What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-24 11:05:00 | BrandPost: Cybersecurity Executives Say These are the Most Pressing Challenges They Face (lien direct) | Most cybersecurity teams grapple with similar issues, from defending against the ever-changing threat landscape to finding time for training and upskilling opportunities. I recently had the chance to speak with numerous security executives and industry experts at the Fortinet Security Summit, held in conjunction with the second annual PGA Fortinet Championship in Napa Valley, to discuss some of these challenges, insights, and potential solutions for addressing them.Challenge #1: The Proliferation of New Threat Vectors If the first half of 2022 was any indication, security teams are in for an interesting ride as we look ahead. In just the first six months, data from FortiGuard Labs shows that the number of new ransomware variants identified increased by nearly 100% compared to the previous six-month period.To read this article in full, please click here | Ransomware Threat | ||
 |
2022-10-24 10:51:38 | Pendragon car dealer refuses $60 million LockBit ransomware demand (lien direct) | Pendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt files and not leak them. [...] | Ransomware | ||
 |
2022-10-24 09:40:40 | Ransom Cartel – REvil Rebrand? (lien direct) | It has been reported that researchers have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil gang based on code similarities in both operations’ encryptors. The REvil ransomware gang finally shut down in October 2021 following intense pressure from law enforcement. However, in January 2022, the Russian authorities announced arrests, money seizures, and charges against eight of the […] | Ransomware | ||
 |
2022-10-21 20:26:00 | Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware (lien direct) | A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency," Fortinet FortiGuard Labs researcher Cara Lin said | Ransomware Vulnerability | ||
 |
2022-10-21 13:00:20 | 2023 Cyber Insurance Looks Different. Are You Ready? (lien direct) | Rampant ransomware attacks have made cyber insurance a C-suite priority. Despite the raised consciousness, it's more difficult than ever to secure or renew a policy. Nefarious activity continues to put pressure on carriers who are... | Ransomware | ||
 |
2022-10-21 11:21:13 | Playing Hide-and-Seek with Ransomware, Part 2 (lien direct) | In Part 1, we explained what Intel SGX enclaves are and how they benefit ransomware authors. In Part 2, we explore a hypothetical step-by-step implementation and outline the limitations of this method. Watch this live attack demo to see how the CrowdStrike Falcon® platform and the CrowdStrike Falcon Complete™ managed detection and response team protect […] | Ransomware | ||
 |
2022-10-21 11:00:36 | OldGremlin Ransomware Fierce Comeback Against Russian Targets (lien direct) | Earlier today. a ransomware group which unusually targets Russian organizations has upped its efforts this year, demanding larger ransoms from its victims and developing new malware for Linux, according to Group-IB. Yesterday, the security vendor released what it claimed was the first comprehensive report on the group known as “OldGremlin,” which was first spotted in 2020. […] | Ransomware Malware | ||
 |
2022-10-21 10:28:06 | Good news, URSNIF no longer a banking trojan. Bad news, it\'s now a backdoor (lien direct) | And one designed to slip ransomware and data-stealing code onto infected machines URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.… | Ransomware Malware | ||
 |
2022-10-21 09:00:00 | OldGremlin Ransomware Ups Ante Against Russian Targets (lien direct) | Ransom demands soar to $17m, according to new report | Ransomware | ||
|
2022-10-21 06:00:00 | BlackByte ransomware uses new data theft tool for double-extortion (lien direct) | A BlackByte ransomware affiliate is using a new custom data stealing tool called 'ExByte' to steal data from compromised Windows devices quickly. [...] | Ransomware Tool | ||
 |
2022-10-21 02:30:43 | Attackers Abusing Various Remote Control Tools (lien direct) | Overview Ordinarily, attackers install malware through various methods such as spear phishing emails with a malicious attachment, malvertising, vulnerabilities, and disguising the malware as normal software and uploading them to websites. The malware that is installed include infostealers which steal information from the infected system, ransomware which encrypts files to demand ransom, and DDoS Bots which are used in DDoS attacks. In addition to these, backdoor and RAT are also major malware programs used by attackers. Backdoor malware is installed... | Ransomware Malware | ||
|
2022-10-20 22:01:00 | OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme (lien direct) | A Russian-speaking ransomware group dubbed OldGremlin has been attributed to 16 malicious campaigns aimed at entities operating in the transcontinental Eurasian nation over the course of two and a half years. "The group's victims include companies in sectors such as logistics, industry, insurance, retail, real estate, software development, and banking," Group-IB said in an exhaustive report | Ransomware | ||
|
2022-10-20 17:00:00 | Ransomware is Being Used As a Precursor to Physical War: Ivanti (lien direct) | The data also shows ransomware groups continuing to grow in volume and sophistication | Ransomware | ||
|
2022-10-20 15:00:00 | Singapore Creates Counter Ransomware Task Force to Tackle Threats (lien direct) | It will focus on protecting suppliers to critical information infrastructure operators | Ransomware | ||
|
2022-10-20 14:09:00 | New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft (lien direct) | The Ursnif malware has become the latest malware to shed its roots as a banking trojan to revamp itself into a generic backdoor capable of delivering next-stage payloads, joining the likes of Emotet, Qakbot, and TrickBot. "This is a significant shift from the malware's original purpose to enable banking fraud, but is consistent with the broader threat landscape," Mandiant researchers Sandor | Ransomware Malware Threat | ||
 |
2022-10-20 11:15:00 | Venus ransomware targets remote desktop services (lien direct) | >Categories: NewsTags: Venus Ransomware Tags: RDP Tags: remote desktop services Tags: encrypt Tags: fraud Tags: ransom We take a look at reports of Venus ransomware targeting remote desktop services/RDP. (Read more...) | Ransomware | ||
|
2022-10-20 11:03:41 | OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) | OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] | Ransomware Malware | ||
 |
2022-10-20 10:29:04 | Australian Health Insurer Medibank Admits Customer Data Stolen in Ransomware Attack (lien direct) | Australian health insurer Medibank has started informing customers that their personal information was potentially compromised during a recent cyberattack. | Ransomware | ||
|
2022-10-20 10:28:00 | With Conti gone, LockBit takes lead of the ransomware threat landscape (lien direct) | The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to reports from two threat intelligence companies. However, the gap left by the Conti gang has been filled by other players, with LockBit cementing itself in the top position and likely to serve as a future source for ransomware spin-offs.From July to September, security firm Intel 471 counted 455 attacks from 27 ransomware variants, with LockBit 3.0 being responsible for 192 of them (42%). Meanwhile, security firm Digital Shadows tracked around 600 ransomware victims over the same time period, with LockBit accounting for 35% of them.To read this article in full, please click here | Ransomware Threat Guideline | ||
 |
2022-10-20 00:00:00 | Ransomware Insurance Security Strategies (lien direct) | Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements. | Ransomware | ||
|
2022-10-19 19:45:00 | Ransomware attack freezes newspaper printing system (lien direct) | >Categories: NewsCategories: RansomwareStimme Mediengruppe, a German media group, halted production of printed newspapers after a ransomware attack on Friday. (Read more...) | Ransomware | ||
 |
2022-10-19 17:37:26 | Persistent pests: A taxonomy of computer worms (lien direct) | Many of the most notorious ransomware attacks, including WannaCry and NotPetya, began with a worm. Here's how you can help stop the spread. | Ransomware | NotPetya Wannacry Wannacry | |
|
2022-10-19 13:16:29 | European Cybersecurity Month: Responding To Ransomware With Speed And Scale, Experts Weigh In (lien direct) | Businesses in the UK are under attack, suffering the third-highest rate of ransomware infiltration behind the US and Canada over the past year. Desperate to get back to business as usual, companies in the UK are twice as likely to pay a ransom compared to the global average – a tactic that does not guarantee […] | Ransomware | ||
 |
2022-10-19 13:07:36 | The missed link between Ransom Cartel and REvil ransomware gangs (lien direct) | >Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. The REvil group was one of the most active ransomware gangs in the first half […] | Ransomware | ||
|
2022-10-19 11:00:00 | DeadBolt ransomware gang tricked into giving victims free decryption keys (lien direct) | >Categories: NewsCategories: RansomwareTags: Dutch Tags: law enforcement Tags: DeadBolt Tags: ransomware Tags: decryption keys Tags: responders.nu With the idea provided by an incident response company, Dutch police used a clever trick to get 150 DeadBolt ransomware decryption keys for free. (Read more...) | Ransomware | ||
 |
2022-10-19 10:00:00 | Alarming attacks on Internet of Medical Things (IoMT) (lien direct) | This blog was written by an independent guest blogger. The impact of ransomware attacks on healthcare is as alarming as it is under-addressed. The United States healthcare system alone faces an annual burden of nearly $21 billion due to these attacks. It pays well over $100 million in ransoms, and is beginning to acknowledge the tragic realities of impacted patient care, including higher patient mortality rates. For every headline related to cyberattacks, there are likely hundreds more that go unreported. In a study released in 2021, IoT/IoMT devices were revealed to be the attack vector for 21% of ransomware attacks. In May 2022, CISA Senior Advisor Joshua Corman further documented the rising risks during a Senate HELP Committee hearing. And in August 2022, the Ponemon Institute and Ivanti’s partner Cynerio teamed to dive even deeper into the impact of insecure medical devices on hospitals and patients in their Insecurity of Connected Devices in Healthcare 2022 report. Statistics from the report show: 43% of respondents experienced at least one ransomware attack. 88% of cyberattacks involve an IoMT device. The average data breach cost is well over $1 million. Tragically, 24% of attacks result in increased mortality rates. Seven out of ten respondents (71%) believe that very high security risks are created by these otherwise overwhelmingly beneficial marvels of modern medicine. Recognition of risk is a step in the right direction, although it is unfortunately more of a talking point than one of action. Over half (54%) of respondents did not report senior management requiring assurances of properly addressed IoT/IoMT device risk. Even more concerning, two thirds (67%) don’t believe their devices are being patched in a timely manner - the most basic, widely accepted and often required action for nearly any healthcare environment. The current landscape of most hospitals - battling an epidemic with exhausted staff, strained resources, limited cybersecurity expertise and massive bullseyes - makes them easy targets. A consolidated effort to improve hospital security is needed; AT&T, in partnership with Ivanti Neurons for Healthcare, offers specific solutions to support risk reduction through actionable guidance. Reports demonstrate before-and-after security status, reflecting the improvements gained by taking action. Network segmentation recommendations integrate with existing NAC solutions, adding intelligence and visibility to the process. Dashboards quantify risks by device, manufacturer, hardware type, and OS, providing a strategy to fight cybercriminals who leave morbid results in their ceaseless drive for ransoms. In as little as five days, a proof of value engagement will demonstrate a reduction in risk for your healthcare organization. For more information about Ivanti Neurons for Healthcare, and how it can be part of a unified security approach with AT&T Cybersecurity visit us. There's also a nice e-book | Ransomware Data Breach Guideline | ||
|
2022-10-19 09:00:00 | Deadbolt Ransomware Extorts Vendors and Customers (lien direct) | New report provides in-depth look at novel NAS-based threat | Ransomware | ||
 |
2022-10-19 08:00:00 | De RM3 à LDR4: Ursnif laisse derrière From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind (lien direct) |
Une nouvelle variante du malware d'Ursnif, observée pour la première fois en juin 2022, marque une étape importante pour l'outil.Contrairement aux itérations précédentes d'Ursnif, cette nouvelle variante, surnommée LDR4, n'est pas un banquier, mais une porte dérobée générique (similaire à la courte durée variante Saigon ), qui peut avoir été délibérément conçue pour permettre des opérations telles que le ransomware et l'extorsion de vol de données.Il s'agit d'un changement significatif par rapport à l'objectif initial du malware \\ pour permettre la fraude bancaire, mais il est conforme au paysage des menaces plus large.
mandiant estime que les mêmes acteurs de menace qui ont exploité la variante RM3 d'Ursnif sont
A new variant of the URSNIF malware, first observed in June 2022, marks an important milestone for the tool. Unlike previous iterations of URSNIF, this new variant, dubbed LDR4, is not a banker, but a generic backdoor (similar to the short-lived SAIGON variant), which may have been purposely built to enable operations like ransomware and data theft extortion. This is a significant shift from the malware\'s original purpose to enable banking fraud, but is consistent with the broader threat landscape. Mandiant believes that the same threat actors who operated the RM3 variant of URSNIF are |
Ransomware Threat | ★★★ | |
|
2022-10-18 23:44:15 | (Déjà vu) ASEC Weekly Malware Statistics (October 3rd, 2022 – October 9th, 2022) (lien direct) | The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from October 3rd, 2022 (Monday) to October 9th, 2022 (Sunday). For the main category, downloader ranked top with 45.0%, followed by info-stealer with 39.6%, backdoor with 14.6%, ransomware with 0.4%, and CoinMiner with 0.4%. Top1. SmokeLoader Smokeloader is infostealer / downloader malware that is distributed via exploit kits. This week, it ranked first place... | Ransomware Malware | ||
|
2022-10-18 18:25:00 | Сryptocurrency and Ransomware - The Ultimate Friendship (lien direct) | Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently most recommended. No one can argue that 2020 was the year of ransomware in the cyber world | Ransomware | ★★★★★ | |
|
2022-10-18 17:49:08 | Ransom Cartel linked to notorious REvil ransomware operation (lien direct) | Threat analysts have connected the pieces that link the Ransom Cartel RaaS (ransomware-as-a-service) to the REvil gang, one of the most notorious and prolific ransomware groups in recent years. [...] | Ransomware Threat | ||
 |
2022-10-18 17:17:29 | New Prestige Ransomware Targets Ukraine and Poland (lien direct) | FortiGuard Labs is aware of a report that a new ransomware strain called Prestige was being distributed in an attack campaign targeting Ukraine and Poland. The ransomware encrypts files on a compromised machine and adds a ".enc" file extension to the affected files.Why is this Significant?This is significant because Prestige ransomware is one of the few ransomware strains being distributed to Ukraine, as well as Poland, who is a known ally of Ukraine.How Widespread is the Attack?According to Microsoft, Prestige ransomware was distributed to organizations in Ukraine and Poland.What is Prestige Ransomware?Prestige ransomware encrypts files on a compromised machine and adds a ".enc" file extension to the affected files.The ransomware leaves a ransom note in "README", which asks the victim to contact the attacker by sending an email to the address for file decryption. The ransom note also has an unique ID, which acts as a victim identifier. It also deletes the shadow copies via vssadmin, which inhibits the victim's ability to recover files.How was Prestige Ransomware Distributed?While the infection vector has not been identified, Microsoft reported that the attacker used several legitimate Windows and open-source tools for remote code execution, privilege execution and credential exfiltration prior to the ransomware deployment.What is the Status of Protection?FortiGuard Labs detects an available Prestige ransomware sample with the following AV coverage:• W32/Filecoder.OMM!tr.ransom | Ransomware | ||
 |
2022-10-18 15:00:00 | Anomali Cyber Watch: Ransom Cartel Uses DPAPI Dumping, Unknown China-Sponsored Group Targeted Telecommunications, Alchimist C2 Framework Targets Multiple Operating Systems, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, China, Cyberespionage, Hacktivism, Ransomware, and Russia. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Ransom Cartel Ransomware: A Possible Connection With REvil
(published: October 14, 2022)
Palo Alto Networks researchers analyzed Ransom Cartel, a double extortion ransomware-as-a-service group. Ransom Cartel came to existence in mid-December 2021 after the REvil group shut down. The Ransom Cartel group uses the Ransom Cartel ransomware, which shares significant code similarities with REvil, indicating close connections, but lacks REvil obfuscation engine capabilities. Ransom Cartel has almost no obfuscation outside of the configuration: unlike REvil it does not use string encryption and API hashing. Among multiple tools utilized by Ransom Cartel, the DonPAPI credential dumper is unique for this group. It performs Windows Data Protection API (DPAPI) dumping by targeting DPAPI-protected credentials such as credentials saved in web browsers, RDP passwords, and Wi-Fi keys.
Analyst Comment: Network defenders should consider monitoring or blocking high-risk connections such as TOR traffic that is often abused by Ransom Cartel and its affiliates. It is crucial that your company ensure that servers are always running the most current software version. Your company should have policies in place in regards to the proper configurations needed for your servers in order to conduct your business needs safely.
MITRE ATT&CK: [MITRE ATT&CK] Valid Accounts - T1078 | [MITRE ATT&CK] External Remote Services - T1133 | [MITRE ATT&CK] Software Deployment Tools - T1072 | [MITRE ATT&CK] Command and Scripting Interpreter - T1059 | [MITRE ATT&CK] OS Credential Dumping - T1003 | [MITRE ATT&CK] Create Account - T1136 | [MITRE ATT&CK] Account Manipulation - T1098 | [MITRE ATT&CK] Boot or Logon Autostart Execution - T1547 | [MITRE ATT&CK] BITS Jobs - T1197 | [MITRE ATT&CK] Exploitation for Privilege Escalation - T1068 | [MITRE ATT&CK] File and Directory Permissions Modification - T1222 | [MITRE ATT&CK] Modify Registry - T1112 | [MITRE ATT&CK] Indicator Removal on Host - T1070 | [MITRE ATT&CK] Signed Binary Proxy Execution - T1218 | [MITRE ATT&CK] Impair Defenses - T1562 | [MITRE ATT&CK] Indicator Removal on Host - |
Ransomware Malware Tool Threat | APT 27 | |
 |
2022-10-18 13:08:45 | Despite Lowest Software Flaw Frequency, Manufacturing\'s Fix Times Lag and Create Ransomware Risk (lien direct) | In 2021, manufacturing became cybercriminals' most targeted industry as a surge in global ransomware attacks disrupted manufacturing operations and exacerbated supply chain woes. This put even more pressure on manufacturing organizations that were already feeling the heat. Recognizing that ransomware attacks can stem back to software vulnerabilities, many manufacturers are exploring ways to strengthen their software security programs. Our recent State of Software Security report v12 (SOSS), which analyzed 20 million scans across half a million applications, identified several manufacturing-specific trends that may help focus these efforts. First up, some good news: The manufacturing industry now boasts the lowest number of software security flaws across all sectors, dethroning financial services from last year's top spot. However, the manufacturing sector is also tied for the lowest number of flaws that are fixed. This means that manufacturing companies have security flaws in… | Ransomware | ||
|
2022-10-18 11:44:09 | (Déjà vu) Upstart Ransom Cartel linked to REvil veterans (lien direct) | Lesser of two REvils? There's a relationship, say infosec bods, but not enough to say one evolved into the other It has been almost a year since the ransomware gang Ransom Cartel was first detected and the crew over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.… | Ransomware | ||
|
2022-10-18 11:44:09 | Ransom Cartel linked to Colonial Pipeline attacker REvil, says infosec crew (lien direct) | The lesser of two REvils? There's a relationship there, but not enough to say one evolved into the other It has been almost a year since the emerging ransomware gang Ransom Cartel was first detected and the group over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.… | Ransomware | ||
 |
2022-10-18 11:30:48 | Chassez les différentes versions de LockBit avec Logpoint (lien direct) | >– Anish Bogati & Nilaa Maharjan; Logpoint Global Services & Security ResearchRésumé:LockBit a été considéré comme le ransomware le plus actif et a été impliqué dans le plus grand nombre d'attaques par rapport à d'autres malwares du même type.LockBit est apparu en septembre 2019 en tant que Ransomware-as-a-Service (RaaS).Depuis, il a évolué pour devenir LockBit2.0 [...] | Ransomware | ||
|
2022-10-18 11:30:48 | Hunting LockBit Variations using Logpoint (lien direct) | >- Anish Bogati & Nilaa Maharjan; Logpoint Global Services & Security ResearchExecutive Summary:LockBit has been implicated as the most active ransomware and has been involved in the most attacks compared to others of its kind.LockBit emerged in September 2019 functioning as ransomware-as-a-service (RaaS).Since then it evolved into LockBit2.0 as a variant of the original LockBit [...] | Ransomware | ||
|
2022-10-18 09:40:00 | BrandPost: In an Increasingly Dangerous Cyberspace, MFA Is Not Optional (lien direct) | Many of the most prominent cybersecurity incidents have resulted from attackers using stolen credentials (username and password) to gain access to networks. In an all-too-familiar pattern, last year's Colonial Pipeline ransomware attack, which crippled the delivery of fuel supplies to the Southeastern U.S. for days, began with attackers using a stolen password to gain access to a legacy VPN system.Clearly, organizations need to change the way they think about credentials used for access to data and network assets. That was underscored by a recent joint alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the cybersecurity watchdogs of several other countries, which pointed to the role that weak security controls play in breaches and the need to harden credentials (among other recommendations).To read this article in full, please click here | Ransomware | ||
|
2022-10-18 07:31:14 | Imagine surviving a wiper attack only for ransomware to scramble your restored files (lien direct) | Then again, imagine being invaded by Russia Organizations hit earlier by the HermeticWiper malware have reportedly been menaced by ransomware unleashed this month against transportation and logistics industries in Ukraine and Poland.… | Ransomware Malware | ||
|
2022-10-17 18:24:00 | Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4 (lien direct) | The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week. The | Ransomware Threat | ||
|
2022-10-17 17:00:00 | \'Prestige\' Ransomware Group Targets Organizations in Ukraine and Poland (lien direct) | The campaign had several features differentiating it from other ransomware tracked by Microsoft | Ransomware | ||
|
2022-10-17 15:45:00 | New Prestige Ransomware Targeting Polish and Ukrainian Organizations (lien direct) | A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. "The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper)," the Microsoft | Ransomware | ||
|
2022-10-17 15:00:00 | Ransom Cartel Linked to Russia-Based REvil Ransomware Group (lien direct) | The collection became increasingly clear through the tools used by both threat actors | Ransomware Threat | ||
|
2022-10-17 13:56:16 | Australian insurance firm Medibank confirms ransomware attack (lien direct) | Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services. [...] | Ransomware | ||
 |
2022-10-17 13:00:00 | 3 Ways EDR Can Stop Ransomware Attacks (lien direct) | >Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […] | Ransomware Data Breach | ||
|
2022-10-17 10:33:00 | Ransomware attack halts circulation of some German newspapers (lien direct) | German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. [...] | Ransomware | ||
|
2022-10-17 10:11:49 | Hackney Council Ransomware Attack Recovery Update Costing £12m+ (lien direct) | Today it has been reported that a local government authority in London was forced to spend over £12m ($11.7m) in a single financial year to help it recover from a devastating ransomware attack, according to a local report. It appears that the October 2020 attack, traced to the Pysa/Mespinoza variant, resulted in sensitive data of […] | Ransomware | ||
|
2022-10-17 09:00:00 | Hackney Council Ransomware Attack Cost £12m+ (lien direct) | Local government's travails highlight devastating impact of breaches | Ransomware | ||
|
2022-10-16 23:22:16 | Mysterious Prestige ransomware targets organizations in Ukraine and Poland (lien direct) | >Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. The Prestige ransomware first appeared in the threat landscape on October 11 in attacks occurring within an hour […] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
