Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-17 10:33:00 |
Ransomware attack halts circulation of some German newspapers (lien direct) |
German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. [...] |
Ransomware
|
|
|
|
2022-10-14 17:27:17 |
Police tricks DeadBolt ransomware out of 155 decryption keys (lien direct) |
The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. [...] |
Ransomware
|
|
|
|
2022-10-11 12:59:44 |
Microsoft Exchange servers hacked to deploy LockBit ransomware (lien direct) |
Microsoft is investigating reports of a new zero-day bug abused to hack Exchange servers which were later used to launch Lockbit ransomware attacks. [...] |
Ransomware
Hack
|
|
|
|
2022-09-29 10:32:16 |
New Royal Ransomware emerges in multi-million dollar attacks (lien direct) |
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million. [...] |
Ransomware
|
|
★★★★★
|
|
2022-09-25 11:14:27 |
Ransomware data theft tool may show a shift in extortion tactics (lien direct) |
Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. [...] |
Ransomware
Malware
Tool
|
|
|
|
2022-09-23 17:25:58 |
The Week in Ransomware - September 23rd 2022 - LockBit leak (lien direct) |
This week we saw some embarrassment for the LockBit ransomware operation when their programmer leaked a ransomware builder for the LockBit 3.0 encryptor. [...] |
Ransomware
|
|
|
|
2022-09-20 16:33:51 |
Hive ransomware claims attack on New York Racing Association (lien direct) |
The Hive ransomware operation claimed responsibility for an attack on the New York Racing Association (NYRA), which previously disclosed that a cyber attack on June 30, 2022, impacted IT operations and website availability and compromised member data. [...] |
Ransomware
|
|
|
|
2022-09-19 12:07:36 |
VMware, Microsoft warn of widespread Chromeloader malware attacks (lien direct) |
The operators of the Chromeloader adware are evolving their attack methods and gradually transforming the low-risk tool into a dangerous malware loader, seen dropping ransomware in some cases. [...] |
Ransomware
Malware
Tool
|
|
|
|
2022-09-17 11:17:23 |
Emotet botnet now pushes Quantum and BlackCat ransomware (lien direct) |
While monitoring the Emotet botnet's current activity, security researchers found that the malware is now being used by the Quantum and BlackCat ransomware gang to deploy their payloads. [...] |
Ransomware
Malware
|
|
|
|
2022-09-17 10:12:14 |
New York ambulance service discloses data breach after ransomware attack (lien direct) |
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. [...] |
Ransomware
Data Breach
|
|
|
|
2022-09-15 15:10:55 |
Hive ransomware claims cyberattack on Bell Canada subsidiary (lien direct) |
The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). [...] |
Ransomware
|
|
|
|
2022-09-12 12:00:00 |
Lorenz ransomware breaches corporate network via phone systems (lien direct) |
The Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises using their phone systems for initial access to their corporate networks. [...] |
Ransomware
Vulnerability
|
|
|
|
2022-09-07 07:00:00 |
Google says former Conti ransomware members now attack Ukraine (lien direct) |
Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). [...] |
Ransomware
Threat
|
|
|
|
2022-09-06 07:41:11 |
Second largest U.S. school district LAUSD hit by ransomware (lien direct) |
Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend. [...] |
Ransomware
|
|
|
|
2022-09-02 16:05:55 |
BlackCat ransomware claims attack on Italian energy agency (lien direct) |
The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy's energy agency Gestore dei Servizi Energetici SpA (GSE) over the weekend. [...] |
Ransomware
|
|
|
|
2022-09-02 12:25:17 |
Hive ransomware hits Damart clothing store with $2 million ransom (lien direct) |
Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang. [...] |
Ransomware
|
|
|
|
2022-09-02 09:12:27 |
San Francisco 49ers: Blackbyte ransomware gang stole info of 20K people (lien direct) |
NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year. [...] |
Ransomware
|
|
|
|
2022-08-31 13:01:07 |
Ragnar Locker ransomware claims attack on Portugal\'s flag airline (lien direct) |
The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal, disclosed by the airline last Friday. [...] |
Ransomware
|
|
|
|
2022-08-26 16:32:59 |
The Week in Ransomware - August 26th 2022 - Fighting back (lien direct) |
We saw a bit of ransomware drama this week, mostly centered around LockBit, who saw their data leak sites taken down by a DDoS attack after they started leaking the allegedly stolen Entrust data. [...] |
Ransomware
|
|
|
|
2022-08-24 17:39:20 |
Quantum ransomware attack disrupts govt agency in Dominican Republic (lien direct) |
The Dominican Republic's Instituto Agrario Dominicano has suffered a Quantum ransomware attack that encrypted multiple services and workstations throughout the government agency. [...] |
Ransomware
|
|
|
|
2022-08-24 12:36:33 |
RansomEXX claims ransomware attack on Sea-Doo, Ski-Doo maker (lien direct) |
The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products (BRP), disclosed by the company on August 8, 2022. [...] |
Ransomware
|
|
|
|
2022-08-22 10:39:53 |
LockBit ransomware blames Entrust for DDoS attacks on leak sites (lien direct) |
The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. [...] |
Ransomware
|
|
|
|
2022-08-18 19:06:42 |
(Déjà vu) LockBit claims ransomware attack on security giant Entrust, leaks data (lien direct) |
The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust. [...] |
Ransomware
|
|
|
|
2022-08-18 19:06:42 |
LockBit claims ransomware attack on security giant Entrust (lien direct) |
The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust. [...] |
Ransomware
|
|
|
|
2022-08-17 17:28:33 |
BlackByte ransomware gang is back with new extortion tactics (lien direct) |
The BlackByte ransomware is back with version 2.0 of their operation, including a new data leak site utilizing new extortion techniques borrowed from LockBit. [...] |
Ransomware
|
|
|
|
2022-08-15 20:06:24 |
Argentina\'s Judiciary of Córdoba hit by PLAY ransomware attack (lien direct) |
Argentina's Judiciary of Córdoba has shut down its IT systems after suffering a ransomware attack, reportedly at the hands of the new 'Play' ransomware operation. [...] |
Ransomware
|
|
|
|
2022-08-13 10:12:06 |
SOVA malware adds ransomware feature to encrypt Android devices (lien direct) |
The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...] |
Ransomware
Malware
|
|
★★★
|
|
2022-08-11 12:18:40 |
UK NHS service recovery may take a month after MSP ransomware attack (lien direct) |
Managed service provider (MSP) Advanced confirmed that a ransomware attack on its systems caused the disruption of emergency services (111) from the United Kingdom's National Health Service (NHS). [...] |
Ransomware
|
|
|
|
2022-08-10 18:21:40 |
7-Eleven Denmark confirms ransomware attack behind store closures (lien direct) |
7-Eleven Denmark has confirmed that a ransomware attack was behind the closure of 175 stores in the country on Monday. [...] |
Ransomware
|
|
|
|
2022-08-10 14:04:44 |
Hacker uses new RAT malware in Cuba Ransomware attacks (lien direct) |
A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool. [...] |
Ransomware
Malware
|
|
★★★★★
|
|
2022-08-09 11:00:05 |
Maui ransomware operation linked to North Korean \'Andariel\' hackers (lien direct) |
The Maui ransomware operation has been linked to the North Korean state-sponsored hacking group 'Andariel,' known for using malicious cyber activities to generate revenue and causing discord in South Korea. [...] |
Ransomware
|
|
|
|
2022-08-05 17:35:24 |
The Week in Ransomware - August 5th 2022 - A look at cyber insurance (lien direct) |
For the most part, it has been a quiet week on the ransomware front, with a few new reports, product developments, and attacks revealed. [...] |
Ransomware
|
|
|
|
2022-08-03 16:50:05 |
Spanish research agency still recovering after ransomware attack (lien direct) |
The Spanish National Research Council (CSIC) last month was hit by a ransomware attack that is now attributed to Russian hackers. [...] |
Ransomware
|
|
|
|
2022-08-02 15:13:40 |
Microsoft Defender now better at blocking ransomware on Windows 11 (lien direct) |
Microsoft has released new Windows 11 builds to the Beta Channel with improved Microsoft Defender for Endpoint ransomware attack blocking capabilities. [...] |
Ransomware
|
|
|
|
2022-08-02 13:38:57 |
Semiconductor manufacturer Semikron hit by LV ransomware attack (lien direct) |
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network. [...] |
Ransomware
|
|
|
|
2022-08-01 10:20:27 |
BlackCat ransomware claims attack on European gas pipeline (lien direct) |
The ransomware group known as ALPHV (aka BlackCat) has assumed over the weekend responsibility for the cyberattack that hit Creos Luxembourg last week, a natural gas pipeline and electricity network operator in the central European country. [...] |
Ransomware
|
|
|
|
2022-07-28 17:35:48 |
Ransom payments fall as fewer victims choose to pay hackers (lien direct) |
Ransomware statistics from the second quarter of the year show that the ransoms paid to extortionists have dropped in value, a trend that continues since the last quarter of 2021. [...] |
Ransomware
|
|
|
|
2022-07-26 09:38:02 |
No More Ransom helps millions of ransomware victims in 6 years (lien direct) |
The No More Ransom project celebrates its sixth anniversary today after helping millions of ransomware victims recover their files for free. [...] |
Ransomware
|
|
|
|
2022-07-26 07:17:37 |
LockBit claims ransomware attack on Italian tax agency (lien direct) |
Italian authorities are investigating claims made by the LockBit ransomware gang that they breached the network of the Italian Internal Revenue Service (L'Agenzia delle Entrate). [...] |
Ransomware
|
|
|
|
2022-07-13 17:52:46 |
New Lilith ransomware emerges with extortion site, lists first victim (lien direct) |
A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks. [...] |
Ransomware
|
|
|
|
2022-07-13 16:50:18 |
Bandai Namco confirms hack after ALPHV ransomware data leak threat (lien direct) |
Game publishing giant Bandai Namco has confirmed that they suffered a cyberattack that may have resulted in the theft of customers' personal data. [...] |
Ransomware
Hack
Threat
|
|
|
|
2022-07-11 15:24:40 |
Ransomware gang now lets you search their stolen data (lien direct) |
Two ransomware gangs and a data extortion group have adopted a new strategy to force victim companies to pay threat actors to not leak stolen data. [...] |
Ransomware
Threat
|
|
|
|
2022-07-10 10:03:00 |
Maastricht University wound up earning money from its ransom payment (lien direct) |
Maastricht University (UM), a Dutch university with more than 22,000 students, said last week that it has recovered the ransom paid after a ransomware attack that hit its network in December 2019. [...] |
Ransomware
|
|
|
|
2022-07-08 15:22:42 |
New 0mega ransomware targets businesses in double-extortion attacks (lien direct) |
A new ransomware operation named '0mega' targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms. [...] |
Ransomware
|
|
|
|
2022-07-07 13:19:23 |
Quantum ransomware attack affects 657 healthcare orgs (lien direct) |
Professional Finance Company Inc. (PFC), a full-service accounts receivables management company, says that a ransomware attack in late February led to a data breach affecting over 600 healthcare organizations. [...] |
Ransomware
Data Breach
|
|
|
|
2022-07-07 11:47:20 |
QNAP warns of new Checkmate ransomware targeting NAS devices (lien direct) |
Taiwan-based network-attached storage (NAS) vendor QNAP warned customers to secure their devices against attacks using Checkmate ransomware to encrypt data. [...] |
Ransomware
|
|
|
|
2022-07-06 13:32:10 |
(Déjà vu) Ransomware, hacking groups move from Cobalt Strike to Brute Ratel (lien direct) |
Hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] |
Ransomware
|
|
|
|
2022-07-06 13:32:10 |
(Déjà vu) Ransomware, hacking groups ditch Cobalt Strike for Brute Ratel (lien direct) |
APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] |
Ransomware
|
|
|
|
2022-07-06 13:32:10 |
Ransomware gangs, APT groups ditch Cobalt Strike for Brute Ratel (lien direct) |
APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] |
Ransomware
|
|
|
|
2022-07-06 10:47:32 |
US govt warns of Maui ransomware attacks against healthcare orgs (lien direct) |
The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. [...] |
Ransomware
Threat
|
|
|