What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-15 10:47:25 | City of Oakland declares state of emergency after ransomware attack (lien direct) | Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. [...] | Ransomware | ★★ | |
 |
2023-02-15 00:10:00 | Continuous Distribution of LockBit 2.0 Ransomware Disguised as Resumes (lien direct) | The ASEC analysis team has identified that Lockbit 2.0 is being distributed in a MalPE format instead of the NSIS format which the team had introduced it with previously. The MalPE format is a type of packing method that disrupts the analysis of the actual malware. It then decrypts and executies its PE files through an internal shell code. We have recently discovered during our monitoring of ransomware that the distribution of LockBit has risen since January. As it was... | Ransomware | ★★ | |
|
2023-02-15 00:00:00 | Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation (lien direct) | The ASEC analysis team has recently discovered the distribution of Paradise ransomware. The threat actors are suspected to be utilizing a vulnerability exploitation of the Chinese remote control program AweSun. In the past, the team also found and covered the distribution of Sliver C2 and BYOVD through a Sunlogin vulnerability, a remote control program developed in China. 1. AweSun Vulnerability Exploitation The installation of Sliver C2 through the AweSun remote control program developed by AweRay was also discovered to have... | Ransomware Vulnerability Threat | ★★ | |
 |
2023-02-14 21:59:11 | MortalKombat ransomware found punching targets in US, UK, Turkey, Philippines (lien direct) |  Organizations in the U.S. and elsewhere have been hit with the new MortalKombat ransomware, according to researchers at Cisco Talos |
Ransomware | ★★ | |
|
2023-02-14 20:54:27 | Tonga is the latest Pacific Island nation hit with ransomware (lien direct) |  Tonga’s state-owned telecommunications company has been hit with ransomware, it warned customers on Monday. Tonga Communications Corporation (TCC) – one of two telecoms companies in the country – published a notice on Facebook saying the attack may slow down administrative operations. “Ransomware attack has been confirmed to encrypt and lock access to part of TCC's [… |
Ransomware | ★★ | |
 |
2023-02-14 19:50:00 | Oakland City Services Struggle to Recover From Ransomware Attack (lien direct) | Fire emergency, 911 services functioning, along with Oakland financial systems, city says. | Ransomware | ★★ | |
 |
2023-02-14 19:20:18 | Ransomware Shifting to the Cloud (lien direct) |
In the last few years, ransomware attacks have grown considerably. With 75% of organizations being attacked, it seems likely that we'll see a saturation point soon. And attackers have not been resting on their laurels. On the contrary, they have continued to evolve ransomware and are already in the fourth generation of this malicious software. |
Ransomware | ★★ | |
|
2023-02-14 18:53:13 | Ransomware attacks on industrial infrastructure doubled in 2022: Dragos (lien direct) |  The number of ransomware attacks on industrial infrastructure grew significantly in 2022, according to cybersecurity firm Dragos |
Ransomware Industrial | ★★★ | |
 |
2023-02-14 17:48:00 | Anomali Cyber Watch: Hospital Ransoms Pay for Attacks on Defense, Nodaria Got Upgraded Go-Based Infostealer, TA866 Moved Screenshot Functionality to Standalone Tool (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Infostealers, Malicious packages, Malicious redirects, North Korea, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
(published: February 9, 2023)
The US and South Korea issued a joint advisory on ongoing, North Korea-sponsored ransomware activity against healthcare and other critical infrastructure. The proceedings are used to fund North Korea’s objectives including further cyber attacks against the US and South Korean defense and defense industrial base sectors. For initial access, the attackers use a trojanized messenger (X-Popup) or various exploits including those targeting Apache log4j2 and SonicWall appliances. Despite having two custom ransomware crypters, Maui and H0lyGh0st, the attackers can portray themselves as a different ransomware group (REvil) and/or use publicly-available crypters, such as BitLocker, Deadbolt, ech0raix, GonnaCry, Hidden Tear, Jigsaw, LockBit 2.0, My Little Ransomware, NxRansomware, Ryuk, and YourRansom.
Analyst Comment: Organizations in the healthcare sector should consider following the Cross-Sector Cybersecurity Performance Goals developed by the U.S. Cybersecurity and Infrastructure Security Agency and the U.S. National Institute of Standards and Technology. Follow the principle of least privilege by using standard user accounts on internal systems instead of administrative accounts. Turn off weak or unnecessary network device management interfaces.
MITRE ATT&CK: [MITRE ATT&CK] T1583 - Acquire Infrastructure | [MITRE ATT&CK] T1583.003 - Acquire Infrastructure: Virtual Private Server | [MITRE ATT&CK] T1190 - Exploit Public-Facing Application | [MITRE ATT&CK] T1133 - External Remote Services | [MITRE ATT&CK] T1195 - Supply Chain Compromise | [MITRE ATT&CK] T1083 - File And Directory Discovery | [MITRE ATT&CK] T1021 - Remote Services | [MITRE ATT&CK] T1486: Data Encrypted for Impact
Tags: malware-type:Ransomware, source-country:North Korea, source-country:DPRK, source-country:KP, target-industry:Healthcare, target-sector:Critical infrastructure, target-industry:Defense, target-industry:Defense Industrial Base, Log4Shell, SonicWall, CVE-2021-44228, CVE-2021-20038, CVE-2022-24990, X-Popup, malware:Maui, malware:H0lyGh0st, malware:BitLocker, malware:Deadbolt, malware:ech0raix, malware:GonnaCry, malware:Hidden Tear, malware:Jigsaw, malware:LockBit 2.0, malware:My Little Ransomware, malware:NxRansomware, malware:Ryuk, malware:YourRansom
|
Ransomware Malware Tool Threat Industrial | ★★ | |
 |
2023-02-14 15:42:00 | A CISOs Practical Guide to Storage and Backup Ransomware Resiliency (lien direct) | One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much closer attention to the integrity, resilience, and recoverability of organization data – as well as | Ransomware Threat | ★★★ | |
 |
2023-02-14 14:25:54 | Veeam lance la nouvelle Veeam Data Platform (lien direct) | Veeam lance la nouvelle Veeam Data Platform pour assurer la continuité d'activité des entreprises face à l'augmentation des attaques de ransomwares • Plus de 500 nouvelles fonctionnalités et améliorations ont été apportées à Veeam Backup & Replication v12, le socle de Veeam Data Platform, incluant notamment la sauvegarde directe sur du stockage objet, une immuabilité de confiance, une cyber-résilience avancée et une protection inégalée du cloud hybride • La nouvelle garantie Veeam contre les ransomwares (Veeam Ransomware Warranty) est désormais disponible avec l'édition Premium de Veeam Data Platform - Produits | Ransomware | ★★ | |
 |
2023-02-14 14:00:00 | CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake (lien direct) |
CyberheistNews Vol 13 #07 | February 14th, 2023
[Scam of the Week] The Turkey-Syria Earthquake
Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria.
Less than 24 hours after two massive earthquakes claimed the lives of tens of thousands of people, cybercrooks are already piggybacking on the horrible humanitarian crisis. You need to alert your employees, friends and family... again.
Just one example are scammers that pose as representatives from a Ukrainian charity foundation that seeks money to help those affected by the natural disasters that struck in the early hours of Monday.
There are going to be a raft of scams varying from blood drives to pleas for charitable contributions for victims and their families. Unfortunately, this type of scam is the worst kind of phishbait, and it is a very good idea to inoculate people before they get suckered into falling for a scam like this.
I suggest you send the following short alert to as many people as you can. As usual, feel free to edit:
[ALERT] "Lowlife internet scum is trying to benefit from the Turkey-Syria earthquake. The first phishing campaigns have already been sent and more will be coming that try to trick you into clicking on a variety of links about blood drives, charitable donations, or "exclusive" videos.
"Don't let them shock you into clicking on anything, or open possibly dangerous attachments you did not ask for! Anything you receive about this recent earthquake, be very suspicious. With this topic, think three times before you click. It is very possible that it is a scam, even though it might look legit or was forwarded to you by a friend -- be especially careful when it seems to come from someone you know through email, a text or social media postings because their account may be hacked.
"In case you want to donate to charity, go to your usual charity by typing their name in the address bar of your browser and do not click on a link in any email. Remember, these precautions are just as important at the house as in the office, so tell your friends and family."
It is unfortunate that we continue to have to warn against the bad actors on the internet that use these tragedies for their own benefit. For KnowBe4 customers, we have a few templates with this topic in the Current Events. It's a good idea to send one to your users this week.
Blog post with links:https://blog.knowbe4.com/scam-of-the-week-the-turkey-syria-earthquake
|
Ransomware Spam Threat Guideline | ChatGPT | ★★ |
 |
2023-02-14 13:55:07 | Ransomware attacks surge against US manufacturing plants (lien direct) | >Cyberattacks against critical infrastructure continues to increase and some sectors, such as manufacturing, take the brunt of abuse. | Ransomware | ★★ | |
|
2023-02-14 13:48:55 | ALPHV (BlackCat) ransomware gang claims attack on Irish university (lien direct) |  A darkweb post by the ALPHV ransomware group purports to include employee records from Munster Technological University |
Ransomware | ★★ | |
 |
2023-02-14 12:06:06 | What Will It Take? (lien direct) | What will it take for policy makers to take cybersecurity seriously? Not minimal-change seriously. Not here-and-there seriously. But really seriously. What will it take for policy makers to take cybersecurity seriously enough to enact substantive legislative changes that would address the problems? It's not enough for the average person to be afraid of cyberattacks. They need to know that there are engineering fixes—and that's something we can provide. For decades, I have been waiting for the “big enough” incident that would finally do it. In 2015, Chinese military hackers hacked the Office of Personal Management and made off with the highly personal information of about 22 million Americans who had security clearances. In 2016, the Mirai botnet leveraged millions of Internet-of-Things devices with default admin passwords to launch a denial-of-service attack that disabled major Internet platforms and services in both North America and Europe. In 2017, hackers—years later we learned that it was the Chinese military—hacked the credit bureau Equifax and stole the personal information of 147 million Americans. In recent years, ransomware attacks have knocked hospitals offline, and many articles have been written about Russia inside the U.S. power grid. And last year, the Russian SVR hacked thousands of sensitive networks inside civilian critical infrastructure worldwide in what we're now calling Sunburst (and used to call SolarWinds)... | Ransomware | Equifax Equifax Solardwinds | ★★ |
 |
2023-02-14 10:01:00 | Just Released – Dragos\'s Latest ICS/OT Cybersecurity Year in Review Is Now Available (lien direct) | >In 2022, breakthrough evolution in the development of malware targeting industrial control systems (ICS), scaled ransomware attacks against manufacturing, and... The post Just Released – Dragos's Latest ICS/OT Cybersecurity Year in Review Is Now Available first appeared on Dragos. | Ransomware Malware Industrial | ★★ | |
|
2023-02-13 21:03:20 | Israel\'s top tech university postpones exams after ransomware attack (lien direct) |  Hackers from a previously unknown group called DarkBit demanded about $1.7 million from the Technion technical university. |
Ransomware | ★★ | |
|
2023-02-13 20:50:00 | Healthcare in the Crosshairs of North Korean Cyber Operations (lien direct) | CISA, FBI, and South Korean intelligence agencies warn that the North Korean government is sponsoring ransomware attacks to fund its cyber-espionage activities. | Ransomware | ★★ | |
|
2023-02-13 18:06:56 | New cybercrime group calling itself DarkBit attacks Israeli university (lien direct) | >It's not yet clear who is behind the group, but the name could have connections to other ransomware variants such as DarkSide and LockBit. | Ransomware | ★★ | |
 |
2023-02-13 15:27:37 | 13th February – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 13th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The California cities of Oakland and Modesto have been targeted by ransomware attacks, disrupting services in the former and the police network in the latter. Also in California, healthcare company 'Heritage Provider Network' […] | Ransomware Threat | Heritage | ★★ |
|
2023-02-13 14:44:27 | Check Point Software Introduces Quantum SD-WAN (lien direct) | Check Point Software Introduces Quantum SD-WAN to Protect Branch Offices Unifying Best Security and Optimized Internet Connectivity Check Point Quantum SD-WAN provides comprehensive prevention against zero-day, phishing, and ransomware attacks and delivers optimized routing for users and over 10,000 applications - Product Reviews | Ransomware | ★★ | |
 |
2023-02-13 14:34:20 | 3.3 Million Impacted by Ransomware Attack at California Healthcare Provider (lien direct) | >The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group. | Ransomware Medical | ★★ | |
|
2023-02-13 14:15:07 | City of Oakland Hit by Ransomware Attack (lien direct) | >The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems. | Ransomware | ★★ | |
 |
2023-02-13 12:38:07 | LockBit\'s Royal Mail ransom deadline flies by. No data released (lien direct) | Also: Russian wiper malware authors turn to data theft, plus this week's critical vulns in brief The notorious LockBit ransomware gang has taken credit for an attack on the Royal Mail – but a deadline it gave for payment has come and gone with nothing exposed to the web except the group's claims.… | Ransomware Malware | ★★ | |
 |
2023-02-13 12:01:11 | The US Government says companies should take more responsibility for cyberattacks. We agree. (lien direct) | Posted by Kent Walker, President, Global Affairs & Chief Legal Officer, Google & Alphabet and Royal Hansen, Vice President of Engineering for Privacy, Safety, and Security Should companies be responsible for cyberattacks? The U.S. government thinks so – and frankly, we agree. Jen Easterly and Eric Goldstein of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security planted a flag in the sand: “The incentives for developing and selling technology have eclipsed customer safety in importance. […] Americans…have unwittingly come to accept that it is normal for new software and devices to be indefensible by design. They accept products that are released to market with dozens, hundreds, or even thousands of defects. They accept that the cybersecurity burden falls disproportionately on consumers and small organizations, which are often least aware of the threat and least capable of protecting themselves.”We think they're right. It's time for companies to step up on their own and work with governments to help fix a flawed ecosystem. Just look at the growing threat of ransomware, where bad actors lock up organizations' systems and demand payment or ransom to restore access. Ransomware affects every industry, in every corner of the globe – and it thrives on pre-existing vulnerabilities: insecure software, indefensible architectures, and inadequate security investment. Remember that sophisticated ransomware operators have bosses and budgets too. They increase their return on investment by exploiting outdated and insecure technology systems that are too hard to defend. Alarmingly, the most significant source of compromise is through exploitation of known vulnerabilities, holes sometimes left unpatched for years. While law enforcement works to bring ransomware operators to justice, this merely treats the symptoms of the problem. Treating the root causes will require addressing the underlying sources of digital vulnerabilities. As Easterly and Goldstein rightly point out, “secure by default” and “secure by design” should be table stakes. The bottom line: People deserve products that are secure by default and systems that are built to withstand the growing onslaught from attackers. Safety should be fundamental: built-in, enabled out of the box, and not added on as an afterthought. In other words, we need secure products, not security products. That's why Google has worked to build security in – often making it invisible – to our users. Many of our most significant security features, including innovations like SafeBrowsing, do their best work behind the scenes for our core consumer products. There's come to be an unfortunate belief that security features are cumbersome and hurt user experience. That can be true – but it doesn't need to be. We can make the safe path the easiest, most helpful path for people using our products. Our approach to multi-factor authentication – one of the most important controls to defend against phishing attacks – provides a great example. Since 2021, we've turned on 2-Step Verification (2SV) by default for hundreds of millions of people to add an additional layer of security across their online accounts. If we had simply announced 2SV as an available option for people to enroll in, it would have failed like so many other security add-ons. Instead, we pioneered an approach using in-app notifications that was so seamless and integrated, many of the millions of people we auto-enrolled never noticed they adopted 2SV. We've taken this approach even further by build | Ransomware Threat | ★★★ | |
 |
2023-02-13 11:50:19 | The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks (lien direct) | Powered by DarkMirror™ LockBit and Play ransomware groups continue their attacks in hacking spree mode.... | Ransomware | ★★★ | |
|
2023-02-13 11:49:07 | Play Ransomware Group Claims Attack on A10 Networks (lien direct) | >The Play ransomware group has claimed responsibility for a cyberattack on application delivery controller maker A10 Networks | Ransomware | ★★ | |
 |
2023-02-13 11:48:55 | BlackCat Leaks Data Belonging to Irish University (lien direct) | >Our CEO Brian Honan was interviewed by Data Breach Today at Information Security Media Group (ISMG) on what the High Court's injunction prohibiting ransomware attackers from leaking data will mean for Munster Technological University, following their ransomware attack. Read More > | Ransomware Data Breach | ★ | |
 |
2023-02-13 02:42:00 | Hackers attack Israel\'s Technion University, demand over $1.7 million in ransom (lien direct) | Israel's Technion University on Sunday suffered a ransomware attack, which has forced the university to proactively block all communication networks. A new group calling itself DarkBit has claimed responsibility for the attack. “The Technion is under cyber attack. The scope and nature of the attack are under investigation,” Technion University, Israel's top public university in Haifa wrote in a Tweet. Established in 1912, the Technion University has become a global pioneer in fields such as biotechnology, stem cell research, space, computer science, nanotechnology, and energy. Four Technion professors have won Nobel Prizes. The university has also contributed for the growth of Israel's high-tech industry and innovation, including the country's technical cluster in Silicon Wadi.To read this article in full, please click here | Ransomware | ★★ | |
|
2023-02-13 00:06:25 | Ransomware hits Technion university to protest tech layoffs and Israel (lien direct) | A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading research universities. The ransom note posted by DarkBit is littered with messaging protesting tech layoffs and promoting anti-Israel rhetoric, as well as the group demanding a $1.7 million payment. [...] | Ransomware Guideline | ★★ | |
|
2023-02-11 19:06:00 | New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool (lien direct) | After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on an online forum, where another participant stated that files larger than 128MB | Ransomware Tool Threat | ★★ | |
|
2023-02-11 02:16:08 | Ransomware crooks steal 3m+ patients\' medical records, personal info (lien direct) | All that data coming soon to a darkweb crime forum near you? Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.… | Ransomware Medical | ★★★ | |
|
2023-02-10 21:43:54 | City of Oakland hit with ransomware attack, but says \'core functions\' are intact (lien direct) |  The City of Oakland confirmed reports that its networks had been hit with ransomware after rumors emerged online that several agencies were having issues with systems on Thursday. City officials did not respond to requests for comment but released a statement on Friday afternoon saying the ransomware attack began on Wednesday night. “The Information Technology […] |
Ransomware | ★★ | |
|
2023-02-10 21:09:22 | More than 18,500 ESXi servers still vulnerable to VMware bug behind initial ransomware spree (lien direct) |  Rapid7 said 18,581 VMware ESXi servers are still exposed to CVE-2021-21974 - a 2-year-old bug being exploited by the ESXiArgs ransomware |
Ransomware | ★★ | |
|
2023-02-10 19:45:08 | December ransomware attack leads to massive data breach from California health network (lien direct) |  Facilities within California's Heritage Provider Network reported a data breach related to a ransomware attack in December |
Ransomware Data Breach Guideline | Heritage Heritage | ★★★ |
|
2023-02-10 19:25:00 | Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits (lien direct) | The US Treasury Department linked the notorious cybercrime gang to Russian Intelligence Services because cyberattacks that disrupted hospitals and other critical infrastructure align with Russian state interests. | Ransomware | ★★ | |
|
2023-02-10 17:22:00 | North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations (lien direct) | State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory. The attacks, which demand cryptocurrency ransoms in exchange for recovering access to encrypted files, are designed to support North Korea's | Ransomware | ★★★ | |
|
2023-02-10 17:04:52 | City of Oakland systems offline after ransomware attack (lien direct) | The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. [...] | Ransomware | ★★ | |
 |
2023-02-10 17:00:00 | US Warns Critical Sectors Against North Korean Ransomware Attacks (lien direct) | The latest iteration of the document is now analyzing activity by the Maui and H0lyGh0st groups | Ransomware | ★★ | |
|
2023-02-10 16:12:00 | 3 Overlooked Cybersecurity Breaches (lien direct) | Here are three of the worst breaches, attacker tactics and techniques of 2022, and the security controls that can provide effective, enterprise security protection for them. #1: 2 RaaS Attacks in 13 Months Ransomware as a service is a type of attack in which the ransomware software and infrastructure are leased out to the attackers. These ransomware services can be purchased on the dark web from | Ransomware | ★★★ | |
|
2023-02-10 15:30:15 | A10 Networks confirms data breach after Play ransomware attack (lien direct) | The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data. [...] | Ransomware Data Breach | ★★ | |
|
2023-02-10 15:04:00 | U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks (lien direct) | In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev (aka Alex Konor, Bentley, or Bergen), Maksim Mikhailov (aka Baget), Valentin Karyagin (aka Globus), Mikhail Iskritskiy (aka | Ransomware | ★★★ | |
 |
2023-02-10 15:00:11 | Key findings from the latest ESET Threat Report – Week in security with Tony Anscombe (lien direct) | What is behind the drop in ransomware and what should still be done for containing the ransomware scourge? | Ransomware Threat | ★★ | |
|
2023-02-10 12:44:46 | US, South Korea: Ransomware Attacks Fund North Korea\'s Cyber Operations (lien direct) | The US and South Korea have issued a joint advisory on ransomware attacks on critical infrastructure funding North Korea's malicious cyber activities. | Ransomware | ★★★ | |
|
2023-02-10 12:36:22 | California medical group data breach impacts 3.3 million patients (lien direct) | Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. [...] | Ransomware Data Breach Medical | Heritage Heritage | ★★★ |
|
2023-02-10 09:59:33 | Campagnes malveillantes contre les serveurs VMware ESXi, le Commentaire Netwrix (lien direct) | Une vague d'attaque par ransomware vise actuellement des vulnérabilités du logiciel VMware ESXi. Dirk Schrader, Resident CISO (EMEA) and VP of Security Research chez Netwrix, fait le commentaire suivant. - Malwares | Ransomware | ★ | |
 |
2023-02-10 09:37:37 | ESXiargs : le ransomware se fait plus menaçant (lien direct) | Une nouvelle version du ransomware ESXiargs circule. Avec sa routine de chiffrement améliorée, elle complique la récupération des VM. | Ransomware | ★ | |
|
2023-02-10 07:24:07 | US, UK slap sanctions on Russians linked to Conti, Ryuk, Trickbot malware (lien direct) | Any act that sends so much as a ruble to seven named netizens now forbidden The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan.… | Ransomware Malware | ★★ | |
|
2023-02-09 22:25:22 | Mount Saint Mary College confirms December ransomware attack (lien direct) |  Mount Saint Mary College – a liberal arts college in New York – confirmed it experienced a ransomware attack in December after a cybercrime group publicly shared details about the incident this week. The Vice Society ransomware gang, a group known for dozens of attacks on K-12 schools as well as colleges and universities, claimed [… |
Ransomware | ★★ | |
|
2023-02-09 21:11:46 | North Korea ransomware targets hospitals to fund digital spycraft, US agencies warn (lien direct) | >U.S. and South Korea officials say that North Korean ransomware operators are funding espionage operations through cyberattacks on hospitals. | Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
