What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-20 14:44:36 | Royal Dirkzwager Attacked By Play Ransomware Group (lien direct) | The Play ransomware group’s campaign, the most recent in a succession of strikes on the shipping sector, was proven to have affected the Dutch marine transport company Royal Dirkzwager. The company’s CEO, Joan Blaas, who acquired it in October after it declared bankruptcy the previous month, told The Record that the ransomware attack did not […] | Ransomware | ★★ | |
 |
2023-03-20 12:03:29 | LockBit and AlphVM Announce New Victims (lien direct) | >Powered by DarkMirror™ Last week, two notorious ransomware groups added two more names to their... | Ransomware | ★★ | |
 |
2023-03-20 11:53:33 | Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm (lien direct) | >Hitachi Energy has blamed a data breach affecting employees on the recent exploitation of a zero-day vulnerability in Fortra's GoAnywhere solution. | Ransomware Data Breach Vulnerability | ★★ | |
 |
2023-03-20 10:40:00 | UK Ransomware Incident Volumes Surge 17% in 2022 (lien direct) | Jumpsec report identified Karakurt, Lockbit and Vice Society among groups responsible | Ransomware | ★★ | |
 |
2023-03-20 10:00:00 | Italian agency warns ransomware targets known VMware vulnerability (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. News broke in early February that the ACN, Italy’s National Cybersecurity Agency, issued a warning regarding a VMware vulnerability discovered two years ago. Many organizations hadn’t yet patched the issue and became the victims of a new ransomware called ZCryptor. The malicious software wreaked havoc on Italian and European businesses by encrypting users’ files and demanding payment for the data to be unencrypted. The ACN urges VMware users to ensure their systems are backed up and updated with the most recent security patches available. With ransomware on the rise, it’s crucial that businesses take the necessary steps to protect their data and applications. ESXiArgs ransomware attacks Ransomware is a type of malware or malicious software that enables unauthorized users to restrict access to an organization’s files, systems, and networks. But it doesn’t stop there. In exchange for the keys to the kingdom, attackers will typically require a large sum in the form of cryptocurrency. There are many ways that ransomware is executed on a target system. In this case, the attacker infiltrated VMware’s ESXi hypervisor code and held entire servers for ransom. According to reports most victims were required to pay almost $50,000 USD in Bitcoin to restore access to entire business systems. The nature of these attacks lead experts to believe that this is not the work of ransomware gangs, and is more likely being executed by a smaller group of threat actors. But that doesn’t mean the damage was any less alarming. Exploiting known vulnerabilities Hackers were able to infect over 2000 machines in only twenty-four hours on a Friday afternoon before the start of the weekend. But how were they able to work so fast? As soon as software developers and providers publish fixes for specific vulnerabilities, threat actors are already beginning their plan of attack. Fortunately, the ESXiArgs vulnerability was patched two years ago (CVE-2021-21974.) Organizations that have not run this patch are at risk of becoming a victim of the latest ransomware. Unfortunately, Florida’s Supreme Court, the Georgia Institute of Technology, Rice University, and many schools across Hungary and Slovakia have also become victims of this newest ransomware attack. CISA guidance for affected systems The US Cybersecurity and Infrastructure Security Agency (CISA) issued recovery guidance for the 3,800 servers around the world affected by the ESXiArgs ransomware attacks: Immediately update all servers to the latest VMware ESXi version. Disable Service Location Protocol (SLP) to harden the hypervisor. Make sure the ESXi hypervisor is never exposed to the public internet. The CISA also offers a script on its GitHub page to reconstruct virtual machine metadata from unaffected virtual disks. What organi | Ransomware Malware Vulnerability Threat Patching Guideline | ★★★ | |
 |
2023-03-20 09:29:10 | Multicloud et ransomware : attention au " par défaut " (lien direct) | Multicloud et ransomware : attention au " par défaut " Par Jean-Pierre Boushira, VP South EMEA, Benelux & Nordics, Veritas Technologies - Points de Vue | Ransomware | ★★ | |
 |
2023-03-20 07:00:00 | Déplacer, patcher, sortir le chemin: 2022 Exploitation zéro-jour continue à un rythme élevé Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace (lien direct) |
résumé exécutif
mandiant a suivi 55 vulnérabilités zéro jour que nous jugeons ont été exploitées en 2022. Bien que ce décompte soit inférieur à celui du record de 81 81zéro-jours exploités en 2021, il représente toujours presque le double du nombre de 2020.
Les groupes de cyber-espionnage parrainés par l'État chinois ont exploité plus de jours zéro que les autres acteurs de cyber-espionnage en 2022, ce qui est conforme aux années précédentes.
Nous avons identifié quatre vulnérabilités zéro jour exploitées par des acteurs de menace motivés financièrement.75% de ces instances semblent être liées aux opérations de ransomware.
Produits de Microsoft
Executive Summary Mandiant tracked 55 zero-day vulnerabilities that we judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost double the number from 2020. Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years. We identified four zero-day vulnerabilities exploited by financially motivated threat actors. 75% of these instances appear to be linked to ransomware operations. Products from Microsoft |
Ransomware Vulnerability Threat | ★★★ | |
 |
2023-03-18 10:47:00 | LockBit 3.0 Ransomware: Inside the Cyberthreat That\'s Costing Millions (lien direct) | U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs) associated with the notorious LockBit 3.0 ransomware. "The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service (RaaS) model and is a continuation of previous versions of the ransomware, LockBit 2.0, and LockBit," | Ransomware Threat | ★★★ | |
 |
2023-03-17 19:01:27 | The Week in Ransomware - March 17th 2023 - Shifting to data extortion (lien direct) | The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches. [...] | Ransomware Threat | ★★ | |
|
2023-03-17 12:20:58 | Hitachi Energy confirms data breach after Clop GoAnywhere attacks (lien direct) | Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability. [...] | Ransomware Data Breach Industrial | ★★★ | |
 |
2023-03-17 09:58:00 | Free decryptor released for Conti-based ransomware following data leak (lien direct) | Security researchers have released a new decryption tool that should come to the rescue of some victims of a modified version of the Conti ransomware, helping them to recover their encrypted data for free. Conti was one of the most notorious ransomware groups, responsible for hundreds of attacks against organisations, which netted criminals over $150 million. Its victims included the government of Costa Rica which declared a national emergency after systems in multiple departments were severely impacted. However, things began to unravel for the Conti ransomware gang in February 2022, when the... | Ransomware Tool General Information | ★★★ | |
 |
2023-03-16 20:56:00 | Kaspersky releases decryptor for ransomware based on Conti source code (lien direct) |
Cybersecurity firm Kaspersky on Thursday released a decryptor that could help victims who had their data locked down by a version of the Conti ransomware. Kaspersky said the tool can be used on a malware strain that infected dozens of “companies and state institutions” throughout December 2022. Kaspersky did not name the strain, but experts |
Ransomware Malware Tool | ★★ | |
 |
2023-03-16 19:00:00 | Netskope Threat Coverage: BlackSnake Ransomware (lien direct) | >Summary BlackSnake is a ransomware-as-a-service (RaaS) group that first appeared in a hacking forum in August 2022, where the operators were seeking affiliates and stating that they would take 15% of the profit, which is below the typical average of 20-30%. On February 28, 2023, a new variant of BlackSnake was spotted, and is notable […] | Ransomware Threat | ★★★ | |
|
2023-03-16 18:10:58 | BianLian ransomware gang shifts focus to pure data extortion (lien direct) | The BianLian ransomware group has shifted its focus from encrypting its victims' files to only exfiltrating data found on compromised networks and using them for extortion. [...] | Ransomware | ★★ | |
 |
2023-03-16 15:32:00 | BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion (lien direct) | The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said. | Ransomware | ★★★ | |
 |
2023-03-16 14:09:00 | Ransomware Roundup (lien direct) | In this week's Ransomware Roundup, FortiGuard Labs covers the HardBit 2.0 ransomware along with protection recommendations. Learn more. | Ransomware | ★★ | |
|
2023-03-16 14:00:00 | 5 Ways to Fight School Ransomware Attacks (lien direct) | The challenges are steep, but school districts can fight back with planning. | Ransomware | ★★ | |
|
2023-03-16 13:32:05 | Latitude cyberattack leads to data theft at two service providers (lien direct) | Latitude Financial Services (Latitude) has published a notice on its website today informing that it has suffered a ransomware attack that resulted in the theft of some customer data. [...] | Ransomware General Information | ★★ | |
|
2023-03-16 10:10:00 | BEC Volumes Double on Phishing Surge (lien direct) | Business email compromise overtakes ransomware | Ransomware Studies | ★★ | |
 |
2023-03-16 06:33:00 | Royal Mail ransomware attack result of putting profit before security (lien direct) | Pas de details / No more details | Ransomware | ★★★★ | |
 |
2023-03-16 06:11:08 | Threat Trend Report on Region-Specific Ransomware (lien direct) | Background Currently, ransomware creators include individuals, cyber criminal gangs and state-supported groups. Out of these individuals and groups, cyber criminal gangs are the most proactive in ransomware development, while individuals and state-supported groups are less so. Privately developed ransomware is most often for research purposes with the intention of destroying data. Some state-sponsored threat groups also develop ransomware. The purpose of these cases is not for financial gain either but for data destruction, and Wipers, which do not allow recovery,... | Ransomware Threat Prediction | ★★ | |
|
2023-03-15 23:55:25 | ASEC Weekly Malware Statistics (March 6th, 2023 – March 12th, 2023) (lien direct) | AhnLab Security response Center (ASEC) uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from March 6th, 2023 (Monday) to March 12th, 2023 (Sunday). For the main category, Infostealer ranked top with 52.6%, followed by backdoor with 27.6%, downloader with 15.7%, ransomware with 3.0%, CoinMiner with 0.7%, and banking malware with 0.4%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 25.4%. It leaks... | Ransomware Malware | ★★ | |
|
2023-03-15 21:12:00 | Hornetsecurity Launches VM Backup V9 (lien direct) | Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom. | Ransomware | ★★ | |
|
2023-03-15 18:12:47 | Share of Ransomware Funds Being Funneled to Popular Exchanges Soared to 48.3% In 2022 (lien direct) | Share of Ransomware Funds Being Funneled to Popular Exchanges Soared to 48.3% In 2022 - Malware Update | Ransomware | ★★ | |
|
2023-03-15 17:49:06 | WithSecure™: Chinese cyber crime tool acquired by Russian ransomware gangs (lien direct) | WithSecure™: Chinese cyber crime tool acquired by Russian ransomware gangs - Malware Update | Ransomware Tool | ★ | |
|
2023-03-15 17:27:46 | Troisième édition de l\'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares (lien direct) | Troisième édition de l'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares. La nouvelle étude de Cybereason révèle que les attaques par ransomwares et la pénurie de main-d'œuvre sont des leviers pour l'évolution des SOC (centres d'opérations de sécurité) - Investigations | Ransomware Studies | ★★★ | |
|
2023-03-15 17:10:42 | WithSecure : Un outil de piratage chinois acquis par des hackers russes spécialistes du ransomware (lien direct) | WithSecure : Un outil de piratage chinois acquis par des hackers russes spécialistes du ransomware L'outil chinois SILKLOADER est désormais utilisé par des hackers russes. En documentant ce transfert d'outil, WithSecure révèle les coopérations qui ont lieu dans le monde de la cybercriminalité. - Malwares | Ransomware General Information | ★★★ | |
|
2023-03-15 14:50:26 | LockBit ransomware claims Essendant attack, company says “network outage” (lien direct) | LockBit ransomware has claimed a cyber attack on Essendant, a wholesale distributer of office products after a "significant" and ongoing outage knocked the company's operations offline. [...] | Ransomware | ★★ | |
|
2023-03-15 12:17:00 | Ransomware gang exploited a zero-day in Microsoft security feature, Google says (lien direct) |
Financially motivated hackers are using a previously undocumented bug in Microsoft's SmartScreen security feature to spread the Magniber ransomware, according to a new report. The cybercriminals have been able to exploit the zero-day vulnerability in SmartScreen since December, researchers from Google's Threat Analysis Group (TAG) said. The Google team [reported](https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass/) its findings about the bug |
Ransomware Vulnerability Threat Threat | ★★ | |
 |
2023-03-15 11:30:00 | 5 Steps to More Effective Ransomware Response (lien direct) |
|
Ransomware Ransomware | ★★★ | |
|
2023-03-15 09:41:52 | Data Security Firm Rubrik Targeted With GoAnywhere Zero-Day Exploit (lien direct) | >Cybersecurity firm Rubrik has confirmed being hit by the GoAnywhere zero-day exploit after the Cl0p ransomware group named the company on its leak website. | Ransomware | ★★ | |
|
2023-03-14 20:36:00 | Hackers used Fortra zero-day to steal sales data from cloud management giant Rubrik (lien direct) |
Cloud data management giant Rubrik confirmed that hackers attacked the company using a vulnerability in a popular file transfer tool. The Clop ransomware group – which has been the primary force behind the [exploitation of a vulnerability](https://therecord.media/forta-goanywhere-mft-file-transfer-zero-day) affecting Fortra's GoAnywhere Managed File Transfer product – added Rubrik to its list of victims on Tuesday. A |
Ransomware Vulnerability Cloud | ★★ | |
|
2023-03-14 19:58:00 | LockBit Threatens to Leak Stolen SpaceX Schematics (lien direct) | The ransomware group sent a message directly to Elon Musk: Pay or the confidential SpaceX information goes up for grabs on the Dark Web. | Ransomware | ★★★ | |
 |
2023-03-14 19:57:32 | Cancer patient sues medical provider after ransomware group posts her photos online (lien direct) | >The suit comes about six weeks after the ransomware threatened to post sensitive material online if they weren't paid. | Ransomware Medical | ★★★ | |
|
2023-03-14 19:51:27 | CISA Trials Ransomware Warning System for Critical Infrastructure Orgs (lien direct) | An agency team will identify vulnerabilities being exploited by ransomware groups and alert organizations ahead of attacks, CISA says. | Ransomware | ★★ | |
 |
2023-03-14 17:32:00 | Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam (lien direct) |
Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam, and More.
The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android, APT, DLL side-loading, Iran, Linux, Malvertising, Mobile, Pakistan, Ransomware, and Windows. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Xenomorph V3: a New Variant with ATS Targeting More Than 400 Institutions
(published: March 10, 2023)
Newer versions of the Xenomorph Android banking trojan are able to target 400 applications: cryptocurrency wallets and mobile banking from around the World with the top targeted countries being Spain, Turkey, Poland, USA, and Australia (in that order). Since February 2022, several small, testing Xenomorph campaigns have been detected. Its current version Xenomorph v3 (Xenomorph.C) is available on the Malware-as-a-Service model. This trojan version was delivered using the Zombinder binding service to bind it to a legitimate currency converter. Xenomorph v3 automatically collects and exfiltrates credentials using the ATS (Automated Transfer Systems) framework. The command-and-control traffic is blended in by abusing Discord Content Delivery Network.
Analyst Comment: Fraud chain automation makes Xenomorph v3 a dangerous malware that might significantly increase its prevalence on the threat landscape. Users should keep their mobile devices updated and avail of mobile antivirus and VPN protection services. Install only applications that you actually need, use the official store and check the app description and reviews. Organizations that publish applications for their customers are invited to use Anomali's Premium Digital Risk Protection service to discover rogue, malicious apps impersonating your brand that security teams typically do not search or monitor.
MITRE ATT&CK: [MITRE ATT&CK] T1417.001 - Input Capture: Keylogging | [MITRE ATT&CK] T1417.002 - Input Capture: Gui Input Capture
Tags: malware:Xenomorph, Mobile, actor:Hadoken Security Group, actor:HadokenSecurity, malware-type:Banking trojan, detection:Xenomorph.C, Malware-as-a-Service, Accessibility services, Overlay attack, Discord CDN, Cryptocurrency wallet, target-industry:Cryptocurrency, target-industry:Banking, target-country:Spain, target-country:ES, target-country:Turkey, target-country:TR, target-country:Poland, target-country:PL, target-country:USA, target-country:US, target-country:Australia, target-country:AU, malware:Zombinder, detection:Zombinder.A, Android
Cobalt Illusion Masquerades as Atlantic Council Employee
(published: March 9, 2023)
A new campaign by Iran-sponsored Charming Kitten (APT42, Cobalt Illusion, Magic Hound, Phosphorous) was detected targeting Mahsa Amini protests and researchers who document the suppression of women and minority groups i |
Ransomware Malware Tool Vulnerability Threat Guideline Conference | APT 35 ChatGPT ChatGPT APT 36 APT 42 | ★★ |
|
2023-03-14 17:22:00 | The Prolificacy of LockBit Ransomware (lien direct) | Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022. LockBit ransomware was first discovered in September 2019 and was previously known as ABCD ransomware because of the ".abcd virus" extension first | Ransomware Threat | ★★★ | |
|
2023-03-14 16:30:00 | CISA Creates New Ransomware Vulnerability Warning Program (lien direct) | The Agency will warn critical infrastructure entities to enable mitigation before an incident | Ransomware Vulnerability | ★★★ | |
|
2023-03-14 15:34:00 | CISA unveils ransomware warning pilot for critical infrastructure (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) on Monday unveiled an effort that will collect data about commonly exploited vulnerabilities in ransomware attacks and alert critical infrastructure operators of the risks. [The Ransomware Vulnerability Warning Pilot](https://www.cisa.gov/stopransomware/Ransomware-Vulnerability-Warning-Pilot) launched Jan. 30 and was mandated under the sweeping cyber incident reporting [legislation](https://therecord.media/biden-signs-cyber-incident-reporting-bill-into-law) President Joe Biden signed into law |
Ransomware Vulnerability | ★★★ | |
|
2023-03-14 14:14:38 | CISA tests ransomware alert system to safeguard vulnerable organizations (lien direct) | >The Cybersecurity and Infrastructure Security Agency launched a ransomware warning pilot for critical infrastructure owners and operators. | Ransomware | ★★ | |
 |
2023-03-14 13:00:00 | CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears (lien direct) |
CyberheistNews Vol 13 #11 | March 14th, 2023
[Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears
Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes.
I'm giving you a short extract of the story and the link to the whole article is below.
"Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service.
"In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential info, client data, source code, or regulated information to the LLM.
"In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance company.
"And as more employees use ChatGPT and other AI-based services as productivity tools, the risk will grow, says Howard Ting, CEO of Cyberhaven.
"'There was this big migration of data from on-prem to cloud, and the next big shift is going to be the migration of data into these generative apps," he says. "And how that plays out [remains to be seen] - I think, we're in pregame; we're not even in the first inning.'"
Your employees need to be stepped through new-school security awareness training so that they understand the risks of doing things like this.
Blog post with links:https://blog.knowbe4.com/employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears
[New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blockl |
Ransomware Data Breach Spam Malware Threat Guideline Medical | ChatGPT ChatGPT | ★★ |
|
2023-03-14 12:34:00 | Amazon-owned Ring denies \'ransomware event\' following darknet listing (lien direct) |
The smart doorbell and security camera company Ring has denied that it suffered a ransomware attack after the company was listed on a prominent ransomware gang's extortion site. The ALPHV ransomware group, also known as BlackCat, added the listing for Ring to its site late on Monday evening, adding: “There's always an option to let |
Ransomware | ★★★ | |
|
2023-03-14 12:23:00 | Ring Denies Falling Victim to Ransomware Attack (lien direct) | >Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data. | Ransomware | ★★★ | |
|
2023-03-14 10:30:00 | LA Housing Authority Suffers Year-Long Breach (lien direct) | LockBit ransomware group stole data and encrypted files | Ransomware | ★★ | |
|
2023-03-14 10:00:00 | New Study: Ransomware Driving SOC Modernization Requirements (lien direct) |
|
Ransomware | ★★★ | |
|
2023-03-13 23:31:00 | Mallox Ransomware Being Distributed in Korea (lien direct) | AhnLab Security Emergency response Center (ASEC) has recently discovered the distribution of the Mallox ransomware during the team’s monitoring. As covered before, Mallox, which targets vulnerable MS-SQL servers, has historically been distributed at a consistently high rate based on AhnLab’s statistics. The malware disguised as a program related to DirectPlay is a file built in .NET which, as shown in Figure 3, connects to a certain address, downloads additional malware, and runs it in the memory. If this address cannot... | Ransomware Malware | ★★★ | |
|
2023-03-13 15:51:33 | LA housing authority discloses data breach after ransomware attack (lien direct) | The Housing Authority of the City of Los Angeles (HACLA) is warning of a "data security event" after the LockBit ransomware gang targeted the organization and leaked data stolen in the attack. [...] | Ransomware Data Breach | ★★ | |
|
2023-03-13 09:30:00 | Blackbaud Settles $3m Charge Over Ransomware Attack (lien direct) | SEC claims company filed misleading disclosures | Ransomware Guideline | ★★ | |
|
2023-03-12 11:12:06 | Medusa ransomware gang picks up steam as it targets companies worldwide (lien direct) | A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands. [...] | Ransomware | ★★★ | |
|
2023-03-10 17:02:50 | Blackbaud Fined $3M For \'Misleading Disclosures\' About 2020 Ransomware Attack (lien direct) | >Blackbaud has been slapped with a $3 million civil penalty by the SEC for "making misleading disclosures" about a 2020 ransomware attack that impacted more than 13,000 customers. | Ransomware Guideline | ★★ |
To see everything:
Our RSS (filtrered)
