What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-10-18 16:37:41 | Ghostlocker: une nouvelle génération de ransomwares en tant que service (RAAS) GhostLocker: A New Generation of Ransomware as a Service (RaaS) (lien direct) |
Ces derniers temps, nous avons assisté à une forte augmentation des attaques de ransomwares, une tendance déconcertante ...
In recent times, we have witnessed a sharp uptick in ransomware attacks, a disconcerting trend... |
Ransomware | ★★ | |
 |
2023-10-18 15:45:00 | Le groupe pro-ukraine dit qu'il a abattu le site Web de Ransomware Trigona Pro-Ukraine group says it took down Trigona ransomware website (lien direct) |
Un groupe de hacktivistes pro-ukraine connus sous le nom de Cyber Alliance ukrainien dit qu'il a fermé le site de fuite géré par le groupe Ransomware Trigona.Selon le porte-parole de l'alliance, qui passe par l'alias en ligne "Herm1t", les hacktivistes ont anéanti 10 des serveurs de Trigona Gang \\, ont défait son site Web et les données exfiltrées
A group of pro-Ukraine hacktivists known as the Ukrainian Cyber Alliance says it has shut down the leak site run by the Trigona ransomware group. According to the spokesperson for the alliance, who goes by the online alias "herm1t," the hacktivists wiped out 10 of the Trigona gang\'s servers, defaced its website and exfiltrated data |
Ransomware | ★★ | |
 |
2023-10-18 12:00:00 | Obtenez le rapport AT & amp; T Cybersecurity Insights Rapport: Focus sur la vente au détail Get the AT&T Cybersecurity Insights Report: Focus on Retail (lien direct) |
We’re pleased to announce the availability of the 2023 AT&T Cybersecurity Insights Report: Focus on Retail. The report examines the edge ecosystem, surveying retail IT leaders from around the world, and provides benchmarks for assessing your edge computing plans. This is the 12th edition of our vendor-neutral and forward-looking report. Last year’s focus on retail report documented how we secure the data, applications, and endpoints that rely on edge computing (get the 2022 report). Get the complimentary 2023 report. The robust quantitative field survey reached 1,418 security, IT, application development, and line of business professionals worldwide. The qualitative research tapped subject matter experts across the cybersecurity industry. Retail-specific respondents equal 201. At the onset of our research, we established the following hypotheses. Momentum edge computing has in the market. Approaches to connecting and securing the edge ecosystem – including the role of trusted advisors to achieve edge goals. Perceived risk and perceived benefit of the common use cases in each industry surveyed. The results focus on common edge use cases in seven vertical industries – healthcare, retail, finance, manufacturing, energy and utilities, transportation, and U.S. SLED- delivering actionable advice for securing and connecting an edge ecosystem, including external trusted advisors. Finally, it examines cybersecurity and the broader edge ecosystem of networking, service providers, and top use cases. The role of IT is shifting, embracing stakeholders at the ideation phase of development. Edge computing is a transformative technology that brings together various stakeholders and aligns their interests to drive integrated business outcomes. The emergence of edge computing has been fueled by a generation of visionaries who grew up in the era of smartphones and limitless possibilities. Look at the infographic below for a topline summary of key findings in the retail industry. In this paradigm, the role of IT has shifted from being the sole leader to a collaborative partner in delivering innovative edge computing solutions. In addition, we found that retail leaders are budgeting differently for edge use cases. These two things, along with an expanded approach to securing edge computing, were prioritized by our respondents in the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem. One of the most promising aspects of edge computing is its potential to effectively use near-real-time data for tighter control of variable operations such as inventory and supply chain management that deliver improved operational efficiency. Adding new endpoints is essential for collecting the data, but how they’re connected can make them vulnerable to cyberattacks. Successful cyberattacks can disrupt services, highlighting the need for robust cybersecurity measures. Edge computing brings the data closer to where decisions are made. With edge computing, the intelligence required to make decisions, the networks used to capture and transmit data, and the use case management are distributed. Distributed means things work faster because nothing is backhauled to a central processing area such as a data center and delivers the near-real-time experience. With this level of complexity, it’s common to re-evaluate decisions regarding security, data storage, or networking. The report shares emerging trends as retail continues exploring edge computing use cases. One area that’s examined is expense allocation, and what we found may | Ransomware Studies | ★★★ | |
 |
2023-10-18 09:15:08 | Les escrocs malveillants trouvent une mise à jour de fausses navigateurs, au cas où les vrais ne seraient pas assez mauvais Malware crooks find an in with fake browser updates, in case real ones weren\\'t bad enough (lien direct) |
Les chercheurs disent que le ransomware pourrait être à l'horizon si le succès se poursuit Une augmentation des cybercriminels masquant les téléchargements malveillants car de fausses mises à jour du navigateur sont repérées par des chercheurs en sécurité.…
Researchers say ransomware could be on the horizon if success continues An uptick in cybercriminals masking malicious downloads as fake browser updates is being spotted by security researchers.… |
Ransomware Malware | ★★ | |
|
2023-10-17 20:15:00 | Le gouvernement chilien met en garde contre les attaques de ransomwares noirs de Basta après incident de douane Chilean government warns of Black Basta ransomware attacks after customs incident (lien direct) |
Le gouvernement du Chili a mis en garde contre les attaques de ransomwares par une gang notoire de pirates après que son service des douanes ait traité mardi un incident.Les responsables du Chili \'s Servicio Nacional de Aduanas de Chili & # 8211;le ministère du gouvernement en charge du commerce extérieur, des importations et plus & # 8211;a déclaré mardi après-midi qu'ils ont pu
The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday. Officials from Chile\'s Servicio Nacional de Aduanas de Chile – the government department in charge of foreign trade, imports and more – said on Tuesday afternoon that they were able to |
Ransomware | ★★ | |
 |
2023-10-17 18:40:56 | Les cyber-assureurs notent que les revendications de ransomware ont augmenté de manière significative au premier semestre de 2023 Cyber Insurers Notes Ransomware Claims Rose Significantly in the First Half of 2023 (lien direct) |
|
Ransomware | ★★ | |
|
2023-10-17 13:30:00 | Géant des ventes de publicité télévisée affectée par l'attaque des ransomwares TV advertising sales giant affected by ransomware attack (lien direct) |
Une entreprise de vente et de technologie de publicité télévisée appartenant aux trois plus grands opérateurs de câblodistribution américaine a été frappée par une attaque de ransomware ces dernières semaines qui a affecté les opérations.AmperSand - appartenant à Comcast Corporation, Charter Communications et Cox Communications - fournit des données d'audience aux annonceurs d'environ 85 millions de ménages et existe depuis 1981.
A television advertising sales and technology company joinly owned by the three largest U.S. cable operators was hit with a ransomware attack in recent weeks that affected operations. Ampersand - owned by Comcast Corporation, Charter Communications and Cox Communications - provides viewership data to advertisers about 85 million households and has existed since 1981. Last |
Ransomware | ★★ | |
 |
2023-10-16 15:30:00 | Ransomware cible les serveurs WS_FTP non corrigés Ransomware Targets Unpatched WS_FTP Servers (lien direct) |
Les acteurs de la menace ont tenté d'escalader les privilèges en utilisant l'outil open source Godpotato
The threat actors attempted to escalate privileges using the open-source GodPotato tool |
Ransomware Tool Threat | ★★ | |
 |
2023-10-16 14:04:05 | 16 octobre & # 8211;Rapport de renseignement sur les menaces 16th October – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 9 octobre, veuillez télécharger notre bulletin Threat_Intelligence.Les meilleurs attaques et violations Gang de ransomware de verrouillage ont revendiqué la responsabilité d'une prétendue attaque contre le revendeur de produits et services informatiques de plusieurs milliards de dollars CDW.Le gang a demandé une rançon de 80 millions de dollars et a menacé de publier des données volées, censées [& # 8230;]
>For the latest discoveries in cyber research for the week of 9th October, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES LockBit ransomware gang has claimed responsibility for an alleged attack on the multibillion-dollar IT products and services reseller CDW. The gang has demanded $80M ransom and threatened to release stolen data, said to […] |
Ransomware Threat | ★★ | |
|
2023-10-16 11:30:00 | Le secteur des soins de santé a mis en garde contre le nouveau groupe de ransomwares Noescape Healthcare Sector Warned About New Ransomware Group NoEscape (lien direct) |
Le gouvernement américain a souligné les opérations du groupe Noescape, qui serait un changement de marque de l'acteur de menace russe Avaddon
The US government highlighted the operations of the NoEscape group, which is believed to be a rebrand of Russian threat actor Avaddon |
Ransomware Threat Medical | ★★ | |
 |
2023-10-16 07:29:59 | Navigation du cyber-risque: ce qu'il faut rechercher dans la couverture de la cyber-assurance Navigating Cyber Risk: What to Look for in Cyber Insurance Coverage (lien direct) |
Modern threats like phishing, ransomware and data breaches cast a dark cloud over businesses across sectors. For most bad actors, the goal of an attack is financial. As Proofpoint noted in the 2023 State of the Phish report, 30% of businesses that endured a successful attack experienced a direct monetary loss, such as a fraudulent invoice, wire transfer or payroll redirection. That is an increase of 76% year over year. A cyber insurance policy can protect you from the financial losses caused by cybersecurity incidents and data breaches. And when businesses pair cyber insurance with the prowess of Proofpoint solutions, they can build a formidable defense strategy. In this blog, we\'ll go over some best practices for choosing and managing you cyber insurance policy so you can protect yourself from risk. Actions that cyber criminals monetize Our research for the latest State of the Phish report shows that the three most common consequences of a cyber attack are: Data breach (44%) Ransomware infection (43%) Account compromise (36%) Notably, cyber criminals can monetize all these actions. Most common results of successful phishing attacks. (Source: 2023 State of the Phish report from Proofpoint.) Just one cybersecurity incident can cost tens of thousands of dollars. So, it\'s easy to understand why insurers see these incidents as too costly to cover in their general liability policies. But with cyber insurance, your business has a tool to help manage risk. Why cyber insurance can be a vital financial safety net While firewalls and endpoint protections remain vital, the truth is that a level of residual risk always exists. No matter how fortified your security is, breaches can happen due to ingenious adversaries, human error or just unfortunate circumstances. This is where cyber insurance comes to the rescue. It is the safety net that catches your business when your defenses fall short. It can help you cover costs like ransomware payments, legal fees, and costs associated with crisis management and revenue loss. In the graphic below, we can see how often cyber insurance covered losses from ransomware attacks among those surveyed for our 2023 State of the Phish report. Nearly three-quarters (73%) of businesses with cyber insurance policies said their insurers paid at least some of their ransomware-related losses. (Source: 2023 State of the Phish report from Proofpoint.) Cyber insurance best practices Now that we\'ve covered why cyber insurance can be a vital financial safety net, let\'s look at some essential best practices for cyber insurance. These measures can help your business become more effective at managing cybersecurity risks. Find an expert and ask for support and guidance. Specialized brokers are your allies in the intricate world of cyber insurance. Insurers vary in risk appetite, claim acceptance rates and expertise. Brokers have an in-depth grasp of this landscape, and they will assess your options meticulously. They will help ensure that the policy you choose is the right fit for your industry, size, risk profile and more. Be prepared for a rigorous assessment. Today, insurers want more insight into your company\'s security protocols and controls before they issue a cyber insurance policy. So preparedness is key. Be ready to provide evidence, like external audits, penetration test results and compliance certifications to insurers. If you implement access controls that insurers deem vital, such as multifactor authentication (MFA) and privileged access management (PAM), it may help to reduce your premiums. Closely examine coverage scope. Coverage specifics vary globally. But you will find that most cyber insurance policies cover a portion of losses from ransomware attacks and expenses linked to crisis responses. You need to have a thorough understanding of the breach scenarios your policy does or does not cover. Take note of any exclusions. Also, be sure to scrutinize services like breach investigation support, legal | Ransomware Tool Threat Guideline Cloud | ★★★ | |
|
2023-10-16 04:00:00 | Les tribunaux du Kansas ont fermé, les systèmes électroniques ont baissé après une prétendue attaque de ransomware Kansas courts closed, electronic systems down after alleged ransomware attack (lien direct) |
Les tribunaux du Kansas sont confrontés à une variété de problèmes à la suite d'une prétendue attaque de ransomware la semaine dernière.La ville de Topeka a annoncé dimanche que ses divisions de la Cour municipale et de sa probation et de ses poursuites seront fermées au public lundi, tandis que la Cour suprême du Kansas utilise exclusivement des dossiers papier pour opérer.Juge Philip Journey, de
Courts across Kansas are facing a variety of issues following an alleged ransomware attack last week. The city of Topeka announced Sunday that its municipal court and probation and prosecution divisions will be closed to the public on Monday, while the Kansas Supreme Court is exclusively using paper records to operate. Judge Philip Journey, of |
Ransomware | ★★★ | |
|
2023-10-16 02:58:14 | Le régulateur, les assureurs et les clients viennent tous pour les progrès après la violation de Moveit Regulator, insurers and customers all coming for Progress after MOVEit breach (lien direct) |
De plus, CISA catalogage de nouveaux points de données de ransomware, des sites WP 17K détournés par malware en septembre, et des vulns plus critiques infosec en bref les retombées de l'exploitation des boguesIn Progress Software \'s Moveit File Transfer Software se poursuit, la Commission américaine des Securities and Exchange (SEC) enquête désormais sur l'affaire et de nombreuses parties touchées à la rémunération.…
Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Infosec in brief The fallout from the exploitation of bugs in Progress Software\'s MOVEit file transfer software continues, with the US Securities and Exchange Commission (SEC) now investigating the matter, and lots of affected parties seeking compensation. … |
Ransomware Malware | ★★★ | |
|
2023-10-15 21:45:00 | Colonial Pipeline attribue les prétentions des ransomwares à \\ 'non liée à la violation de données tierces Colonial Pipeline attributes ransomware claims to \\'unrelated\\' third-party data breach (lien direct) |
Colonial Pipeline a déclaré qu'il n'y avait pas eu de perturbation des opérations de pipeline ou de leurs systèmes après qu'un gang de ransomware a fait plusieurs menaces vendredi après-midi.La société & # 8211;qui gère le plus grand système de pipeline pour les produits à l'huile raffinés aux États-Unis & # 8211;adressé les affirmations faites par le gang rancéd.vc que les données avaient été volées à leur
Colonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats on Friday afternoon. The company – which runs the largest pipeline system for refined oil products in the U.S. – addressed claims made by the Ransomed.vc gang that data had been stolen from their |
Ransomware Data Breach | ★★★ | |
 |
2023-10-14 01:43:36 | Colonial Pipeline nie la violation de RansomEdVC Ransomware Group Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group (lien direct) |
> Par waqas
violation de données tierce suspectée dans les fichiers en ligne liés au pipeline colonial.
Ceci est un article de HackRead.com Lire le post original: pipeline colonialRefuse la violation de Ransomedvc Ransomware Group
>By Waqas Third-Party Data Breach Suspected in Online Files Linked to Colonial Pipeline. This is a post from HackRead.com Read the original post: Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group |
Ransomware Data Breach | ★★ | |
 |
2023-10-13 20:25:58 | Feds: Méfiez-vous des attaques du ransomware Avoslocker contre l'infrastructure critique Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure (lien direct) |
La CISA et le FBI avertissent que les affiliés du fournisseur RAAS frappaient des industries critiques, avec plus d'attaques qui devraient provenir de groupes de ransomware supplémentaires dans les mois à venir.
CISA and FBI warn the RaaS provider\'s affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead. |
Ransomware | ★★ | |
 |
2023-10-13 18:26:21 | La semaine en ransomware - 13 octobre 2023 - Attaques croissantes The Week in Ransomware - October 13th 2023 - Increasing Attacks (lien direct) |
Les gangs de ransomware continuent de caresser l'entreprise, les attaques causant une perturbation dans les opérations commerciales et entraînant des violations de données si une rançon n'est pas payée.[...]
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if a ransom is not paid. [...] |
Ransomware | ★★ | |
 |
2023-10-13 16:37:00 | Les attaques de ransomware ont doublé d'année en année.Les organisations sont-elles équipées pour gérer l'évolution des ransomwares en 2023? Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023? (lien direct) |
Les attaques de ransomwares n'ont augmenté que dans la sophistication et les capacités au cours de la dernière année.Des nouvelles techniques d'évasion et d'anti-analyse aux variantes furtives codées dans de nouvelles langues, les groupes de ransomwares ont adapté leurs tactiques pour contourner efficacement les stratégies de défense communes.
Cet article couvrira uniquement ces nouveaux développements au troisième trimestre et donnera des prédictions sur les trimestres
Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively. This article will cover just some of those new developments in Q3-2023 as well as give predictions on quarters to |
Ransomware | ★★★ | |
|
2023-10-13 15:55:00 | FBI, CISA met en garde contre l'augmentation des attaques de ransomware Avoslocker contre l'infrastructure critique FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure (lien direct) |
Le gang de ransomware Avoslocker a été lié à des attaques contre les secteurs critiques des infrastructures aux États-Unis, certains d'entre eux ont été détectés aussi récemment que mai 2023.
Selon un nouveau conseil conjoint de cybersécurité publié par l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) et le Federal Bureau of Investigation (FBI) détaillant le Ransomware-as-a-Service (RAAS) Operation \'s \'s
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That\'s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation\'s |
Ransomware | ★★ | |
|
2023-10-13 15:00:00 | CDW enquête sur les allégations de gangs de ransomware de vol de données CDW investigating ransomware gang claims of data theft (lien direct) |
La société de services technologiques de plusieurs milliards de dollars CDW a déclaré qu'elle enquêtait sur les réclamations faites par un gang de ransomware que des données avaient été volées lors d'une cyberattaque.Un porte-parole de la société & # 8211;qui a déclaré que les revenus de plus de 23 milliards de dollars en 2022 & # 8211;a déclaré qu'ils «abordent actuellement une question de sécurité informatique isolée associée aux données sur quelques serveurs
The multibillion-dollar technology services firm CDW said it is investigating claims made by a ransomware gang that data was stolen during a cyberattack. A spokesperson for the company – which reported revenues over $23 billion in 2022 – said they are currently “addressing an isolated IT security matter associated with data on a few servers |
Ransomware | ★★ | |
|
2023-10-13 13:45:00 | La CISA prévoit de partager plus d'informations sur les acteurs du ransomware dans ses alertes de vulnérabilité exploitées CISA plans to share more information on ransomware actors in its exploited vulnerability alerts (lien direct) |
La principale agence de cybersécurité des États-Unis a déclaré qu'elle prévoyait d'ajouter une section dédiée aux gangs de ransomware à sa liste de vulnérabilités exploitées par des pirates.Les responsables de la Cybersecurity and Infrastructure Security Agency (CISA) ont déclaré jeudi que toutes les organisations auront désormais accès à des informations sur les vulnérabilités généralement associées aux attaques de ransomware via son
The U.S.\'s top cybersecurity agency said it plans to add a section dedicated to ransomware gangs to its list of vulnerabilities being exploited by hackers. Cybersecurity and Infrastructure Security Agency (CISA) officials said on Thursday that all organizations will now have access to information about which vulnerabilities are commonly associated with ransomware attacks through its |
Ransomware Vulnerability | ★★★ | |
|
2023-10-13 13:33:20 | La CISA lance de nouvelles ressources pour lutter contre les vulnérabilités et les faiblesses exploitées par des groupes de ransomwares CISA Launches New Resources to Help Combat Vulnerabilities and Weaknesses Exploited by Ransomware Groups (lien direct) |
Dans le paysage en constante évolution de la cybersécurité, l'importance de rester en avance sur les menaces ne peut être ...
In the ever-evolving landscape of cybersecurity, the importance of staying ahead of threats cannot be... |
Ransomware Vulnerability | ★★★ | |
|
2023-10-13 13:00:47 | Tendance du ransomware la plus récente: les attaquants se déplacent plus rapidement avec un chiffrement partiel Newest Ransomware Trend: Attackers Move Faster with Partial Encryption (lien direct) |
> Le mercredi matin 3 mai 2023, le personnel de sécurité avec la ville de Dallas a été horrifié lorsque leur logiciel de sécurité les a alertés qu'ils étaient probablement devenus la cible d'une attaque de ransomware.Plusieurs serveurs dans une gamme de départements ont été touchés: les répartiteurs du 911, les tribunaux et les services de police ne pouvaient pas utiliser leurs ordinateurs pendant des jours.Il est apparu plus tard que des données sensibles avaient été volées [1] -800 000 dossiers contenant des noms complets, des adresses domestiques, des numéros de sécurité sociale, des dates de naissance et les données de santé et d'assurance d'au moins 30 000 employés de la ville et d'autres personnes.Deux semaines plus tard, le Royal Ransomware Group, qui a pris la responsabilité de [& # 8230;]
>On Wednesday morning, May 3, 2023, security personnel with the City of Dallas were horrified when their security software alerted them that they had likely become the target of a ransomware attack. Multiple servers across a range of departments were affected: 911 dispatchers, courts, and police services couldn\'t use their computers for days. It later emerged that sensitive data had been stolen[1]-800,000 files containing full names, home addresses, Social Security numbers, dates of birth, and the health and insurance data of at least 30,000 city employees and other individuals. Two weeks later, the Royal ransomware group, which took responsibility for […] |
Ransomware | ★★ | |
 |
2023-10-13 00:00:00 | Le vide Rabisu cible les dirigeants politiques féminines avec une nouvelle variante ROMCOM maximale Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant (lien direct) |
Près d'un an après que le vide Rabisu a déplacé son ciblage des attaques de ransomwares opportunistes en mettant l'accent sur le cyberespionnage, l'acteur de menace développe toujours son malware principal, la porte dérobée ROMCOM.
Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor. |
Ransomware Threat | ★★ | |
 |
2023-10-12 16:39:44 | SEC enquêter sur les logiciels de progrès sur Moveit Hack SEC Investigating Progress Software Over MOVEit Hack (lien direct) |
> Progress Software confirme que la SEC a lancé sa propre enquête sur le ransomware coûteux zéro-jours dans le logiciel de transfert de fichiers Moveit.
>Progress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software. |
Ransomware Hack | ★★ | |
|
2023-10-12 15:59:00 | Microsoft Defender contrecarte à grande échelle Akira Ransomware Attack Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack (lien direct) |
Microsoft a déclaré mercredi qu'une fonctionnalité de confinement des utilisateurs dans Microsoft Defender pour Endpoint a aidé à contrecarrer une "tentative de cryptage à grande échelle" effectuée par des acteurs de ransomware Akira ciblant une organisation industrielle inconnue début juin 2023.
L'équipe de renseignement sur les menaces du géant de la technologie suit l'opérateur en tant que Storm-1567.
Les dispositifs à levier d'attaque qui n'étaient pas à bord à Microsoft
Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant\'s threat intelligence team is tracking the operator as Storm-1567. The attack leveraged devices that were not onboarded to Microsoft |
Ransomware Threat Industrial | ★★★ | |
 |
2023-10-12 15:00:00 | Ransomware Roundup - Akira (lien direct) | Akira est un ransomware multi-OS relativement nouveau qui crypte et exfiltre les fichiers et les fichiers victimes et exigent une rançon pour le décryptage des fichiers.Apprendre encore plus.
Akira is a relatively new multi-OS ransomware that encrypts and exfiltrates victims\' files and demands ransom for file decryption. Learn more. |
Ransomware | ★★ | |
|
2023-10-12 12:02:06 | Les attaques des ransomwares «exploitées par l'homme» sont doubles au cours de la dernière année “Human-Operated” Ransomware Attacks Double in the Last Year (lien direct) |
|
Ransomware | ★★ | |
|
2023-10-12 10:00:00 | L'évolution des attaques de phishing The evolution of phishing attacks (lien direct) |
A practical guide to phishing and best practices to avoid falling victim. Introduction Over the past several years, remote and hybrid work has quickly gained popularity amongst those seeking a to reduce the amount of time on the road or an improved work/life balance. To accomplish this, users are often working from multiple devices, some of which may be company issued, but others may be privately owned. Cyberattackers have leveraged this trend to bypass traditional security controls using social engineering, with phishing attacks being a favored tactic. In fact, the FBI Internet Crime Report issued in 2022 reported phishing as the top reported internet crime for the past 5 years. Its ability to persuade individuals to divulge sensitive information to seemingly familiar contacts and companies over email and/or SMS text messages has resulted in significant data breaches, both personal and financial, across all industries. Mobile phishing, in particular, is quickly becoming a preferred attack vector among hackers seeking to use them as a jump point to gain access to proprietary data within a company’s network. This article provides an overview of the origins of phishing, its impact on businesses, the types of mobile phishing attacks hackers employ, and ways in which companies can best defend themselves against such attacks. The origins of phishing The belief among many in the cybersecurity industry is that phishing attacks first emerged in the mid-90s when dial-up was the only means of gaining access to the internet. Hackers posing as ISP administrators used fake screen names to establish credibility with the user, enabling them to “phish” for personal log-in data. Once successful, they were able to exploit the victim’s account by sending out phishing emails to other users in their contact list, with the goal of scoring free internet access or other financial gain. Awareness of phishing was still limited until May 2000 when Love Bug entered the picture. Love Bug, a highly effective and contagious virus designed to take advantage of the user’s psyche was unleashed in the Philippines, impacting an estimated 45 million Window PCs globally. Love Bug was sent via email with the subject line reading “ILOVEYOU”. The body of the message simply read “Kindly check the attached LOVELETTER coming from me”. Users who couldn’t resist opening the message unleashed a worm virus infecting and overwriting user’s files with copies of the virus. When the user opened the file, they would reinfect the system. Lovebug elevated phishing to a new level as it demonstrated the ability to target a user’s email mailing list for the purpose of spamming acquaintances thereby incentivizing the reader to open his/her email. This enabled the lovebug worm to infect computer systems and steal other user’s passwords providing the hacker the opportunity to log-in to other user accounts providing unlimited internet access. Since Love Bug, the basic concept and primary goal of phishing tactics has remained consistent, but the tactics and vectors have evolved. The window of opportunity has increased significantly for hackers with the increased use of social media (e.g., Linkedin, Twitter, Facebook). This provides more personal data to the hackers enabling them to exploit their targets with more sophisticated phishing tactics while avoiding detection. Phishing’s impact in the marketplace today Phishing attacks present a significant threat for organizations as their ability to capture proprietary business and financial data are both costly and time consuming for IT organizations to detect and remediate. Based on a | Ransomware Malware Tool Threat Prediction | ★★★ | |
|
2023-10-12 09:27:20 | J'ai été frappé par les ransomwares-temps quoi?Étapes pour gérer les conséquences I\\'ve Been Hit by Ransomware-Now What? Steps for Dealing with the Aftermath (lien direct) |
The following is an excerpt from the Ransomware Survival Guide, our free handbook on preventing, managing and recovering from ransomware threats at every stage of the attack chain. This blog post provides general tips-it is not a substitute for professional cybersecurity and incident response services. The best ransomware strategy is to avoid it in the first place. But increasingly advanced attacks against the software supply chain and end users have shown that even the best-prepared companies can be caught out. Ransomware may not even be the first malware payload to infect your system, because many ransomware gangs now prefer to buy access to targets already infected with Trojans or loader malware. During an attack, you have short-term problems to resolve, like getting computers, phones and networks back online and dealing with ransom demands. But a panicked response won\'t help-and may make things worse. Here are some general steps you can take to contain the threat and start on the road to recovery. Questions to answer during a ransomware attack Before you react to an attack, it\'s important to take a step back and ask questions that will inform your response. Your answers should help network administrators scope the problem, devise an action plan and possibly curtail the spread. Who in your environment is compromised? How widespread are the infections? Is a threat actor actively scouting your environment, exfiltrating data or ready to drop ransomware on other devices? What network permissions do compromised accounts or devices have? Ransomware may have been installed only after attackers had already moved laterally within the network or stolen credentials and other data. What type of attack is it? Is this attack a secondary infection? Did it come from downloaders, remote access Trojans (RATs) or other malware installed on the infected machine or others on the network? Keep in mind that ransomware spreads quickly and is often a byproduct of other threats. If you see one infection, there are probably others that you don\'t see. Proactively look for other issues within your environment. Now as you take action, there are three general step to follow: Step 1: Isolate infected systems The second employees see the ransomware demand or notice something\'s odd-such as suddenly losing access to their own files-they should disconnect from the network and take the infected machine to the IT department. To prepare for this scenario, we recommend that you keep valuable data and systems separated so that a security issue on one system doesn\'t affect other systems. For example, your sensitive research or business data should not reside on the same server and network segment as your email environment. We advise against having employees reboot their system. Only the IT security team should attempt a reboot, and even that will work only in the event that it is “scareware,” or fake ransomware. "Scareware" is malware that appears to be ransomware but isn\'t. It may lock the user\'s screen with a ransom demand and payment instructions, but the data is not actually encrypted. In those scenarios, standard anti-malware tools can help. Knowing the difference isn\'t always easy. Determine the scope of the problem using threat intelligence and external incident responders or forensic analysts when necessary. While all ransomware is bad, some attacks are worse than others. Your response-including whether to pay the ransom-hinges on several factors. Step 2: Call law enforcement Ransomware-like other forms of theft and extortion-is a crime. Nobody has the right to seize devices, networks or data-let alone demand a ransom in exchange for it. Notifying the proper authorities is a necessary first step. Contact local or federal law enforcement right away. Special departments exist specifically to aid cyber crime victims, so do not be afraid to pick up your phone and call them. They are there to help you and may have access to decryption keys or information on payment recovery after | Ransomware Malware Tool Threat | ★★★ | |
 |
2023-10-11 23:05:33 | Nouveau rapport de renseignement sur le cyber-menace de Criticsstart & Reg;Met en évidence des menaces importantes et des tendances émergentes de cybersécurité avec des implications couvrant plusieurs industries New Cyber Threat Intelligence Report from CRITICALSTART® Highlights Prominent Threats and Emerging Cybersecurity Trends with Implications Spanning Multiple Industries (lien direct) |
Rapport de renseignement du cyber-menace de Criticsstart & Reg;Souligne des menaces importantes et des tendances émergentes de cybersécurité avec des implications couvrant plusieurs industries
Démarrage critique
La recherche révèle l'exploitation des codes QRTarget principal du secteur de l'éducation pour les acteurs de la menace;Groupes de ransomwares collaborant plus qu'auparavant
-
rapports spéciaux
New Cyber Threat Intelligence Report from CRITICALSTART® Highlights Prominent Threats and Emerging Cybersecurity Trends with Implications Spanning Multiple Industries Critical Start Research uncovers exploitation of QR codes growing area of concern; education sector prime target for threat actors; ransomware groups collaborating more than previously thought - Special Reports |
Ransomware Threat | ★★★★ | |
|
2023-10-11 08:13:14 | Des sauvegardes immuables et une reprise d\'activité fiable sont les deux éléments indispensables au renforcement de la cyber-résilience face aux attaques par ransomware (lien direct) | Le Veeam Ransomware Trends Report 2023 montre qu'en Europe, dans plus de 93 % des cas d'incidents de cybersécurité, les criminels ciblent les référentiels de sauvegarde. 60 % des répondants européens considèrent qu'ils ont besoin d'opérer des " améliorations conséquentes " ou une " refonte complète " de leurs équipes en charge de la cybersécurité ou de la sauvegarde - Investigations | Ransomware | ★★★ | |
|
2023-10-11 07:03:12 | L'assureur pour la santé Ransomwared n'utilisait pas un logiciel anti-virus Ransomwared health insurer wasn\\'t using anti-virus software (lien direct) |
PhilHealth blâme les règles d'approvisionnement du gouvernement pour l'expiration de licence et émet des avertissements de phishing Une récente attaque de ransomware contre la Philippine Health Insurance Corporation (Philhealth) s'est produite pendant que l'abonnement logiciel antivirus de l'organisation \\ avait expiré.…
PhilHealth blames government procurement rules for license expiry and issues phishing warnings A recent ransomware attack on the Philippine Health Insurance Corporation (PhilHealth) occurred while the organization\'s antivirus software subscription had expired.… |
Ransomware | ★★★ | |
 |
2023-10-11 04:11:02 | Top 7 fournisseurs de ressources techniques pour les professionnels de la sécurité ICS Top 7 Technical Resource Providers for ICS Security Professionals (lien direct) |
Les attaques contre les systèmes de contrôle industriel (CI) sont en augmentation.Les cyberattaques sont plus répandues, créatives et plus rapides que jamais.Ainsi, la compréhension des attaquants \\ 'tactiques est cruciale.L'indice IBM Security X-Force Threat Intelligence Index 2023 souligne que les déploiements de porte dérobée permettant un accès à distance aux systèmes ICS étaient le type d'action d'attaquant le plus courant en 2022. La nouvelle positive est que 67% des tentatives de déploiement des ransomwareperturbé la porte dérobée avant que le ransomware ne puisse être exécuté.Lorsque les attaquants voient une faiblesse, ils l'exploitent.Selon...
Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative and faster than ever. So, understanding attackers\' tactics is crucial. The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker action in 2022. The positive news is that 67% of attempts to deploy ransomware through backdoors were foiled by defenders who disrupted the backdoor before the ransomware could be executed. When attackers see a weakness, they exploit it. According to... |
Ransomware Threat Industrial | ★★★★ | |
|
2023-10-11 00:13:32 | Distribution des arrêts de ransomware de magnéte (depuis le 25 août) Distribution of Magniber Ransomware Stops (Since August 25th) (lien direct) |
Grâce à un processus de surveillance continu, le centre d'intervention d'urgence de sécurité Ahnlab (ASEC) répond rapidement à Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magniber, le Magnibre, le Magnibre, le Magniber, le Magnibre, le Magnibre, le Magnibre, le Magnibre, le Magnibre, le Magniber, le Magnibre, le Magniber, le Magnibre, le Magnibre, le Magniber, le MAGNIGHLes logiciels malveillants principaux qui sont activement distribués à l'aide de la méthode de typosquat qui abuse des fautes de frappe dans des adresses de domaine.Après que les règles de blocage de la technique d'injection utilisée par Magnber ont été distribuées, l'ASEC a publié un article sur les informations pertinentes le 10 août.Par la suite, le nombre de cas a diminué à mesure que le créateur de magnétique a effectué divers tests de dérivation de détection et, au 25 août, le ...
Through a continuous monitoring process, AhnLab Security Emergency response Center (ASEC) is swiftly responding to Magniber, the main malware that is actively being distributed using the typosquatting method which abuses typos in domain addresses. After the blocking rules of the injection technique used by Magniber were distributed, ASEC published a post about the relevant information on August 10th. Subsequently, the number of cases diminished as the creator of Magniber conducted various detection bypass tests, and as of August 25th, the... |
Ransomware Malware | ★★ | |
 |
2023-10-10 19:15:09 | CVE-2023-31096 (lien direct) | Un problème a été découvert dans Broadcom) LSI PCI-SV92EX Modem Soft Modem Driver via 2.2.100.1 (AKA AGRSM64.SYS).Il y a une escalade de privilège locale au système via un débordement de pile dans RTLCopymemory (IOCTL 0x1b2150).Un attaquant peut exploiter cela pour élever les privilèges d'un processus d'intégrité moyenne au système.Cela peut également être utilisé pour contourner les protections au niveau du noyau telles que AV ou PPL, car le code Exploit fonctionne avec des privilèges à haute intégrité et peut être utilisé dans les campagnes de ransomware BYOVD (apporter votre propre pilote vulnérable).
An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns. |
Ransomware | ||
|
2023-10-10 17:00:00 | Le nouveau rapport Ponemon montre que les organisations de soins de santé font peu de progrès dans la protection des patients contre les dommages des cyberattaques New Ponemon Report Shows Healthcare Organizations Are Making Little Progress in Protecting Patients from the Harms of Cyber Attacks (lien direct) |
The healthcare sector is finally acknowledging that cyber attacks affect more than just the financial bottom line. Providers are starting to understand that a weak cybersecurity posture puts patients\' safety and well-being at risk-and may endanger lives. Despite this growing understanding, however, little progress has been made in the past year to improve organizational security. The Ponemon Institute\'s second annual Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care 2023 report, commissioned by Proofpoint, shows that healthcare businesses have made no strides in protecting patients from the physical harm of cyber attacks. The survey found that 88% of healthcare companies experienced an average of 40 attacks in the past 12 months. Among the 653 healthcare and IT security practitioners surveyed: 66% said cyber attacks targeting their business disrupted patient care 50% experienced an increase in complications from medical procedures 23% saw an increase in mortality rates These numbers are similar to last year\'s report and confirm what\'s already well-known in the industry: Change is slow in healthcare, especially when it comes to IT investments. The devastating impacts of various attacks on patient safety The most common types of attacks examined in the Ponemon report are: Cloud compromise Ransomware Supply chain Business email compromise (BEC) We learned that supply chain attacks are the most likely to disrupt patient care (77%, up from 70% in 2022). However, when it comes to specific repercussions, BEC leads in three of five categories. This is the type of attack most likely to cause poor outcomes due to: Delays in tests and procedures (71%) An increase in complications from medical procedures (56%) A longer length of stay (55%) What may surprise healthcare leaders and clinicians is the impact of data loss or exfiltration. When protected health information (PHI) is compromised, most think in terms of the impact to patient privacy. However, the report shows that the implications are far more dangerous. Forty-three percent of survey participants said a data loss or exfiltration incident affected patient care. Of those that experienced this impact, 46% saw an increase in mortality rates, and 38% noted an increase in medical procedure complications. Cloud risk on the rise as adoption grows The healthcare sector has lagged behind most other industries in cloud adoption. It took a global pandemic to shake things up: Sixty-two percent of surveyed physicians said the pandemic forced them to make upgrades to technology that would have taken years to accomplish otherwise. But with the broad adoption of cloud apps, care providers are more vulnerable to cloud threats. ECRI (an independent authority on healthcare technology and safety) ranked care disruption due to the failure to manage cyber risk of cloud-based clinical systems as one of the top 10 healthcare technology hazards for 2023. Given the high rate of adoption, it\'s not surprising the Ponemon report found that cloud compromise is now the top concern for healthcare companies. Cloud compromise rose to first place this year from fifth last year-with 63% of respondents expressing this concern, compared with 57% in 2022. Likewise, healthcare businesses are feeling the most vulnerable to a cloud compromise than other types of attacks, with 74% of respondents in agreement. Ransomware remains ever-present, despite decreased concerns One surprising finding from the survey is the significant decrease in concerns about ransomware attacks. Although 54% of respondents reported that their business had experienced a ransomware attack (up from 41% in 2022), they\'re the least worried about this type of threat. Only 48% of those surveyed said ransomware was a concern-a big decline from last year\'s 60%. Based on recent events, we know that the impacts of ransomware incidents are getting worse. In August, for example, a ransomware attack on a California-based health system | Ransomware Threat Medical Cloud | ★★★★ | |
|
2023-10-10 08:30:08 | Les attaques de ransomware enregistrent les vitesses record grâce au succès de l'industrie de l'infosec Ransomware attacks register record speeds thanks to success of infosec industry (lien direct) |
Les temps de séjour passent à des heures plutôt que des jours pour la première fois Le temps pris par les cyberattaquants entre prendre un niveau initial dans l'environnement d'une victime et le déploiement de ransomware est tombé à 24 heures,Selon une étude.… | Ransomware | APT 2 | ★★★ |
|
2023-10-10 07:16:32 | Au-delà du statu quo, partie 1: le rôle vital des menaces de renseignement dans la sensibilisation à la sécurité Beyond the Status Quo, Part 1: The Vital Role Threat Intelligence Plays in Security Awareness Education (lien direct) |
Welcome to the first installment of a three-part blog series that is focused on how to inspire engagement in security awareness for both users and practitioners. It will also explore creative techniques you can use to build a security culture that go beyond traditional security awareness training. Cybersecurity Awareness Month is an excellent time to rejuvenate your security awareness program. But how can you sustain the momentum of Cybersecurity Awareness Month beyond October? Try adding threat intelligence to your program. It can personalize and invigorate your curriculum for your users. Integrating threat intelligence into security awareness seems intuitive-and many practitioners claim to do it. But data suggests otherwise. Research Proofpoint conducted for our 2023 State of the Phish report found that while 75% of businesses faced business email compromise (BEC) attacks, a mere 31% trained their users about this threat. This indicates that while many businesses are aware of emerging threats, they struggle to weave this information into their training modules. This blog post delves into best practices for using threat intelligence to raise security awareness with users. It includes insights from a customer session we held during Proofpoint Wisdom 2023 entitled “Utilizing Threat Intel to Design a Program that Works.” During that session, I spoke with Andrew Munson, senior manager of information risk management and governance at McDonald\'s Corporation, and Shaun Holmberg, IT security analyst at Commercial Metals Corporation. Both provided insights into how they infuse threat intelligence into their global security awareness initiatives. Understanding threat intelligence Threat intelligence is the knowledge and analysis of cyber threats and vulnerabilities that can pose a risk to a business. This information includes details about the attack lifecycle, network architecture vulnerabilities and which users are being targeted. The intel should also provide details of the risk level or the consequential impact that a successful cyber attack may have on a business. This information can be gathered from various sources. According to Shaun and Andrew, examples of optimal sources for intelligence are: Research reports. These resources include, but are not limited to: State of the Phish from Proofpoint Verizon\'s Data Breach Investigations Report (DBIR) FBI Internet Crime Report (Internet Crime Complaint Center) Coalition\'s Cyber Claims Report Security feeds. Proofpoint threat intelligence services, Rapid7 and Cyber Reasons are examples of providers of these feeds. Incident reports from products. These reports include Proofpoint Targeted Attack Protection reports, Proofpoint Closed Loop Email Analysis (CLEAR) and other reports related to the penetration testing of a company\'s infrastructure. Why is threat intelligence crucial for a security awareness program? Let\'s dive deeper into this subject using insights from the recent discussion with Andrew and Shaun. Making threat intelligence actionable At McDonald\'s, Andrew works with departments across the globe. Each region has its own requirements and is targeted with threats specific to an office. This is where working with a resource like the Proofpoint threat intelligence service team can create significant benefits for security teams. Andrew described how working with our team gives him an advantage. He said the Proofpoint threat intelligence service team can analyze data across the globe to correlate attacks that may be affecting a single region. For example, they can recognize a targeted attack specific to Germany, which differs from an active attack they\'ve identified targeting Austria. Andrew said he uses this data to build separate simulations that mimic the active attack for each region and launches an auto-enrollment training session tuned to recognizing the attack indicators. He can also provide resources like notifications or informative newsletters, all within the region\'s native l | Ransomware Data Breach Vulnerability Threat Studies | ★★ | |
|
2023-10-09 17:32:53 | ALPHV Ransomware Gang affirme une attaque contre la Circuit Circuit Florida ALPHV ransomware gang claims attack on Florida circuit court (lien direct) |
Le gang de ransomware AlphV (Blackcat) a réclamé une attaque qui a affecté les tribunaux d'État dans le nord-ouest de la Floride (qui fait partie du premier circuit judiciaire) la semaine dernière.[...]
The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial Circuit) last week. [...] |
Ransomware | ★★ | |
|
2023-10-09 16:00:00 | MGM Resorts révèle plus de 100 millions de dollars de coûts après une attaque de ransomware MGM Resorts Reveals Over $100M in Costs After Ransomware Attack (lien direct) |
Dans un dossier SEC 8-K publié jeudi dernier, la société a cité les perturbations opérationnelles
In an SEC 8-K filing published last Thursday, the company cited operational disruptions |
Ransomware | ★★ | |
|
2023-10-09 15:00:00 | Les e-mails de phishing sont plus crédibles que jamais.Voici ce qu'il faut faire à ce sujet. Phishing Emails are More Believable Than Ever. Here\\'s What to Do About It. (lien direct) |
Obtenez les dernières méthodes de phishing en tant que ransomware et efforts pour protéger votre entreprise contre le phishing.Apprendre encore plus.
Get the latest on phishing as a delivery method for ransomware and efforts to protect your enterprise against phishing. Learn more. |
Ransomware | ★★ | |
|
2023-10-09 12:17:46 | Le temps de résidence des attaques de ransomware baisse de 77% à moins de 24 heures Ransomware Attack Dwell Time Drops by 77% to Under 24 Hours (lien direct) |
Alors que les attaquants évoluent leurs ensembles d'outils et leurs outils, la baisse significative du temps de résidence signifie un risque beaucoup plus élevé pour les organisations qui ont désormais moins de temps pour détecter et répondre aux attaques initiales.
As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial attacks. |
Ransomware | ★★★ | |
|
2023-10-09 12:16:20 | Accédez aux ventes pour les sociétés MediaMarkt, UE / États-Unis, et des fuites de base de données indonésienne, Hellokitty Ransomware Access Sales for MediaMarkt, EU/US Companies, and Leaks of Indonesian Database, HelloKitty Ransomware (lien direct) |
Alors que le paysage complexe du Web sombre se déroule, les acteurs de la menace persistent dans leurs opérations secrètes.Dans ...
As the dark web’s intricate landscape unfolds, threat actors persist in their covert operations. In... |
Ransomware Threat | ★★ | |
|
2023-10-09 11:25:29 | 9 octobre & # 8211;Rapport de renseignement sur les menaces 9th October – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 9 octobre, veuillez télécharger notre bulletin Threat_Intelligence.Les meilleures attaques et violation du département de santé publique du comté d'American Rock, qui dessert plus de 160 000 personnes dans la région du Wisconsin, a été victime d'une attaque de ransomware qui a forcé les responsables à retirer certains systèmes hors ligne.Cuba [& # 8230;]
>For the latest discoveries in cyber research for the week of 9th October, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The American Rock County Public Health Department, which serves more than 160K people across Wisconsin area, has been a victim of a ransomware attack that forced officials to take some systems offline. Cuba […] |
Ransomware Threat | ★★ | |
|
2023-10-09 09:00:00 | Blackbaud règle le cas de violation des ransomwares pour 49,5 M $ Blackbaud Settles Ransomware Breach Case For $49.5m (lien direct) |
Des milliers de clients à but non lucratif ont été touchés
Thousands of non-profit customers were affected |
Ransomware | ★★ | |
 |
2023-10-07 01:19:17 | La menace cachée dans votre poche: dévoiler la réalité des ransomwares mobiles The Hidden Threat in Your Pocket: Unveiling the Reality of Mobile Ransomware (lien direct) |
Introduction: Votre smartphone est-il un canard assis?Vous êtes-vous déjà arrêté pour considérer la quantité de votre vie stockée
Introduction: Is Your Smartphone a Sitting Duck? Have you ever stopped to consider how much of your life is stored |
Ransomware Threat | ★★ | |
|
2023-10-06 20:39:00 | Rhysida Ransomware Gang affirme des attaques contre les gouvernements du Portugal, République dominicaine Rhysida ransomware gang claims attacks on governments in Portugal, Dominican Republic (lien direct) |
Un gang de ransomware notoire a réclamé des attaques contre deux institutions gouvernementales cette semaine, qui ont tous deux confirmé qu'ils étaient confrontés à une série de problèmes en raison des incidents.La ville de Gondomar & # 8211;une banlieue à environ 20 minutes de la ville portugaise de Porto & # 8211; |
Ransomware | ★★★ | |
|
2023-10-06 19:59:00 | RIT est la première université à recevoir le soutien du Google Cybersecurity Clinics Fund RIT Is the First University to Receive Support From the Google Cybersecurity Clinics Fund (lien direct) |
Un gang de ransomware notoire a réclamé des attaques contre deux institutions gouvernementales cette semaine, qui ont tous deux confirmé qu'ils étaient confrontés à une série de problèmes en raison des incidents.La ville de Gondomar & # 8211;une banlieue à environ 20 minutes de la ville portugaise de Porto & # 8211; |
Ransomware Tool | ★★ | |
|
2023-10-06 16:31:53 | MGM Resorts dit que le piratage de ransomware a coûté 110 millions de dollars MGM Resorts Says Ransomware Hack Cost $110 Million (lien direct) |
> MGM Resorts a déclaré que les coûts d'un hack de ransomware perturbateur ont dépassé 110 millions de dollars, dont 10 millions de dollars en frais de nettoyage de conseil.
>MGM Resorts said costs from a disruptive ransomware hack has exceeded $110 million, including $10 million in one-time consulting cleanup fees. |
Ransomware Hack | ★★ |
To see everything:
Our RSS (filtrered)
