What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-07 11:00:00 | An assessment of ransomware distribution on darknet markets (lien direct) | Ransomware is a form of malicious software (malware) that restricts access to computer files, systems, or networks until a ransom is paid. In essence, an offender creates or purchases ransomware, then uses it to infect the target system. Ransomware is distributed in several ways including, but not limited to, malicious website links, infected USB drives, and phishing emails. Once infected, the offender encrypts the device and demands payment for the decryption key. Figure 1 provides a simplistic overview of the ransomware timeline.
Figure 1. Ransomware timeline.
The earliest recorded case of ransomware was the AIDS Trojan, which was released in the late 1980s. Now, in 2023, ransomware is considered the greatest cybersecurity threat due to the frequency and severity of attacks. In 2021, the Internet Crimes Complaint Center received over 3,000 ransomware reports totaling $49.2 million in losses. These attacks are especially problematic from a national security perspective since hackers aggressively target critical infrastructure such as the healthcare industry, energy sector, and government institutions.
If ransomware has been around for over 40 years, why is it now increasing in popularity? We argue the increase in ransomware attacks can be attributed to the availability of ransomware sold on darknet markets.
Darknet markets
Darknet markets provide a platform for cyber-criminals to buy, sell, and trade illicit goods and services. In a study funded by the Department of Homeland Security, Howell and Maimon found darknet markets generate millions of dollars in revenue selling stolen data products including the malicious software used to infect devices and steal personal identifying information. The University of South Florida’s (USF) Cybercrime Interdisciplinary Behavioral Research (CIBR) sought to expand upon this research. To do this, we extracted cyber-intelligence from darknet markets to provide a threat assessment of ransomware distribution. This report presents an overview of the key findings and the corresponding implications.
Threat assessment
While drugs remain the hottest commodity on darknet markets, our threat intelligence team observed a rise in ransomware (and other hacking services).
The study was conducted from November 2022-February 2023. We began by searching Tor for darknet markets advertising illicit products. In total, we identified 50 active markets: this is more than all prior studies. We then searched for vendors advertising ransomware across these markets, identifying 41 vendors actively selling ransomware products. The number of markets and vendors highlight the availability of ransomware and ease of access. Interestingly, we find more markets than vendors. Ransomware vendors advertise their products on multiple illicit markets, which increases vendor revenue and market resiliency. If one market is taken offline (by law enforcement or hackers), customers can shop with the same vendor across multiple store fronts.
The 41 identified vendors advertised 98 unique ransomware products. This too shows the accessibility of various forms of ransomware readily available for purchase. We extracted the product description, price, and transaction information into a structured database file for analysis. In total, we identified 504 successful transactions (within a 4-month period) with prices ranging from $1-$470. On average, ransomware so |
Ransomware Threat Cloud | ★★ | |
 |
2023-03-07 10:30:45 | FBI and CISA issue joint warning on Royal Ransomware (lien direct) | >On March 6, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint warning to critical infrastructure groups worldwide regarding the dangers of Royal Ransomware. This state-sponsored hacking group has recently targeted high-profile healthcare organizations, including those in the United States, and has a particular interest in … | Ransomware | ★★ | |
|
2023-03-07 10:30:45 | CISA and FBI issue joint warning on Royal Ransomware (lien direct) | >On March 6, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint warning to critical infrastructure groups worldwide regarding the dangers of Royal Ransomware. This state-sponsored hacking group has recently targeted high-profile healthcare organizations, including those in the United States, and has a particular interest in … | Ransomware | ★★ | |
 |
2023-03-07 10:13:52 | Ransomware Hits Major Barcelona Hospital, Appointments Canceled (lien direct) | Authorities in Barcelona revealed on Monday that thousands of appointments had to be canceled due to a ransomware attack on the city’s primary hospital. After a Saturday attack on the Hospital Clinic de Barcelona, all of the facility’s laboratories, clinics, and emergency room computers were shut down. On Monday, its website was not accessible. Because […] | Ransomware | ★★★ | |
 |
2023-03-07 09:45:26 | Ransomware : la police lance l\'offensive contre les pirates de DoppelPaymer (lien direct) |  Les hackers derrière le ransomware DoppelPaymer sont dans le collimateur d'Europol. Une opération coup de poing, menée en Allemagne et en Ukraine, a permis de mettre la main sur du matériel appartenant aux pirates. |
Ransomware | ★★★ | |
 |
2023-03-06 21:45:08 | DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape (lien direct) | Millions extorted from victims, one attack left hospital patient dead German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other "masterminds" behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient.… | Ransomware | ★★ | |
 |
2023-03-06 19:25:00 | Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang (lien direct) | This is the latest in a line of law-enforcement actions busting up the ransomware scene. | Ransomware | ★ | |
 |
2023-03-06 18:59:21 | Cyberattack Hits Major Hospital in Spanish City of Barcelona (lien direct) | >A ransomware attack on one of Barcelona' s main hospitals has crippled the center's computer system and forced the cancellation of non-urgent operations and patient checkups. | Ransomware | ★★ | |
 |
2023-03-06 17:43:00 | Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine (lien direct) | Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind large-scale attacks using DoppelPaymer ransomware. The operation, which took place on February 28, 2023, was carried out with support from the Dutch National Police (Politie) and the U.S. Federal Bureau of Investigation (FBI), according to Europol. This encompassed | Ransomware | ★ | |
 |
2023-03-06 16:30:00 | DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine (lien direct) | Police also seized electronic equipment and are currently performing forensic examinations | Ransomware | ★ | |
 |
2023-03-06 16:26:36 | European raid targeted notorious ransomware gang DoppelPaymer (lien direct) | >The DoppelPaymer ransomware gang is considered one of the world's most dangerous after it was linked to the death at a hospital in Germany. | Ransomware | ★★ | |
 |
2023-03-06 14:03:00 | Vice Society ransomware group claims German university as latest victim (lien direct) |
The Vice Society ransomware group added the Hamburg University of Applied Sciences (HAW Hamburg) to its leak site this weekend following an attack that the institution said took place late last year.
HAW Hamburg is one of several German-speaking institutions with a focus on applied sciences to be targeted by ransomware gangs in recent months.
In [a statement](https://www.haw-hamburg.de/fileadmin/PK/PDF/Infos_Art._34_DS-GVO_final.pdf) sent to all employees and students, the university said the attack was on December 29, describing a ransomware incident without using the term itself. The school has about 16,000 students.
“The attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage,” the statement explained.
“With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started,” it added.
The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses and mobile phone numbers.
Despite describing the compromised passwords as “cryptographically secured” the IT team recommended that students and staff change their passwords “for all internal university applications,” adding “in particular, change your password for Microsoft Teams and avoid using passwords that you have already used before.”
The university said it had to rebuild its IT systems, including the existing Microsoft cloud environment, and was “trying to restore a backup of the email data from the old mail server as of December 14.”
Following the attack, HAW Hamburg's IT security said it had “received several reports from students about attempts to log on to Internet portals such as Amazon and eBay by unauthorized third parties.”
“After reviewing all previous reports, and taking into account the attacker group's previous approach, it can be ruled out that the login attempts are related to the security incident at HAW Hamburg or the attacker group,” the team added.
Back in January the Vice Society ransomware group [claimed responsibility](https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/) for a November attack against the University of Duisburg-Essen in Germany.
Then in February the University of Zurich, Switzerland's largest university, announced it was the target of a “serious cyberattack,” which a spokesperson described to The Record as “part of a current accumulation of attacks on educational and health institutions.”
The week before, the [Harz University of Applied Sciences](https://www.n-tv.de/regionales/sachsen-anhalt/Hochschule-Harz-nach-digitalem-Angriff-offline-article23885755.html) in Saxony-Anhalt, [Ruhr West University](https://www.hochschule-ruhr-west.de/hrwoffline/), and the [EU/FH European University of Applied Sciences](https://www.eufh.de/hochschule/pressemitteilung) all announced being impacted by cyberattacks.
|
Ransomware Guideline Cloud | ★★ | |
|
2023-03-06 14:02:00 | Thousands of appointments canceled after ransomware hits major Barcelona hospital (lien direct) |
A ransomware attack on the city of Barcelona's main hospital has forced thousands of appointments to be canceled, officials announced Monday.
The Hospital Clinic de Barcelona was attacked Saturday, with computers across the institutions' numerous laboratories, clinics and emergency room shut down. Its website was unavailable on Monday.
Officials said that 150 non-urgent operations were canceled on Monday alongside up to 3,000 patient checkups, including radiotherapy visits, because staff can't access patients' clinical records, reported the [El País newspaper](link).
The Ransom House gang - which lists semiconductor company AMD as a previous victim, claiming to have sold data stolen by its "partners" - was responsible for the attack, according to the regional Catalonian Cybersecurity Agency. The gang itself claims on its leak site to “have nothing to do with any breaches” and doesn't “produce or use any ransomware.” It describes itself as a “professional mediators community.”
Segi Marcén, telecommunications secretary for the regional Catalonia government, said that no extortion demand had yet been received but that the hospital would not be making a ransom payment even if one was.
“We will not pay a cent,” Marcén said. Ransomware gangs typically threaten to release stolen data publicly if an extortion payment doesn't come by a certain deadline. As of Monday, nothing from the hospital was on Ransom House's leak site.
Marcén added that the regional government was “focusing on recovering the information” impacted by the attack, although it was not yet clear whether the hospital's data backups were also compromised, El País reported.
Staff at the hospital have been forced to write on paper and do not have access to electronic patient data-sharing systems. The facility's press department announced that urgent cases are being diverted to other hospitals.
“We can't make any prediction as to when the system will be back up to normal,” the hospital's director, Antoni Castells, told journalists, adding that there was a contingency plan to keep services functioning for several days although he hoped the system would be fixed sooner.
Tomàs Roy, the general director of the Catalan Cybersecurity Agency, said the attackers “have used new attack techniques,” but didn't specify what they were.
Recovering from the attack will be “gradual,” reported El País, as IT staff will need to ensure that systems aren't restored while the attackers maintain some access to the system. |
Ransomware | ★★ | |
|
2023-03-06 14:01:00 | Ransomware gang posts breast cancer patients\' clinical photographs (lien direct) |
The ALPHV ransomware group, also known as BlackCat, is attempting to extort a healthcare network in Pennsylvania by publishing photographs of breast cancer patients.
These clinical images, used by Lehigh Valley Health Network as part of radiotherapy to tackle malignant cells, were described as “nude photos” on the criminals' site.
Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the BlackCat gang, which it described as linked to Russia, and stated that it would not pay a ransom.
“Based on our initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. We take this very seriously and protecting the data security and privacy of our patients, physicians and staff is critical,” said the network's president and chief executive, Brian Nester.
Nester added that the incident involved “a computer system used for clinically appropriate patient images for radiation oncology treatment and other sensitive information.”
At the time of the original statement, Nester said Lehigh Valley Health Network's services - including a cancer institute and a children's hospital - were not affected.
However the network's website is currently inaccessible. The Record was unable to contact the network for further comment following its listing on the ALPHV [.onion](https://en.wikipedia.org/wiki/Tor_(network)) website.
Onlookers have been revolted by the attempt to leverage the sensitivities around cancer treatment and intimate images to extort the organization.
Max Smeets, an academic at ETH Zurich - a public research university - and the director of the European Cyber Conflict Research Initiative, [wrote](https://twitter.com/Maxwsmeets/status/1632654116320075776): “This makes me so angry. I hope these barbarians will be held accountable for their heinous actions.”
"A new low. This is sickening," [wrote](https://twitter.com/rj_chap/status/1632465294580133888) malware analyst Ryan Chapman, while Nicholas Carroll, a cybersecurity professional, [said](https://twitter.com/sloppy_bear/status/1632468646873165824) the gang was “trying to set new standards in despicable.”
ALPHV itself celebrated the attack and the attention it brought.
“Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business. Your time is running out. We are ready to unleash our full power on you!”
Numerous healthcare organizations have been attacked by ransomware gangs in recent months. The criminal industry persists because of victims who pay, sometimes because their businesses face an existential threat, and sometimes to avoid the negative publicity.
Medibank, one of Australia's largest health insurance providers, stated last November that it would not be making a [ransom payment](https://therecord.media/medibank-says-it-will-not-pay-ransom-in-hack-that-impacted-9-7-million-customers/) after hackers gained access to the data of 9.7 million current and former customers, including 1.8 million international customers living abroad.
The information included sensitive healthcare claims data for around 480,000 individuals, including information about drug addiction treatments and abortions. Outrage at the attack prompted the government to [consider banning](https://therecord.media/australia-to-consider-banning-ransomware-payments/) ransomware payments in a bid to undermine the industry.
Back in January, the hospital technology giant [NextGen Healthcare](https://therecord.media/electronic-health-record-giant-nextgen-dealing-with-cyberattack/) said it was responding to a cyberattack after ALPHV added the company to its list of victims. |
Ransomware Malware | ★★★ | |
|
2023-03-06 12:47:25 | Ransomware Operators Leak Data Allegedly Stolen From City of Oakland (lien direct) | Play ransomware operators have leaked data allegedly stolen from the City of Oakland last month. | Ransomware | ★★ | |
|
2023-03-06 10:30:00 | City of Oakland Faces Major Data Leak (lien direct) | Information was stolen during recent ransomware attack | Ransomware | ★★ | |
 |
2023-03-06 10:10:00 | Ransomware Roundup – Sirattacker and ALC Ransomware (lien direct) | In this week's Ransomware Roundup, FortiGuardLabs covers Sirattacker and ALC ransomware along with protection recommendations. Learn more: | Ransomware | ★★ | |
|
2023-03-06 03:01:08 | Where are the women in cyber security? On the dark side, study suggests (lien direct) | Also, Royal ransomware metastasizes to other critical sectors, and this week's critical vulnerabilities In Brief If you can't join them, then you may as well try to beat them – at least if you're a talented security engineer looking for a job and you happen to be a woman. … | Ransomware | ★★★ | |
 |
2023-03-04 15:47:41 | Ransomware gang leaks data stolen from City of Oakland (lien direct) | The Play ransomware gang has begun to leak data from the City of Oakland, California, that was stolen in a recent cyberattack. [...] | Ransomware | ★★ | |
|
2023-03-04 13:00:00 | A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war (lien direct) |  Last November, several Ukrainian organizations were targeted by a new type of ransomware called RansomBoggs. Its operators sent infected computers a ransom note written on behalf of James P. Sullivan - the main protagonist of the animated film Monsters, Inc. In the note Sullivan, whose job in the movie was to scare kids, asked for [… |
Ransomware | ★★★ | |
|
2023-03-03 20:30:46 | Indigo Books Refuses LockBit Ransomware Demand (lien direct) | Canada's largest bookseller rejected the pressure of the ransomware gang's countdown timer, despite data threats. | Ransomware | ★★ | |
|
2023-03-03 19:57:24 | U.S. government warns of Royal ransomware attacks against critical infrastructure (lien direct) |  The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory Thursday warning vulnerable organizations of an increased threat posed by Royal ransomware. The guidance is the second warning the U.S. government has issued about Royal ransomware in recent months. In December, the U.S. Department of Health and Human Services (HHS) warned hospitals [… |
Ransomware Threat | ★★★ | |
|
2023-03-03 18:46:41 | The Week in Ransomware - March 3rd 2023 - Wide impact attacks (lien direct) | This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile. [...] | Ransomware | ★★★ | |
|
2023-03-03 17:11:07 | Oakland officials say ransomware group may release personal data on Saturday (lien direct) |  The government of Oakland acknowledged on Friday that the ransomware group responsible for the cyberattack on city systems is planning to publish the information it stole. On Thursday evening, the Play ransomware group said it was behind the wide-ranging attack, writing on its leak site that it planned to publish sensitive stolen data on Saturday. [… |
Ransomware | ★★ | |
|
2023-03-03 13:45:00 | CISA Warns Against Royal Ransomware in New Advisory (lien direct) | Malicious activity using a particular malware variant has been spotted since September 2022 | Ransomware Malware | ★★★ | |
|
2023-03-03 12:12:00 | U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware\'s Deadly Capabilities (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory about Royal ransomware, which emerged in the threat landscape last year. "After gaining access to victims' networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems," CISA said. The custom ransomware | Ransomware Threat | ★★ | |
|
2023-03-03 11:20:39 | FBI and CISA warn of increasing Royal ransomware attack risks (lien direct) | CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education. [...] | Ransomware Threat | ★★★ | |
|
2023-03-03 10:42:21 | Play ransomware claims disruptive attack on City of Oakland (lien direct) | The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February. [...] | Ransomware | ★★★ | |
|
2023-03-03 00:32:15 | Crappy insecure software in Biden\'s crosshairs (lien direct) | Just-revealed US cybersecurity strategy 'has fangs' for catching crafty criminals and crummy coders Analysis Technology providers can expect more regulations, while cyber criminals can look for US law enforcement to step up their efforts to disrupt ransomware gangs and other illicit activities, under the Biden administration's computer security plan announced on Thursday.… | Ransomware | ★★★ | |
 |
2023-03-02 13:28:05 | Educational Institutions Face 234% Increase in Ransomware Attacks (lien direct) | >As the world becomes increasingly digital, educational institutions face a growing cyberattack threat. In 2022,... | Ransomware | ★★★ | |
|
2023-03-02 13:07:19 | Canadian Bookstore Chain Indigo Says Employee Data Stolen in Ransomware Attack (lien direct) | Canadian bookstore chain Indigo this week confirmed that employee data was stolen in a ransomware attack last month. | Ransomware | ★★ | |
|
2023-03-02 11:00:00 | 8 Common Cybersecurity issues when purchasing real estate online: and how to handle them (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. More and more, people are completing the entire real estate transaction process online. From searching for properties to signing documents, online convenience can make the process easier and more efficient. However, with all of this activity taking place on the internet, it is important to be aware of the potential security risks that come along with it. Here are the eight common cybersecurity issues that can arise during the purchase of real estate online and how you can protect yourself against them. 1. Cybercrime This is, unfortunately, the world we live in - and it makes sense, given the large sums of money involved. Cybercriminals may attempt to hack into the system and gain access to private information. They may even try to interfere with the transaction process itself, delaying or preventing it from taking place at all. To combat this threat, make sure you are using a secure online platform when completing the transaction and be sure to only provide personal information when necessary. When you are completing a real estate transaction online, a lot of your personal information will be requested. This can include anything from your address and phone number to your bank account information. If this information is not properly secured, it could be at risk of being accessed by cybercriminals. To keep yourself safe, it is important to know what to look out for. You should watch for the commonly attempted ways that remote real estate buyers might be targeted and understand what you should do in the event of a breach. 2. Data breaches Buying real estate remotely involves a number of different tools, like online payment gateways and other web services. All of these tools can be vulnerable to data breaches, which means that hackers could gain access to your personal information stored on their servers. To protect yourself, research a service’s security standards before providing any sensitive information or look for an alternative if the security measures are inadequate. Always make sure you are observing best practices during and after an online purchase, which include doing things like updating your passwords as appropriate and monitoring your credit cards for any suspicious activity. By following these tips, you can help ensure that your online real estate transaction is secure. 3. Phishing scams These are attempts to obtain your personal information by pretending to be a legitimate source and they are on the rise. Be sure to only provide your information on secure websites and look for signs of legitimacy, such as “https” in the web address or a padlock icon in the URL bar. Phishing scams that target real estate buyers might include emails, text messages, and voicemails asking you to provide your credit card details or other personal information to make a purchase. Make sure to always look for signs of legitimacy before providing any sensitive information. They might also include bogus emails from lawyers or other professionals with malicious links or attachments. Be sure to only open emails from verified sources and never click on suspicious links. 4. Malware threats Malicious software can be used to steal your personal information, such as banking credentials and passwords, or to install ransomware that locks you out from accessing your own files. To protect yourself from malware, make sure to install | Ransomware Malware Hack | ★★ | |
 |
2023-03-02 10:06:09 | Bitdefender propose une clé de déchiffrement universelle pour le ransomware MortalKombat (lien direct) | Bitdefender propose une clé de déchiffrement universelle pour le ransomware MortalKombat L'outil gratuit aide les victimes à récupérer les données chiffrées à la suite d'une attaque par le ransongiciel MortalKombat. - Produits | Ransomware | ★★★ | |
|
2023-03-02 10:03:36 | SonicWall Cyber Threat Report 2023 untersucht die neuen Cyberfronten und das veränderte Verhalten von Bedrohungsakteuren (lien direct) | SonicWall Cyber Threat Report 2023 untersucht die neuen Cyberfronten und das veränderte Verhalten von Bedrohungsakteuren • Malware insgesamt um 2 % gestiegen, mit Zunahmen bei IoT-Malware (+87 %) und Cryptojacking (+43 %) • Trotz globalem Rückgang der Ransomware-Aktivitäten um 21 % ist 2022 das Jahr mit den zweitmeisten weltweiten Ransomware-Angriffen überhaupt (493,3 Millionen) • Bereiche Bildung (+157 %), Finanzen (+86 %) und Einzelhandel (+50 %) am schwersten von Malware getroffen • Ukraine verzeichnete Rekordzahlen von Malware (25,6 Millionen) und Ransomware (7,1 Millionen) • SonicWall identifizierte im Jahr 2022 465.501 bis dahin unbekannte Malware-Varianten • Zahl der Eindringversuche über Log4j-Schwachstellen überstieg 1 Milliarde - Sonderberichte | Ransomware Malware Threat | ★ | |
|
2023-03-02 10:00:29 | 2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior (lien direct) | 2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior • Overall malware up 2%, with surges in IoT malware (+87%) and cryptojacking (+43%) • Ransomware attacks dipped 21% globally, but 2022 still second-highest year on record for global ransomware attempts (493.3 million) • Education (+157%), finance (+86%) and retail (+50%) verticals hit hardest by malware • Ukraine saw record levels of malware (25.6 million) and ransomware (7.1 million) • SonicWall discovered 465,501 'never-before-seen' malware variants in 2022 • Intrusion attempts against Log4j vulnerabilities eclipsed 1 billion - Special Reports | Ransomware Malware Threat | ★★ | |
|
2023-03-02 09:31:19 | Pierce Transit: Bus System In Washington Admits Ransomware Attack (lien direct) | A public transit company ‘Pierce Transit’ operating in sections of Washington state, believed some of its systems were affected by a ransomware attack two weeks ago. The ransomware attack began on February 14 and required Pierce Transit to implement temporary workarounds, according to the company, which primarily serves Tacoma and the surrounding Pierce County region […] | Ransomware | ★★ | |
 |
2023-03-02 00:00:00 | Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks (lien direct) | In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups' targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.” | Ransomware | ★★★ | |
 |
2023-03-01 23:39:11 | (Déjà vu) ASEC Weekly Malware Statistics (February 20th, 2023 – February 26th, 2023) (lien direct) | The ASEC (AhnLab Security response Center) uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from February 20th, 2023 (Monday) to February 26th, 2023 (Sunday). For the main category, backdoor ranked top with 51.0%, followed by downloader with 24.7%, Infostealer with 22.7%, ransomware with 1.4%, and CoinMiner with 0.2%. Top 1 – RedLine RedLine ranked first place with 46.9%. The malware steals various information such as web browsers,... | Ransomware Malware | ★★ | |
|
2023-03-01 22:25:00 | Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services (lien direct) | The cyberattackers might have potentially accessed customer information, the service provider warns. | Ransomware | ★★ | |
|
2023-03-01 20:46:22 | Canadian book giant says employee data was stolen during ransomware attack (lien direct) |  Toronto-based Indigo now says that employee data was accessed in a ransomware incident last month. The LockBit gang claims it was the perpetrator |
Ransomware | ★★ | |
|
2023-03-01 18:56:46 | Washington state public bus system confirms ransomware attack (lien direct) |  Pierce Transit, which serves the Tacoma area, said a ransomware attack disrupted systems and necessitated some temporary workarounds |
Ransomware | ★★ | |
|
2023-03-01 16:17:58 | 10m Dish customers at risk in US Broadcast sector after Ransomware attack (lien direct) | 10m Dish customers at risk in US Broadcast sector after Ransomware attack Dr Darren Williams, CEO and Founder of Ransomware and ADX specialists, Blackfog points out that - Malware Update | Ransomware | ★★ | |
 |
2023-03-01 11:59:44 | 8 ways to secure Chrome browser for Google Workspace users (lien direct) | Posted by Kiran Nair, Product Manager, Chrome Browser Your journey towards keeping your Google Workspace users and data safe, starts with bringing your Chrome browsers under Cloud Management at no additional cost. Chrome Browser Cloud Management is a single destination for applying Chrome Browser policies and security controls across Windows, Mac, Linux, iOS and Android. You also get deep visibility into your browser fleet including which browsers are out of date, which extensions your users are using and bringing insight to potential security blindspots in your enterprise. Managing Chrome from the cloud allows Google Workspace admins to enforce enterprise protections and policies to the whole browser on fully managed devices, which no longer requires a user to sign into Chrome to have policies enforced. You can also enforce policies that apply when your managed users sign in to Chrome browser on any Windows, Mac, or Linux computer (via Chrome Browser user-level management) --not just on corporate managed devices.  This enables you to keep your corporate data and users safe, whether they are accessing work resources from fully managed, personal, or unmanaged devices used by your vendors. Getting started is easy. If your organization hasn't already, check out this guide for steps on how to enroll your devices. 2. Enforce built-in protections against Phishing, Ransomware & Malware Chrome uses Google's Safe Browsing technology to help protect billions of devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files. Safe Browsing is enabled by default for all users when they download Chrome. As an administrator, you can prevent your users from disabling Safe Browsing by enforcing the SafeBrowsingProtectionLevel policy.  Over the past few years, we've seen threats on the web becoming increasingly sophisticated. Turning on Enhanced Safe Browsing will substantially increase protection |
Ransomware Malware Tool Threat Guideline Cloud | ★★★ | |
|
2023-03-01 11:00:00 | Dish Network Says Outage Caused by Ransomware Attack (lien direct) | >Satellite TV giant Dish Network has confirmed rumors that a recent outage was the result of a cyberattack and admitted that data was stolen. | Ransomware | ★★ | |
|
2023-03-01 10:00:00 | Dish Network Confirms Ransomware Outage (lien direct) | Satellite TV provider comes clean in SEC filing | Ransomware | ★★ | |
|
2023-03-01 09:30:00 | Researchers Release MortalKombat Ransomware Decryptor (lien direct) | Bitdefender moves in record time to help victims | Ransomware | ★★ | |
|
2023-03-01 09:10:50 | Bitdefender Releases New Decryptor For MortalKombat Ransomware (lien direct) | A free MortalKombat ransomware decryptor has been made available by cybersecurity company Bitdefender in order to prevent victims from having to pay a ransom to regain their files. The publication of a viable decryptor for the particular strain came shortly after its initial appearance in January 2023, when Cisco Talos stated that it predominantly targeted […] | Ransomware | ★★ | |
|
2023-03-01 08:37:18 | Le rapport 2023 de SonicWall sur les cybermenaces jette un nouvel éclairage sur l\'évolution des lignes de front et le comportement des cybercriminels (lien direct) | Le rapport 2023 de SonicWall sur les cybermenaces jette un nouvel éclairage sur l'évolution des lignes de front et le comportement des cybercriminels. • Augmentation de 2 % de l'ensemble des logiciels malveillants, avec une forte hausse sur les logiciels malveillants visant l'IoT (+87 %) et ceux de cryptojacking (+43 %). • Les attaques par ransomware ont diminué de 21 % au niveau mondial, mais 2022 reste la deuxième année la plus importante en termes de tentatives de ransomware (493,3 millions). • Les secteurs verticaux de l'éducation (+157 %), de la finance (+86 %) et du commerce de détail (+50 %) sont les plus touchés par les logiciels malveillants. • L'Ukraine a enregistré des niveaux records de logiciels malveillants (25,6 millions) et de rançongiciels (7,1 millions). • SonicWall a découvert 465 501 variantes de logiciels malveillants "zero day" en 2022. • Les tentatives d'intrusion contre les vulnérabilités de Log4j ont dépassé le billion d'unités. - Investigations | Ransomware | ★★★ | |
|
2023-03-01 00:34:26 | Victims of MortalKombat ransomware can now decrypt their locked files for free (lien direct) |  Cybersecurity firm Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023. The malware has been used on dozens of victims across the U.S., United Kingdom, Turkey and the Philippines, according to a recent report from Cisco. Bogdan Botezatu, director of threat research and reporting [… |
Ransomware Malware Threat | ★★ | |
|
2023-02-28 21:26:32 | US Marshals Service becomes latest law enforcement agency hit by hackers (lien direct) |  The U.S. Marshals Service said it was struck by ransomware last week in an attack that affected systems holding sensitive law enforcement data and personally identifiable information related to several suspects. U.S. Marshals Service spokesperson Drew Wade told NBC News late on Monday evening that after consulting with senior officials at the agency, it was [… |
Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
