-03 13:15:14 | Bien reçu?Xerox confirme \\ 'Incident de sécurité \\' à la filiale Copy that? Xerox confirms \\'security incident\\' at subsidiary (lien direct) |
Company\'s removal from ransomware gang\'s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INCRansom a affirmé avoir exfiltré les données du copiant et du géant imprimé.…
Company\'s removal from ransomware gang\'s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.… |
Ransomware | ★★ | |
|
2024-01-03 10:32:59 | Xerox confirme la violation des données à la filiale américaine après une attaque de ransomware Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack (lien direct) |
> Xerox dit que les informations personnelles ont été volées dans une cyberattaque chez US Filiale Xerox Business Solutions.
>Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions. |
Ransomware Data Breach | ★★ | |
|
2024-01-03 10:15:00 | Xerox Business Solutions révèle une rupture de sécurité Xerox Business Solutions Reveals Security Breach (lien direct) |
L'imagerie géante Xerox dit qu'elle a subi un incident de sécurité, car Ransomware Group Inc Ransom revendique le cuir chevelu
Imaging giant Xerox says it suffered a security incident, as ransomware group INC Ransom claims scalp |
Ransomware | ★★ | |
|
2024-01-03 08:30:08 | Interdiction officielle des paiements de ransomwares?Demander des orgs bien de ne pas cracher Formal ban on ransomware payments? Asking orgs nicely to not cough up ain\\'t working (lien direct) |
Avec la demande moyenne atteignant 1,5 million de dollars, quelque chose que \\ a changé Emsisoft a appelé à une interdiction complète des paiements de rançon après une autre année record d'extorsion numérique.… | Ransomware | ★★ | |
 |
2024-01-02 23:46:43 | Détection de la reconnaissance interne dans les environnements de domaine en utilisant EDR Detection of Internal Reconnaissance in Domain Environments Using EDR (lien direct) |
Alors que les acteurs de la menace peuvent augmenter les bénéfices en installant des co -miners ouUn logiciel malveillant de porte dérobée ou de rat pour prendre le contrôle du système infecté.Les infostelleurs sont utilisés dans le but de voler des informations sur les utilisateurs dans le système, mais parfois, ils sont utilisés pour obtenir des données qui peuvent être utilisées pour prendre le contrôle du système cible afin d'installer finalement des co -miners ou des ransomwares.Cela peut ne pas être important si l'attaque cible ...
While threat actors can raise a profit by installing CoinMiners or ransomware strains after initial access, they often first install a backdoor or RAT malware to seize control over the infected system. Infostealers are used for the purpose of stealing user information in the system, but sometimes, they are used to obtain data that can be utilized in gaining control over the target system to ultimately install CoinMiners or ransomware. This may not be of significance if the attack target... |
Ransomware Malware Threat | ★★★ | |
|
2024-01-02 19:15:00 | Les pirates abritent la base de données d'audience du tribunal australien Hackers breach Australian court hearing database (lien direct) |
Le système judiciaire de l'Australie \\ a été frappé par une attaque de ransomwares qui a potentiellement exposé des enregistrements sensibles de certaines audiences judiciaires.Les services judiciaires Victoria (CSV), un organe administratif qui soutient les opérations des tribunaux dans l'État de Victoria, ont détecté l'attaque le 21 décembre. L'incident a conduit à la perturbation de la
The court system for Australia\'s second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria (CSV), an administrative body that supports the operations of the courts in the state of Victoria, detected the attack on December 21. The incident led to the disruption of the |
Ransomware | ★★ | |
|
2024-01-02 19:14:00 | La chaîne suédoise des supermarchés Coop répond à la cyberattaque Swedish supermarket chain Coop responds to cyberattack (lien direct) |
Coop, l'une des plus grandes chaînes de supermarchés de Suède, a déclaré qu'elle s'occupait d'une cyberattaque affectant les magasins du comté de V & Auml; Rmland.Un gang de ransomware nommé cactus a affirmé Coop V & Auml; Rmland était la cible de l'attaque.Coopérative
Coop, one of Sweden\'s largest supermarket chains, said it is dealing with a cyberattack affecting stores in the county of Värmland. A ransomware gang named Cactus claimed it attacked the company on December 29 and in a statement to Recorded Future News, a spokesperson explained that Coop Värmland was the target of the attack. Coop |
Ransomware | ★★★ | |
|
2024-01-02 19:02:10 | Cybersecurity-Vorhersagen für 2024 (lien direct) | le n & auml;Obligation obligatoire, ransomware, gestion des secrets, informatique quantique et Verschle post-Quantum & Uuml;
-
rapports spéciaux
/ /
affiche
Das nächste Jahr wird in der Cybersicherheitsbranche aus Sicht von Thales von fünf großen Trends geprägt sein: Der Suche nach Standards und Verantwortlichen für die Rechenschaftspflicht, Ransomware, Secrets-Management, Quantencomputing und Post-Quantenverschlüsselung. - Sonderberichte / affiche |
Ransomware | ★ | |
|
2024-01-02 16:15:13 | Les audiences des tribunaux deviennent un préoccupation des ransomwares après la violation du système judiciaire Court hearings become ransomware concern after justice system breach (lien direct) |
De la procédure judiciaire au potentiel de fourrage YouTube Le système judiciaire de Victoria, en Australie, a été soumis à une attaque de ransomware présumée dans laquelle les enregistrements audiovisuels des audiences judiciaires peuvent être accessibles.… | Ransomware | ★★★ |
To see everything:
Our RSS (filtrered)
