Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-02-14 21:59:11 |
MortalKombat ransomware found punching targets in US, UK, Turkey, Philippines (lien direct) |
Organizations in the U.S. and elsewhere have been hit with the new MortalKombat ransomware, according to researchers at Cisco Talos |
Ransomware
|
|
★★
|
|
2023-02-14 20:54:27 |
Tonga is the latest Pacific Island nation hit with ransomware (lien direct) |
Tonga’s state-owned telecommunications company has been hit with ransomware, it warned customers on Monday. Tonga Communications Corporation (TCC) – one of two telecoms companies in the country – published a notice on Facebook saying the attack may slow down administrative operations. “Ransomware attack has been confirmed to encrypt and lock access to part of TCC's [… |
Ransomware
|
|
★★
|
|
2023-02-14 18:53:13 |
Ransomware attacks on industrial infrastructure doubled in 2022: Dragos (lien direct) |
The number of ransomware attacks on industrial infrastructure grew significantly in 2022, according to cybersecurity firm Dragos |
Ransomware
Industrial
|
|
★★★
|
|
2023-02-14 13:48:55 |
ALPHV (BlackCat) ransomware gang claims attack on Irish university (lien direct) |
A darkweb post by the ALPHV ransomware group purports to include employee records from Munster Technological University |
Ransomware
|
|
★★
|
|
2023-02-13 21:03:20 |
Israel\'s top tech university postpones exams after ransomware attack (lien direct) |
Hackers from a previously unknown group called DarkBit demanded about $1.7 million from the Technion technical university. |
Ransomware
|
|
★★
|
|
2023-02-10 21:43:54 |
City of Oakland hit with ransomware attack, but says \'core functions\' are intact (lien direct) |
The City of Oakland confirmed reports that its networks had been hit with ransomware after rumors emerged online that several agencies were having issues with systems on Thursday. City officials did not respond to requests for comment but released a statement on Friday afternoon saying the ransomware attack began on Wednesday night. “The Information Technology […] |
Ransomware
|
|
★★
|
|
2023-02-10 21:09:22 |
More than 18,500 ESXi servers still vulnerable to VMware bug behind initial ransomware spree (lien direct) |
Rapid7 said 18,581 VMware ESXi servers are still exposed to CVE-2021-21974 - a 2-year-old bug being exploited by the ESXiArgs ransomware |
Ransomware
|
|
★★
|
|
2023-02-10 19:45:08 |
December ransomware attack leads to massive data breach from California health network (lien direct) |
Facilities within California's Heritage Provider Network reported a data breach related to a ransomware attack in December |
Ransomware
Data Breach
Guideline
|
Heritage
Heritage
|
★★★
|
|
2023-02-09 22:25:22 |
Mount Saint Mary College confirms December ransomware attack (lien direct) |
Mount Saint Mary College – a liberal arts college in New York – confirmed it experienced a ransomware attack in December after a cybercrime group publicly shared details about the incident this week. The Vice Society ransomware gang, a group known for dozens of attacks on K-12 schools as well as colleges and universities, claimed [… |
Ransomware
|
|
★★
|
|
2023-02-09 13:34:05 |
Britain and US make major move against ransomware gangs by sanctioning seven individuals (lien direct) |
The sanctions documents formally link the Conti and Ryuk ransomware gangs and the Trickbot banking trojan to a single criminal organization |
Ransomware
|
|
★
|
|
2023-02-08 17:14:52 |
CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel (lien direct) |
CISA adapted work by two Turkish developers into a script for recovering files affected by ESXiArgs ransomware without having to decrypt them |
Ransomware
|
|
★★★★
|
|
2023-02-08 00:34:48 |
First Linux variant of Clop ransomware targeted universities, colleges but was flawed (lien direct) |
The first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims. SentinelOne researcher Antonis Terefos said his team observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on December 26. Clop has existed since about 2019, targeting large companies, financial institutions, [… |
Ransomware
Tool
|
|
★★
|
|
2023-02-07 21:17:45 |
Russian crypto exchange exec pleads guilty to laundering Ryuk ransomware funds (lien direct) |
A Russian man pleaded guilty on Monday in an Oregon court on charges related to laundering funds for the Ryuk ransomware group. Denis Dubnikov was arrested in November 2021 in the Netherlands before being extradited to the U.S. last August. Prosecutors accused him, along with 13 co-conspirators whose names were redacted in a federal indictment, [… |
Ransomware
Guideline
|
|
★★★
|
|
2023-02-07 19:19:38 |
House approves cybersecurity research bill focused on energy infrastructure (lien direct) |
The U.S. House of Representatives on Monday passed a bill that would provide funding for cybersecurity research with a focus on protecting the country's energy infrastructure. The Energy Cybersecurity University Leadership Act - inspired by the ransomware attack on Colonial Pipeline and several other incidents - proposes grants and other forms of funding to graduate [… |
Ransomware
Guideline
|
|
★★★
|
|
2023-02-07 14:18:24 |
LockBit ransomware group threatens Royal Mail with data leak deadline (lien direct) |
The LockBit cybercriminals told the British mail service it has until February 9 to pay up to protect data apparently stolen in January |
Ransomware
|
|
★★★
|
|
2023-02-06 14:28:11 |
\'Massive\' new ESXiArgs ransomware campaign has compromised thousands of victims (lien direct) |
Thousands of servers running an unpatched version of VMware's ESXi product are vulnerable to ransomware, researchers say |
Ransomware
|
|
★★
|
|
2023-02-02 15:54:42 |
QNAP warns of new bug prompting worries of potential Deadbolt ransomware exploitation (lien direct) |
QNAP is warning customers to update their devices after a vulnerability was discovered making thousands of devices susceptible to attack |
Ransomware
Vulnerability
|
|
★★
|
|
2023-02-02 13:57:35 |
Ransomware gang attempts to extort UK school by posting files about at-risk children (lien direct) |
The Vice Society group apparently posted files that included safeguarding reports, which record information about at-risk students |
Ransomware
|
|
★★
|
|
2023-02-01 18:46:19 |
\'Global markets\' impacted by ransomware attack on financial software company (lien direct) |
A ransomware attack on Dublin-based software company ION Group has impacted the trading of financial derivatives on international markets. ION Group describes itself as enabling “financial institutions, central banks and corporations to digitize and automate their most business critical processes.” A pop-up notice on its site on Wednesday warned that “a cybersecurity event” that struck [… |
Ransomware
|
|
★★★
|
|
2023-02-01 17:12:21 |
K-12 schools in Tucson, Nantucket respond to cyberattacks (lien direct) |
The disruptions to school networks in Arizona and Massachusetts follow a string of similar K-12 ransomware incidents |
Ransomware
|
|
★★
|
|
2023-01-31 19:00:45 |
LockBit takes credit for November ransomware attack on Sacramento PBS station (lien direct) |
The LockBit ransomware group this week said it was responsible for a November ransomware attack on a public broadcasting affiliate in Sacramento, California. The high-profile cybercrime gang made the claim on the dark web site where it leaks victims’ data. The PBS station KVIE announced the attack on November 23, noting that some of its [… |
Ransomware
|
|
★★★
|
|
2023-01-31 14:01:13 |
British government minister told council to keep quiet after ransomware attack (lien direct) |
An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a “catastrophic” ransomware attack two years ago, a parliamentary committee was told on Monday. The pressure from central government to not discuss the impact of the attack “caused us a lot of issues,” said [… |
Ransomware
Guideline
|
|
★★
|
|
2023-01-30 22:00:28 |
Ransomware attack on Indianapolis Housing Agency leaks sensitive info on 200,000 residents (lien direct) |
The Indianapolis Housing Agency is notifying more than 200,000 people that their information, including Social Security numbers and more, was leaked during a ransomware attack in that began in September. The federally-funded agency is responsible for providing housing to low-income tenants across Indianapolis. It did not respond to requests for comment in October when the [… |
Ransomware
|
|
★★★
|
|
2023-01-27 20:45:09 |
Ransomware experts laud Hive takedown but question impact without arrests (lien direct) |
The Justice Department’s splashy announcement of the takedown of the Hive ransomware group’s infrastructure on Thursday was reminiscent of other recent high-profile operations against the scourge of ransomware. But the details of the operation set it apart from other ransomware group takedowns in recent years. FBI Director Christopher Wray said agents with the FBI's Tampa [… |
Ransomware
|
|
★★
|
|
2023-01-26 17:25:14 |
\'We hacked the hackers:\' DOJ, FBI take down Hive ransomware after spending months inside gang systems (lien direct) |
The FBI and Justice Department took down the infrastructure of the Hive ransomware group on Thursday, announcing that their agents had been inside the group's systems since July 2022. FBI Director Christopher Wray said agents gained “clandestine, persistent access” to the control panel used by Hive operators seven months ago, allowing them to identify victims [… |
Ransomware
|
|
★★★★
|
|
2023-01-26 13:48:34 |
Royal Mail nearly back to full operations following ransomware attack (lien direct) |
Royal Mail is close to resuming full operations just two weeks after a ransomware attack caused “severe service disruption,” marking a victory for British cyber authorities who have stressed the importance of recovery as well as resistance to combat the impact of attacks. The British postage and courier company's ability to dispatch parcels and letters [… |
Ransomware
|
|
★★
|
|
2023-01-24 14:51:01 |
Ohio town working to restore municipal court systems after cyberattack (lien direct) |
An Ohio town is investigating a cyberattack that has brought down the systems used by their court and may have accessed sensitive data. Circleville Municipal Court told The Record that it recently discovered a cyberattack requiring its IT department to work with outside cybersecurity professionals. A spokesperson would not confirm whether the incident involved ransomware [… |
Ransomware
|
|
★★
|
|
2023-01-23 16:27:09 |
Los Angeles Unified School District confirms SSNs leaked in September ransomware attack (lien direct) |
The Los Angeles Unified School District (LAUSD) sent out breach notification letters to an unknown number of contractors in recent days notifying them that sensitive information – including Social Security numbers – was leaked during a wide-ranging cyberattack last year. The school district said an investigation revealed that from July 31 until September 3 hackers [… |
Ransomware
|
|
★★★
|
|
2023-01-23 14:14:16 |
International Counter Ransomware Task Force kicks off (lien direct) |
An international counter-ransomware task force first announced at a White House event in November officially commenced operations on Monday, according to the Australian government which is the inaugural chair of the group. The International Counter Ransomware Task Force's (ICRTF) operations are intended to drive collaboration among a coalition of 36 member states and the European [… |
Ransomware
|
|
★★
|
|
2023-01-23 14:03:32 |
PLAY ransomware group claims attack on Arnold Clark, one of Britain\'s largest car dealerships (lien direct) |
Sensitive personal data allegedly stolen from Arnold Clark, one of the United Kingdom's largest car dealerships, has been posted online by the PLAY ransomware group. The company had claimed in a Tweet on January 3 to have protected customer data after it discovered suspicious traffic on its network back in December, although it did not [… |
Ransomware
|
|
★★
|
|
2023-01-20 20:13:31 |
Electronic health record giant NextGen dealing with cyberattack (lien direct) |
Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims. The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada. On [… |
Ransomware
|
|
★★
|
|
2023-01-20 10:30:43 |
Costa Rica\'s Ministry of Public Works and Transport crippled by ransomware attack (lien direct) |
Costa Rica's government has suffered another ransomware attack just months after several ministries were crippled in a wide-ranging attack by hackers using the Conti ransomware. On Tuesday, Costa Rica's Ministry of Public Works and Transport (MOPT) said in a statement that 12 of its servers were encrypted. Cybersecurity experts from the National Security Directorate and [… |
Ransomware
|
|
★★
|
|
2023-01-19 14:08:02 |
Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut (lien direct) |
A ransomware attack closed nearly 300 fast-food restaurants in the United Kingdom, according to a statement from Yum! Brands published late Wednesday evening. Yum! Brands, an American company which owns KFC, Pizza Hut and Taco Bell, stated “certain information technology systems” were impacted in the incident. Data was taken from the company's network, the statement [… |
Ransomware
|
|
★★★
|
|
2023-01-19 13:24:22 |
Royal Mail trials \'operational workarounds\' following suspected ransomware attack (lien direct) |
Royal Mail, the British postage and courier company, said on Wednesday evening it was “trialing operational workarounds” to get services moving again following a suspected ransomware attack. The company announced it had been impacted by a “cyber incident” last week, although it has not confirmed that the incident was a ransomware attack. The Record has [… |
Ransomware
|
|
★★★
|
|
2023-01-19 13:00:00 |
Ransomware revenue fell by $300 million in 2022 as more victims refuse to pay: report (lien direct) |
Revenues brought in from ransomware attacks fell from $765.6 million in 2021 to $456.8 million in 2022, according to a new report. Experts from blockchain research firm Chainalysis attributed the drop to a variety of factors, most notably that more victims are simply refusing to pay up when threatened by criminal groups. The company tracks [… |
Ransomware
|
|
★★★★
|
|
2023-01-18 19:11:10 |
Law enforcement takes down crypto exchange allegedly used to launder $15 million in ransomware payments (lien direct) |
The Russian co-founder of a cryptocurrency exchange allegedly used to launder cybercrime proceeds was arrested early Wednesday morning in Miami, the Department of Justice announced. The arrest of Anatoly Legkodymov, who is charged with “unlicensed money transmitting,” is “a significant blow to the cryptocrime ecosystem,” Deputy Attorney General Lisa Monaco said. The exchange, Bitzlato, is [… |
Ransomware
|
|
★★
|
|
2023-01-17 21:06:07 |
Vice Society ransomware gang claims attack on one of Germany\'s largest universities (lien direct) |
The Vice Society ransomware group said it was responsible for a November attack against one of Germany's largest universities. The University of Duisburg-Essen in the country's North Rhine-Westphalia region was forced to shut down its entire IT infrastructure and disconnect it from the network following the incident. The university has 12 departments and about 43,000 [… |
Ransomware
|
|
★★★
|
|
2023-01-17 16:30:18 |
Ransomware attack on maritime software impacts 1,000 ships (lien direct) |
About 1,000 vessels have been affected by a ransomware attack against a major software supplier for ships. Oslo-based DNV – one of the world's largest maritime organizations – said it was hit with ransomware on the evening of January 7 and was forced to shut down the IT servers connected to their ShipManager system. “DNV [… |
Ransomware
|
|
★★
|
|
2023-01-16 05:00:03 |
Ransomware Diaries: Undercover with the Leader of Lockbit (lien direct) |
An unusual announcement appeared in Russian Dark Web forums in June of 2020. Amid the hundreds of ads offering stolen credit card numbers and batches of personally identifiable information there was a Call for Papers. “We're kicking off the summer PAPER CONTEST,” it read. “Accepted article topics include any methods for popuring shells, malware and [… |
Ransomware
Malware
Guideline
|
|
★★★
|
|
2023-01-12 20:34:59 |
Nakasone: Foreign surveillance program helped fend off cyberattacks (lien direct) |
NSA Director Gen. Paul Nakasone said Thursday that the special targeted internet surveillance program for non-U.S. citizens known as Section 702 has played an “irreplaceable” role in helping the agency fend off ransomware attacks and prevent weapons components from reaching adversaries, as well as being used to identify threats to U.S. troops. “702 has helped [… |
Ransomware
|
|
★★★
|
|
2023-01-11 17:24:01 |
The Guardian confirms criminals accessed staff data in ransomware attack (lien direct) |
The Guardian has confirmed that the cyber incident it experienced in December was a criminal ransomware attack and that the attackers are believed to have accessed staff data. An email detailing the attack, seen by The Record, explains that the newspaper “detected suspicious activity on our networks on Tuesday 20th December, resulting in our decision [… |
Ransomware
|
|
★★
|