Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-23 19:24:00 |
FBI and CISA Issue Conti Warning (lien direct) |
Alert comes as new research finds ransomware attacks are at 'stratospheric' level |
Ransomware
|
|
|
![grahamcluley.webp](./Ressources/img/grahamcluley.webp) |
2021-09-23 15:49:38 |
US Government tells firms not to give in to ransomware demands, as first crypto exchange sanctioned for laundering cyber ransoms (lien direct) |
The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands, as for the first time it sanctions a cryptocurrency exchange "for laundering cyber ransoms."
Read more in my article on the Tripwire State of Security blog. |
Ransomware
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2021-09-23 14:49:37 |
Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro (lien direct) |
Rather than indicating ransomware was a passing fad, the decrease in attack volume shows that attackers are starting to become more opportunistic and smarter about picking targets. |
Ransomware
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-23 10:38:46 |
U.S. Issues Conti Alert as Second Farming Cooperative Hit by Ransomware (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have issued a joint alert to warn organizations about an increase in cyberattacks involving the Conti ransomware. The alert comes just as another major farming cooperative confirmed being hit by ransomware.
|
Ransomware
|
|
|
![ComputerWeekly.webp](./Ressources/img/ComputerWeekly.webp) |
2021-09-23 09:06:00 |
Fresh alert over Conti ransomware surge (lien direct) |
Pas de details / No more details |
Ransomware
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-23 08:31:19 |
(Déjà vu) Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a week (lien direct) |
Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, this is the second farming cooperative that was hit by ransomware operators in a few days. At this time, […]
|
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-23 02:26:00 |
REVil ransomware devs added a backdoor to cheat affiliates (lien direct) |
Cybercriminals are slowly realizing that the REvil ransomware operators have been hijacking ransom negotiations, to cut affiliates out of payments. [...] |
Ransomware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2021-09-22 22:17:33 |
Crystal Valley Farm Coop Hit with Ransomware (lien direct) |
It's the second agricultural business to be seized this week and portends a bitter harvest with yet another nasty jab at critical infrastructure. |
Ransomware
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-22 21:42:16 |
(Déjà vu) US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks (lien direct) |
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. The advisory urges organizations to take supplementary measures […]
|
Ransomware
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2021-09-22 18:53:29 |
Ransomware now accounts for 69% of all attacks that use malware (lien direct) |
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, says Positive Technologies. |
Ransomware
Malware
|
|
|
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2021-09-22 17:26:23 |
Threat Analysis Report: PrintNightmare and Magniber Ransomware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Ransomware
Threat
|
|
|
![mcafee.webp](./Ressources/img/mcafee.webp) |
2021-09-22 14:54:36 |
BlackMatter Ransomware Analysis; The Dark Side Returns (lien direct) |
BlackMatter is a new ransomware threat discovered at the end of July 2021. This malware started with a strong group...
|
Ransomware
Malware
Threat
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2021-09-22 14:10:57 |
Feds Sanctions SUEX Cryptocurrency Exchange for Laundering Ransomware Payouts (lien direct) |
The action is the first of its kind in the U.S., as the government increases efforts to get a handle on cybercrime. |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-22 13:24:43 |
FBI, CISA, and NSA warn of escalating Conti ransomware attacks (lien direct) |
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-22 12:09:02 |
Second farming cooperative shut down by ransomware this week (lien direct) |
Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend. [...] |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-22 08:21:00 |
Treasury Sanctions Russian Crypto Exchange (lien direct) |
SUEX accused of facilitating ransomware payments |
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-22 01:50:07 |
White House Blacklists Russian Ransomware Payment \'Enabler\' (lien direct) |
The Biden administration sought Tuesday to choke the finances of criminal ransomware gangs, announcing sanctions against a Russia-based virtual currency brokerage that officials say helped at least eight ransomware gangs launder virtual currency.
|
Ransomware
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2021-09-21 23:16:44 |
US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs (lien direct) |
The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government's efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from such attacks using digital currencies.
"Virtual currency exchanges such as![](http://feeds.feedburner.com/~r/TheHackersNews/~4/lEF7-AJSuc0) |
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-21 17:42:50 |
Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang (lien direct) |
Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos.
|
Ransomware
Threat
|
|
★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2021-09-21 13:14:02 |
BlackMatter Strikes Iowa Farmers Cooperative, Demands $5.9M Ransom (lien direct) |
Critical infrastructure appears to be targeted in latest ransomware attack, diminishing the hopes of governments to curb such attacks. |
Ransomware
|
|
|
![TroyHunt.webp](./Ressources/img/TroyHunt.webp) |
2021-09-21 12:37:11 |
$5.9 million ransomware attack on farming co-op may cause food shortage (lien direct) |
Attack on US farming provider NEW Cooperative may disrupt the food supply chain. |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-21 12:35:14 |
US sanctions cryptocurrency exchange used by ransomware gangs (lien direct) |
The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions. [...] |
Ransomware
|
|
|
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2021-09-21 12:17:42 |
How the Ransomware Gangs Stay One Step Ahead (lien direct) |
Ransomware attacks increased dramatically in the first half of 2021. As reported by ITProPortal, the volume of global ransomware hit 304.7 million during that six-month period. That's 0.1 million more ransomware attacks than the entire total in 2020. |
Ransomware
|
|
|
![ComputerWeekly.webp](./Ressources/img/ComputerWeekly.webp) |
2021-09-21 11:20:00 |
US sanctions Suex crypto exchange over ransomware links (lien direct) |
Pas de details / No more details |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-21 08:16:00 |
Farming Group Warns of Supply Chain Chaos After Ransomware Attack (lien direct) |
Screenshots reveal negotiations between New Cooperative and BlackMatter |
Ransomware
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2021-09-21 06:00:03 |
Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug (lien direct) |
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe's ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target's network 79 hours after the hack.
The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a![](http://feeds.feedburner.com/~r/TheHackersNews/~4/USuDSvrWDUo) |
Ransomware
Threat
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-21 05:45:40 |
Black Matter gang demanded a $5.9M ransom to NEW Cooperative (lien direct) |
U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for […]
|
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-21 03:25:06 |
Marketron marketing services hit by Blackmatter ransomware (lien direct) |
BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry. [...] |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-20 18:44:00 |
Americans Stressed Out by Cyber-attack Coverage (lien direct) |
Most Americans say news of ransomware attacks and data breaches causes them stress |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-20 14:07:54 |
US farmer cooperative hit by $5.9M BlackMatter ransomware attack (lien direct) |
U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. [...] |
Ransomware
|
|
|
![Cybereason.webp](./Ressources/img/Cybereason.webp) |
2021-09-20 12:15:31 |
(Déjà vu) Webinar: Inside the REvil Ransomware - Pick Your Path (lien direct) |
Today's ransomware actors are operating to devastating effect as evidenced by the Colonial Pipeline and JBS attacks, showing that a successful attack can disrupt any business. |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-20 08:30:00 |
US Set to Sanction Cryptocurrency Firms Involved in Ransomware (lien direct) |
Report suggests new measures will crackdown on payment supply chain |
Ransomware
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-19 08:14:09 |
Security Affairs newsletter Round 332 (lien direct) |
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The Biden administration plans to target exchanges supporting ransomware operations with sanctions Threat actor has been targeting the aviation industry since at least 2018 Expert discloses details and PoC […]
|
Ransomware
Threat
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-18 17:46:15 |
(Déjà vu) The Biden administration plans to target exchanges supporting ransomware operations with sanctions (lien direct) |
US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware gangs, and according to the Wall Street Journal, it is now planning to target the digital […]
|
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-18 10:00:00 |
Researchers compile list of vulnerabilities abused by ransomware gangs (lien direct) |
Security researchers are working on compiling an easy to follow list of initial access attack vectors ransomware gangs and their affiliates are using to breach victims' networks. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-17 18:16:43 |
The Week in Ransomware - September 17th 2021 - REvil decrypted (lien direct) |
It has been an interesting week with decryptors released, ransomware gangs continuing to rail against negotiators, and the US government expected to sanction crypto exchanges next week. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-17 17:49:30 |
U.S. to sanction crypto exchanges, wallets used by ransomware (lien direct) |
The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. [...] |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2021-09-17 16:24:00 |
(Déjà vu) Free REvil Decryptor Launched (lien direct) |
New Bitdefender tool unlocks many files encrypted by REvil ransomware prior to July 13 |
Ransomware
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2021-09-17 15:31:56 |
Dell study finds most organizations don\'t think they can recover from a ransomware attack (lien direct) |
Sixty-seven percent lack confidence in their ability to recover business-critical data, which is troubling given that the amount of data businesses manage has grown by more than 10x since 2016. |
Ransomware
|
|
|
![grahamcluley.webp](./Ressources/img/grahamcluley.webp) |
2021-09-17 12:08:37 |
(Déjà vu) Free decryptor for past REvil ransomware victims released (lien direct) |
The experts at security firm Bitdefender, in collaboration with "a trusted law enforcement partner", have made available a universal decryptor for victims of the REvil ransomware (also sometimes known as Sodinokibi). |
Ransomware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2021-09-17 12:07:59 |
Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang (lien direct) |
Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems. |
Ransomware
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-16 17:23:47 |
(Déjà vu) Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug (lien direct) |
Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors, including ransomware operators, that are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444) in attacks against organizations. The IT giant says that threat actors started targeting […]
|
Ransomware
Threat
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2021-09-16 15:49:03 |
(Déjà vu) Bitdefender offers free decryptor for REvil ransomware victims (lien direct) |
The free decryption tool will help victims restore their encrypted files from attacks made before July 13, 2021, says Bitdefender. |
Ransomware
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2021-09-16 14:57:43 |
Bitdefender released free REvil ransomware decryptor that works for past victims (lien direct) |
Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. Good news for the victims of REvil ransomware gangs that were infected before the operations were temporarily halted on July 13th, Bitdefender released a free master decryptor that allows them to recover […]
|
Ransomware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2021-09-16 13:00:37 |
REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out (lien direct) |
Bitdefender worked with law enforcement to create a key to unlock victims encrypted in ransomware attacks before REvil's servers went belly-up on July 13. |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-16 11:16:15 |
Microsoft: Windows MSHTML bug now exploited by ransomware gangs (lien direct) |
Microsoft says multiple threat actors, including ransomware affiliates, are targeting the recently patched Windows MSHTML remote code execution security flaw. [...] |
Ransomware
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-16 10:51:24 |
Links Found Between MSHTML Zero-Day Attacks and Ransomware Operations (lien direct) |
Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators.
|
Ransomware
Vulnerability
Threat
|
|
|
![ComputerWeekly.webp](./Ressources/img/ComputerWeekly.webp) |
2021-09-16 09:00:00 |
BitDefender launches free REvil ransomware decryptor (lien direct) |
Pas de details / No more details |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-09-16 09:00:00 |
Free REvil ransomware master decrypter released for past victims (lien direct) |
A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. [...] |
Ransomware
|
|
|
![Chercheur.webp](./Ressources/img/Chercheur.webp) |
2021-09-15 21:31:08 |
Customer Care Giant TTEC Hit By Ransomware? (lien direct) |
TTEC, [NASDAQ: TTEC], a company used by some of the world's largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident that appears to be the result of a ransomware attack, KrebsOnSecurity has learned. |
Ransomware
|
|
|