Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-17 13:31:23 |
Russian ransomware gangs start collaborating with Chinese hackers (lien direct) |
There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. [...] |
Ransomware
|
|
|
|
2021-11-16 12:35:50 |
WordPress sites are being hacked in fake ransomware attacks (lien direct) |
A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. [...] |
Ransomware
|
|
|
|
2021-11-16 10:31:03 |
Microsoft adds AI-driven ransomware protection to Defender (lien direct) |
Microsoft has introduced an AI-driven ransomware attack detection system for Microsoft Defender for Endpoint customers that complements existing cloud protection by evaluating risks and blocking actors at the perimeter. [...] |
Ransomware
|
|
|
|
2021-11-14 10:00:00 |
US Education Dept urged to boost K-12 schools\' ransomware defenses (lien direct) |
The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks. [...] |
Ransomware
|
|
|
|
2021-11-12 16:07:06 |
The Week in Ransomware - November 12th 2021 - Targeting REvil (lien direct) |
This week, law enforcement struck a massive blow against the REvil ransomware operation, with multiple arrests announced and the seizure of cryptocurrency. [...] |
Ransomware
|
|
|
|
2021-11-12 12:14:17 |
FTC shares ransomware defense tips for small US businesses (lien direct) |
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [...] |
Ransomware
Threat
|
|
|
|
2021-11-11 11:04:00 |
Magniber ransomware gang now exploits Internet Explorer flaws in attacks (lien direct) |
The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. [...] |
Ransomware
|
|
|
|
2021-11-11 08:54:03 |
New bill sets ransomware attack response rules for US financial orgs (lien direct) |
New legislation introduced this week by US lawmakers aims to set ransomware attack response "rules of road" for US financial institutions. [...] |
Ransomware
|
|
|
|
2021-11-10 10:52:26 |
TrickBot teams up with Shatak phishers for Conti ransomware attacks (lien direct) |
A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. [...] |
Ransomware
Threat
|
|
|
|
2021-11-09 09:54:21 |
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks (lien direct) |
The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-11-09 09:15:45 |
Medical software firm urges password resets after ransomware attack (lien direct) |
Medatixx, a German medical software vendor whose products are used in over 21,000 health institutions, urges customers to change their application passwords following a ransomware attack that has severely impaired its entire operations. [...] |
Ransomware
|
|
|
|
2021-11-08 19:11:32 |
U.S. offers $10 million reward for leaders of REvil ransomware (lien direct) |
The U.S. is offering up to $10 million for identifying or locating leaders in the REvil (Sodinokibi) ransomware operation, including $5 million leading to the arrest of affiliates. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-08 13:26:45 |
(Déjà vu) US sanctions Chatex cryptoexchange used by ransomware gangs (lien direct) |
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions. [...] |
Ransomware
|
|
|
|
2021-11-08 13:18:02 |
US seizes $6 million from REvil ransomware, arrest Kaseya hacker (lien direct) |
The United States Department of Justice today has announced charges against a REvil ransomware affiliate responsible for the attack against the Kaseya MSP platform on July 2nd and seizing more than $6 million from another REvil partner. [...] |
Ransomware
|
|
|
|
2021-11-08 09:51:57 |
REvil ransomware affiliates arrested in Romania and Kuwait (lien direct) |
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims. [...] |
Ransomware
|
|
|
|
2021-11-08 09:27:49 |
(Déjà vu) MediaMarkt hit by Hive ransomware, initial $240 million ransom (lien direct) |
Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
|
2021-11-08 09:27:49 |
Electronics retail giant MediaMarkt hit by ransomware attack (lien direct) |
Electronics retail giant MediaMarkt has suffered a ransomware attack causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. [...] |
Ransomware
|
|
|
|
2021-11-07 11:46:27 |
Operation Cyclone deals blow to Clop ransomware operation (lien direct) |
A thirty-month international law enforcement operation codenamed 'Operation Cyclone' targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-05 18:05:04 |
The Week in Ransomware - November 5th 2021 - Placing bounties (lien direct) |
Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations. [...] |
Ransomware
Guideline
|
|
|
|
2021-11-05 12:03:55 |
FBI: Ransomware gangs hit several tribal-owned casinos in the last year (lien direct) |
The Federal Bureau of Investigation (FBI) says that multiple ransomware gangs have hit tribal entities over the last year, taking down their systems and impacting businesses and public services. [...] |
Ransomware
|
|
|
|
2021-11-04 15:03:45 |
Phishing emails deliver spooky zombie-themed MirCop ransomware (lien direct) |
A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes. [...] |
Ransomware
|
|
|
|
2021-11-04 12:39:34 |
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware (lien direct) |
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware. [...] |
Ransomware
Threat
|
|
|
|
2021-11-04 07:22:01 |
(Déjà vu) Lockean multi-ransomware affiliates linked to attacks on French orgs (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
|
2021-11-04 07:22:01 |
Lockean multi-RaaS affiliate linked to attacks against French businesses (lien direct) |
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team (CERT). [...] |
Ransomware
|
|
|
|
2021-11-03 13:22:25 |
(Déjà vu) UK Labour Party discloses data breach after ransomware attack (lien direct) |
The UK Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a third-party organization that was managing the party's data. [...] |
Ransomware
Data Breach
|
|
|
|
2021-11-03 12:47:42 |
BlackMatter ransomware moves victims to LockBit after shutdown (lien direct) |
With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware site for continued extortion. [...] |
Ransomware
|
|
|
|
2021-11-03 01:59:46 |
BlackMatter ransomware claims to be shutting down due to police pressure (lien direct) |
The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations. [...] |
Ransomware
|
|
|
|
2021-11-02 07:59:18 |
FBI: Ransomware targets companies during mergers and acquisitions (lien direct) |
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. [...] |
Ransomware
|
|
|
|
2021-11-01 10:13:59 |
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...] |
Ransomware
|
|
|
|
2021-10-30 11:02:01 |
Chaos ransomware targets gamers via fake Minecraft alt lists (lien direct) |
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...] |
Ransomware
|
|
|
|
2021-10-29 17:43:14 |
The Week in Ransomware - October 29th 2021 - Making arrests (lien direct) |
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...] |
Ransomware
|
|
|
|
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
|
2021-10-29 05:07:49 |
(Déjà vu) Police arrest hackers behind over 1,800 ransomware attacks (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
|
2021-10-29 05:07:49 |
Police arrest criminals behind Norsk Hydro ransomware attack (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
|
2021-10-28 09:02:21 |
Ransomware gangs use SEO poisoning to infect visitors (lien direct) |
Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] |
Ransomware
|
|
|
|
2021-10-28 07:26:09 |
German investigators identify REvil ransomware gang core member (lien direct) |
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] |
Ransomware
|
|
|
|
2021-10-27 16:37:26 |
NRA: No comment on Russian ransomware gang attack claims (lien direct) |
The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] |
Ransomware
|
|
|
|
2021-10-27 14:35:13 |
Free decryptor released for Atom Silo and LockFile ransomware (lien direct) |
Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] |
Ransomware
Tool
|
|
|
|
2021-10-27 11:52:12 |
Babuk ransomware decryptor released to recover files for free (lien direct) |
Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...] |
Ransomware
Tool
|
|
★★★★
|
|
2021-10-27 11:00:00 |
(Déjà vu) Malicious NPM libraries install ransomware, password stealer (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|
|
2021-10-27 11:00:00 |
Malicious Roblox NPMs drop ransomware and password stealers (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|
|
2021-10-26 09:59:00 |
FBI: Ranzy Locker ransomware hit at least 30 US companies this year (lien direct) |
The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. [...] |
Ransomware
|
|
|
|
2021-10-25 10:31:42 |
Hackers used billing software zero-day to deploy ransomware (lien direct) |
An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks. [...] |
Ransomware
|
|
|
|
2021-10-24 11:27:06 |
BlackMatter ransomware victims quietly helped using secret decryptor (lien direct) |
Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars. [...] |
Ransomware
|
|
|
|
2021-10-22 17:47:32 |
The Week in Ransomware - October 22nd 2021 - Striking back (lien direct) |
Between law enforcement operations, REvil's second shut down, and ransomware gangs' response to the hacking of their servers, it has been quite the week. [...] |
Ransomware
|
|
|
|
2021-10-22 14:02:21 |
DarkSide ransomware rushes to cash out $7 million in Bitcoin (lien direct) |
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. [...] |
Ransomware
|
|
|
|
2021-10-22 11:48:53 |
Groove ransomware calls on all extortion gangs to attack US interests (lien direct) |
The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week. [...] |
Ransomware
|
|
|
|
2021-10-22 10:06:38 |
Italian celebs\' data exposed in ransomware attack on SIAE (lien direct) |
The Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) has announced an investigation into a data breach of the country's copyright protection agency. [...] |
Ransomware
Data Breach
|
|
|
|
2021-10-21 15:07:54 |
Evil Corp demands $40 million in new Macaw ransomware attacks (lien direct) |
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. [...] |
Ransomware
|
|
|
|
2021-10-21 12:24:13 |
(Déjà vu) Hacking gang creates fake firm to hire pentesters for ransomware attacks (lien direct) |
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...] |
Ransomware
|
|
|