What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-01-08 12:39:58 | Le prêteur hypothécaire américain LOANDEPOT confirme l'attaque des ransomwares US mortgage lender loanDepot confirms ransomware attack (lien direct) |
Le principal prêteur hypothécaire américain, Loandepot, a confirmé aujourd'hui qu'un cyber-incident divulgué au cours du week-end était une attaque de ransomware qui a conduit au chiffrement des données.[...]
Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. [...] |
Ransomware | ★★ | |
 |
2024-01-08 11:11:45 | MasterCard Data Fuite, nouveau ransomware entièrement indétectable, fuite de code source de voleur insaisissable, et plus Mastercard Data Leak, New Fully Undetectable Ransomware, Elusive Stealer Source Code Leak, and More (lien direct) |
Dans les découvertes récentes dans le paysage du cyber-menace, l'équipe Web Socradar Dark a identifié ...
In recent discoveries across the cyber threat landscape, the SOCRadar Dark Web Team has identified... |
Ransomware Threat | ★★ | |
 |
2024-01-08 11:00:00 | Le siège de botnet: comment votre grille-pain pourrait renverser une société The Botnet siege: How your toaster could topple a corporation (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In addition to the overt signs of cyber threats we\'ve become conditioned to recognize, like ransomware emails and strange login requests, malicious actors are now utilizing another way to achieve their nefarious purposes — by using your everyday devices. These hidden dangers are known as botnets. Unbeknownst to most, our everyday devices, from toasters to smart fridges, can unwittingly be enlisted as footsoldiers in a digital army with the potential to bring down even corporate giants. This insidious force operates in silence, escaping the notice of even the most vigilant users. A recent report by Nokia shows that criminals are now using these devices more to orchestrate their attacks. In fact, cyber attacks targeting IoT devices are expected to double by 2025, further muddying the already murky waters. Let us go to the battlements of this siege, and we’ll tackle the topic in more depth. What is a botnet? Derived from the words “robot” and "network.", a botnet refers to a group of devices that have been infected with malicious software. Once infected, these devices are controlled remotely by a central server and are often used to carry out malicious activities such as cyber attacks, espionage, financial fraud, spam email campaigns, stealing sensitive information, or simply the further propagation of malware. How does a botnet attack work? A botnet attack begins with the infection of individual devices. Cybercriminals use various tactics to compromise these devices, such as sending malicious emails, exploiting software vulnerabilities, or tricking users into downloading malware. Everyday tech is notoriously prone to intrusion. The initial stages of building a botnet are often achieved with deceptively simple yet elegant tactics. Recently, a major US energy company fell prey to one such attack, owing to hundreds of phishing emails. By using QR code generators, the attacks combined two seemingly benign elements into a campaign that hit manufacturing, insurance, technology, and financial services companies, apart from the aforementioned energy companies. This new attack vector is now being referred to as Quishing — and unfortunately, it’s only going to become more prevalent. Once a device has been compromised, it becomes part of the botnet. The cybercriminal gains control over these infected devices, which are then ready to follow the attacker\'s commands. The attacker is then able to operate the botnet from a central command-and-control server to launch various types of attacks. Common ones include: Distributed denial-of-service (DDoS). The botnet floods a target website or server with overwhelming traffic, causing it to become inaccessible to legitimate users. Spam emails. Bots can be used to send out massive volumes of spam emails, often containing phishing scams or malware. Data theft. Botnets can steal sensitive information, such as login credentials or personal data, from the infected devices. Propagation. S | Ransomware Spam Malware Vulnerability Threat | ★★ | |
|
2024-01-08 10:53:33 | Capital Health Attack revendiqué par Lockbit Ransomware, risque de fuite de données Capital Health attack claimed by LockBit ransomware, risk of data leak (lien direct) |
L'opération de ransomware de Lockbit a revendiqué la responsabilité d'une cyberattaque de novembre 2023 sur le réseau hospitalier de la santé Capital et menace de divulguer les données volées et les chats de négociation d'ici demain.[...]
The Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...] |
Ransomware | ★★★ | |
 |
2024-01-08 08:45:00 | L'attaque des ransomwares de la bibliothèque britannique pourrait coûter jusqu'à & livre; 7m British Library ransomware attack could cost up to £7m (lien direct) |
Pas de details / No more details | Ransomware | ★★ | |
 |
2024-01-05 22:45:00 | Universités, écoles de la maternelle à la 12 Universities, K-12 schools still recovering from cyber incidents over holiday season (lien direct) |
Les universités et les écoles primaires du monde entier ont traité des cyber-incidents et des attaques de ransomwares au cours du dernier mois alors que les pirates ont ciblé les équipes informatiques à personnel légèrement au fil des fêtes.Jeudi, l'Université Memorial de Terre-Neuve a averti qu'un incident de cybersécurité annoncé Le 31 décembre causerait des problèmespour «au moins quelques semaines».L'école,
Universities and grade schools across the world have dealt with cyber incidents and ransomware attacks over the last month as hackers targeted lightly-staffed IT teams over the holiday season. On Thursday, Memorial University in Newfoundland warned that a cybersecurity incident announced on December 31 would cause issues for “at least a few weeks.” The school, |
Ransomware | ★★ | |
 |
2024-01-05 21:54:33 | Après hôpital de cancer paralysant avec des ransomwares, les crimes menacent de SWAT des patients After crippling cancer hospital with ransomware, crims threaten to swat patients (lien direct) |
Rappelez-vous le bon vieux temps où les escrocs des ransomwares ont promis de ne pas infecter les centres médicaux? Les extorqueurs menacent maintenant de SWAT Hospital Patients - appelant des menaces de bombe ou d'autres faux rapports à la police si fortement armés montrent que les flics armés montrentchez les victimes \\ 'Homes - Si les centres médicaux ne paient pas les escrocs \' ransom.…
Remember the good old days when ransomware crooks vowed not to infect medical centers? Extortionists are now threatening to swat hospital patients - calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims\' homes - if the medical centers don\'t pay the crooks\' ransom demands.… |
Ransomware Threat Medical | ★★★★ | |
 |
2024-01-05 21:50:00 | Vente d'incendie: le code source du ransomware Zeppelin se vend 500 $ sur Dark Web Fire Sale: Zeppelin Ransomware Source Code Sells for $500 on Dark Web (lien direct) |
L'acheteur pourrait utiliser le code pour redémarrer le fonctionnement du Ransomware-as-a-A-Service.
The buyer could use the code to restart the up to now all-but defunct Zeppelin ransomware-as-a-service operation. |
Ransomware | ★★★ | |
 |
2024-01-05 13:56:46 | Dans d'autres nouvelles: US Ransomware Attacks, 23andMe blâme les victimes, la tentative de piratage des déchets nucléaires In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt (lien direct) |
> Des histoires remarquables qui auraient pu glisser sous le radar: Rapport sur les attaques de ransomwares américaines, 23andMe blâme les victimes du piratage, la société de déchets nucléaires ciblée.
>Noteworthy stories that might have slipped under the radar: report on US ransomware attacks, 23andMe blames victims for hack, nuclear waste company targeted. |
Ransomware Hack | ★★★ | |
 |
2024-01-05 06:00:31 | 2023 Année en revue: versions de contenu axées sur les menaces pour la sensibilisation à la sécurité 2023 Year in Review: Threat-Driven Content Releases for Security Awareness (lien direct) |
As a new year approaches, it is natural to reflect on recent accomplishments. At Proofpoint, we are reflecting on our work to deliver security awareness content and updated features in line with our ongoing goal to drive behavior change. Proofpoint Security Awareness integrates our rich threat intelligence, which means it taps into current and emerging attacks. Our threat analysts surface threat trends, such as artificial intelligence (AI)-enhanced vishing, malicious QR codes and remote IT support scams. And then we work quickly to release new training features and awareness material to ensure inform security administrators and educate employees about ever-evolving attacks. In 2023, our content releases focused on three areas: Delivering a threat-driven program Improving how security awareness administrators work Enhancing how people learn Let\'s review the past year and explore how Proofpoint used content releases to respond to the changing threat landscape. Image from AI Chatbot Threats training (play video). Quick turnaround for threat trends Proofpoint Security Awareness alerts customers to threats in two powerful ways-Threat Alerts and Attack Spotlights. It also continuously trains employees with threat-driven training modules. Threat Alerts These weekly releases focus on a specific and current ongoing attack. They explain what the threat is and who it might target. And they describe a specific lure, if applicable. Each alert is linked to activity that our threat analysts see happening in the wild. We recommend applicable training like simulated phishing and awareness material and include suggested email messaging. In 2023, we released Threat Alerts on: IRS-themed phishing lures for tax season (February, March, April) AI-enhanced vishing calls that impersonate loved ones (March) Malicious QR codes for credential phishing (May, August) Telephone-oriented attack delivery (TOAD) using a Geek Squad PDF lure (July, October) Charity donation scams around the Israel-Palestine crisis (October) Christmas party lures for credential phishing (November) Attack Spotlights These monthly releases cast a wider lens on attack types. They focus on a time-based or reoccurring threat that is expected to trend, typically related to holidays, travel seasons or shopping events. Each spotlight is released a month in advance with a campaign plan, awareness material and training modules, and is available in 12 core languages. In 2023, Proofpoint published these Attack Spotlight campaigns: Smishing with package delivery lures (February) Business email compromise (BEC) phishing with requests for quotations (RFQs) (April) LinkedIn phishing lures (May) Amazon phishing lures (June) Remote IT support scams (September) Gift card scams (December) Image from Attack Spotlight video (play video). Threat modules These training videos are relevant to the changing threat landscape. They are inspired by our threat intelligence and our team\'s threat landscape research. These micro-learning modules are grounded in learning science principles that are designed to drive behavior change. Each module has a concise and specific learning objective. The delivery of content is tailored to individual factors such as a person\'s role, learning style, vulnerability level and preferred language. In 2023, we covered these topics in our new threat training modules: Data loss protection AI chatbot threats Amazon phishing scams Cryptocurrency investment scams QR code dangers Multifactor authentication (MFA) Image from Threat Module video (play video). Staying ahead of generative AI attacks AI-powered systems are promoted as tools to help us work faster, and they are transforming businesses and industries. This wide-reaching access can create security risks from potential data breaches to concerns over user privacy. Your employees need to be aware of the limitations and risks of using AI-powered tools, especiall | Ransomware Tool Vulnerability Threat Studies Prediction Cloud | ★★★★ | |
|
2024-01-04 11:46:32 | Estes Express Lines indique que les données personnelles ont été volées dans une attaque de ransomware Estes Express Lines Says Personal Data Stolen in Ransomware Attack (lien direct) |
> Estes Express Lines informe plus de 21 000 personnes que leurs informations personnelles ont été volées dans une attaque de ransomware.
>Estes Express Lines is informing over 21,000 individuals that their personal information was stolen in a ransomware attack. |
Ransomware | ★★★ | |
 |
2024-01-04 10:30:00 | Les experts s'affrontent sur l'interdiction de paiement des ransomwares Experts Clash Over Ransomware Payment Ban (lien direct) |
Emsisoft a appelé à une interdiction complète des paiements des ransomwares après une autre année record d'attaques
Emsisoft has called for a complete ban on ransomware payments after another record-breaking year of attacks |
Ransomware | ★★★ | |
|
2024-01-03 22:08:00 | Ransomware Group affirme la cyber violation de la filiale de Xerox Ransomware Group Claims Cyber Breach of Xerox Subsidiary (lien direct) |
Après que le personnel de la cybersécurité de Xerox a découvert la violation, ils ont amené des experts tiers pour enquêter.
After Xerox cybersecurity personnel discovered the breach, they brought in third-party experts to investigate. |
Ransomware | ★★ | |
|
2024-01-03 16:46:00 | \\ 'Black Basta Buster \\' exploite le bogue du ransomware pour la récupération de fichiers \\'Black Basta Buster\\' Exploits Ransomware Bug for File Recovery (lien direct) |
Un outil permet désormais que les fichiers de victime chiffrés par le gang Black Basta Cybercriminal soient entièrement ou partiellement récupérables, selon leur taille.
A tool now allows for victim files encrypted by the Black Basta cybercriminal gang to be fully or partially recoverable, depending on their size. |
Ransomware Tool | ★★ | |
 |
2024-01-03 15:57:52 | Ransomware Lockbit 3.0 perturbe les soins d'urgence dans plusieurs hôpitaux allemands Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals (lien direct) |
|
Ransomware | ★★ | |
|
2024-01-03 13:15:14 | Bien reçu?Xerox confirme \\ 'Incident de sécurité \\' à la filiale Copy that? Xerox confirms \\'security incident\\' at subsidiary (lien direct) |
Company\'s removal from ransomware gang\'s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INCRansom a affirmé avoir exfiltré les données du copiant et du géant imprimé.…
Company\'s removal from ransomware gang\'s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.… |
Ransomware | ★★ | |
|
2024-01-03 10:32:59 | Xerox confirme la violation des données à la filiale américaine après une attaque de ransomware Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack (lien direct) |
> Xerox dit que les informations personnelles ont été volées dans une cyberattaque chez US Filiale Xerox Business Solutions.
>Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions. |
Ransomware Data Breach | ★★ | |
|
2024-01-03 10:15:00 | Xerox Business Solutions révèle une rupture de sécurité Xerox Business Solutions Reveals Security Breach (lien direct) |
L'imagerie géante Xerox dit qu'elle a subi un incident de sécurité, car Ransomware Group Inc Ransom revendique le cuir chevelu
Imaging giant Xerox says it suffered a security incident, as ransomware group INC Ransom claims scalp |
Ransomware | ★★ | |
|
2024-01-03 08:30:08 | Interdiction officielle des paiements de ransomwares?Demander des orgs bien de ne pas cracher Formal ban on ransomware payments? Asking orgs nicely to not cough up ain\\'t working (lien direct) |
Avec la demande moyenne atteignant 1,5 million de dollars, quelque chose que \\ a changé Emsisoft a appelé à une interdiction complète des paiements de rançon après une autre année record d'extorsion numérique.… | Ransomware | ★★ | |
 |
2024-01-02 23:46:43 | Détection de la reconnaissance interne dans les environnements de domaine en utilisant EDR Detection of Internal Reconnaissance in Domain Environments Using EDR (lien direct) |
Alors que les acteurs de la menace peuvent augmenter les bénéfices en installant des co -miners ouUn logiciel malveillant de porte dérobée ou de rat pour prendre le contrôle du système infecté.Les infostelleurs sont utilisés dans le but de voler des informations sur les utilisateurs dans le système, mais parfois, ils sont utilisés pour obtenir des données qui peuvent être utilisées pour prendre le contrôle du système cible afin d'installer finalement des co -miners ou des ransomwares.Cela peut ne pas être important si l'attaque cible ...
While threat actors can raise a profit by installing CoinMiners or ransomware strains after initial access, they often first install a backdoor or RAT malware to seize control over the infected system. Infostealers are used for the purpose of stealing user information in the system, but sometimes, they are used to obtain data that can be utilized in gaining control over the target system to ultimately install CoinMiners or ransomware. This may not be of significance if the attack target... |
Ransomware Malware Threat | ★★★ | |
|
2024-01-02 19:15:00 | Les pirates abritent la base de données d'audience du tribunal australien Hackers breach Australian court hearing database (lien direct) |
Le système judiciaire de l'Australie \\ a été frappé par une attaque de ransomwares qui a potentiellement exposé des enregistrements sensibles de certaines audiences judiciaires.Les services judiciaires Victoria (CSV), un organe administratif qui soutient les opérations des tribunaux dans l'État de Victoria, ont détecté l'attaque le 21 décembre. L'incident a conduit à la perturbation de la
The court system for Australia\'s second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria (CSV), an administrative body that supports the operations of the courts in the state of Victoria, detected the attack on December 21. The incident led to the disruption of the |
Ransomware | ★★ | |
|
2024-01-02 19:14:00 | La chaîne suédoise des supermarchés Coop répond à la cyberattaque Swedish supermarket chain Coop responds to cyberattack (lien direct) |
Coop, l'une des plus grandes chaînes de supermarchés de Suède, a déclaré qu'elle s'occupait d'une cyberattaque affectant les magasins du comté de V & Auml; Rmland.Un gang de ransomware nommé cactus a affirmé Coop V & Auml; Rmland était la cible de l'attaque.Coopérative
Coop, one of Sweden\'s largest supermarket chains, said it is dealing with a cyberattack affecting stores in the county of Värmland. A ransomware gang named Cactus claimed it attacked the company on December 29 and in a statement to Recorded Future News, a spokesperson explained that Coop Värmland was the target of the attack. Coop |
Ransomware | ★★★ | |
 |
2024-01-02 19:02:10 | Cybersecurity-Vorhersagen für 2024 (lien direct) | le n & auml;Obligation obligatoire, ransomware, gestion des secrets, informatique quantique et Verschle post-Quantum & Uuml;
-
rapports spéciaux
/ /
affiche
Das nächste Jahr wird in der Cybersicherheitsbranche aus Sicht von Thales von fünf großen Trends geprägt sein: Der Suche nach Standards und Verantwortlichen für die Rechenschaftspflicht, Ransomware, Secrets-Management, Quantencomputing und Post-Quantenverschlüsselung. - Sonderberichte / affiche |
Ransomware | ★ | |
|
2024-01-02 16:15:13 | Les audiences des tribunaux deviennent un préoccupation des ransomwares après la violation du système judiciaire Court hearings become ransomware concern after justice system breach (lien direct) |
De la procédure judiciaire au potentiel de fourrage YouTube Le système judiciaire de Victoria, en Australie, a été soumis à une attaque de ransomware présumée dans laquelle les enregistrements audiovisuels des audiences judiciaires peuvent être accessibles.… | Ransomware | ★★★ | |
|
2024-01-02 14:38:00 | Après les réclamations des ransomwares, Xerox dit que la filiale a frappé avec cyberattaque After ransomware claims, Xerox says subsidiary hit with cyberattack (lien direct) |
Xerox a déclaré qu'une filiale avait affaire à une cyberattaque qui pourrait avoir impliqué le vol d'informations personnelles.La semaine dernière, un gang de ransomware nommé Inc a réclamé .xerox.com / news / xerox-liases-quarter-and-full-year-résults "> gagné plus de 7 milliards de dollars en 2022 de la vente d'imprimantes dans plus de 160 pays.Interrogé sur les affirmations, un porte-parole de Xerox
Xerox said a subsidiary is dealing with a cyberattack that may have involved the theft of personal information. Last week a ransomware gang named INC claimed it attacked the company - which earned over $7 billion in 2022 from selling printers in more than 160 countries. When asked about the claims, a spokesperson for Xerox |
Ransomware | ★★ | |
|
2024-01-02 14:01:37 | Collections de musées en ligne après la cyberattaque sur le fournisseur de services Online museum collections down after cyberattack on service provider (lien direct) |
Les systèmes Gallery Systems du fournisseur de solutions de logiciels de musée ont révélé que ses pannes informatiques en cours étaient causées par une attaque de ransomware la semaine dernière.[...]
Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week. [...] |
Ransomware | ★★★ | |
|
2024-01-02 12:29:40 | Xerox affirme que la filiale XB Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data (lien direct) |
La division américaine de Xerox Business Solutions (XBS) a été compromise par des pirates, et une quantité limitée d'informations personnelles pourrait avoir été exposée, selon une annonce par la société mère, Xerox Corporation.[...]
The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers, and a limited amount of personal information might have been exposed, according to an announcement by the parent company, Xerox Corporation. [...] |
Ransomware | ★★ | |
|
2024-01-02 10:47:45 | Les enregistrements de la Cour de Victoria ont été exposés dans une attaque de ransomware signalée Victoria court recordings exposed in reported ransomware attack (lien direct) |
Les services judiciaires d'Australie (CSV) ont averti que les enregistrements vidéo des audiences judiciaires ont été exposés après avoir subi une attaque de Ransomware de Qilin.[...]
Australia\'s Court Services Victoria (CSV) is warning that video recordings of court hearings were exposed after suffering a reported Qilin ransomware attack. [...] |
Ransomware | ★★★ | |
|
2024-01-02 10:33:20 | Profil Web sombre: ransomware de cactus Dark Web Profile: Cactus Ransomware (lien direct) |
> Une nouvelle plante a grandi dans le désert des cybermenaces, maniant ses épines à ...
>A new plant has grown in the desert of cyber threats, wielding its thorns to... |
Ransomware | ★★ | |
|
2024-01-02 09:30:00 | Black Basta Ransomware Decryptor publié Black Basta Ransomware Decryptor Published (lien direct) |
Les chercheurs de SRLABS ont révélé une nouvelle suite d'outils de décryptage pour Black Basta Ransomware
Researchers at SRLabs have revealed a new suite of decryption tools for Black Basta ransomware |
Ransomware Tool | ★★ | |
|
2024-01-02 08:41:00 | 6 Exigences d'assurance cybersécurité Votre entreprise doit être prête à répondre 6 Cybersecurity Insurance Requirements Your Business Should Be Ready To Meet (lien direct) |
Every year, more companies are finding out firsthand how damaging a cyberattack can be. Research for the 2023 State of the Phish report from Proofpoint found that 30% of companies that were successfully attacked experienced a direct monetary loss. That\'s an increase of 76% year over year. And costs for these attacks are rising. IBM reports that the global average cost of a data breach went up by 15% over the last three years, hitting $4.45 million in 2023. Concerns about costs and risks mean that more companies than ever are buying cyber insurance. A World Economic Forum survey found that 71% of organizations have cyber insurance. And Allied Market Research projects that the global cyber insurance market, which is currently valued at $12.5 billion, will reach $116.7 billion by 2032. Investing in cyber insurance for your business can be a wise strategy. For one, it helps you to transfer some of the financial risks of a cybersecurity event to your insurance provider. But the cyber insurance landscape is changing. You should know that getting the coverage you want might be a challenge, and you will need to meet an array of cybersecurity insurance requirements. In this blog post, we\'ll cover six of the most common requirements you\'ll likely need to fulfill. What is cyber insurance-and what does it cover? But first, let\'s take a closer look at what cyber insurance is and why it is important. Also known as cyber liability insurance, this relatively new type of insurance helps to protect businesses and individuals from the negative impacts of cybersecurity events. It generally covers: Loss of data and the associated recovery Loss of revenue due to business interruption Loss of transferred funds from cyberattacks, like business email compromise (BEC) and phishing Loss of funds from ransomware and extortion Many policies also cover the aftermath and follow-up events associated with a data breach. This includes the costs associated with identifying and notifying victims, credit monitoring for victims and forensics expertise, to name a few. Why is cyber insurance important? For many companies, cyber insurance is an essential part of their risk management strategy. It covers many costs related to cyber events, such as legal expenses and fees for compliance violations. Depending on the policy, it might also cover: Ransomware attacks. If your business is hit with a ransomware attack, you may face demands for payment to unlock your systems. Or you may need to pay a ransom to prevent the release of sensitive data. In certain cases, cyber insurance can help cover ransom payments. Incident response and recovery. Cybersecurity insurance can help with the cost of investments you may need to make after an attack. For example, you may need to hire experts, conduct forensic investigations, and implement tools and measures to prevent future attacks. Business disruption. This may include lost revenue during downtime. This coverage can help your business stay afloat financially and continue operating in the wake of a cyber event. Want more details on the benefits of cyber insurance? Download the Proofpoint presentation, “Cyber Insurance: Facts, Figures and Policy Fundamentals.” Examples of common cyber insurance requirements As noted earlier, getting coverage is more complicated than it used to be. Because security breaches are so costly and cybercrime is so common, many insurers have become more stringent in their underwriting processes. Some have lowered caps for payouts and narrowed their coverage offerings as well. This means that the requirements your business may be expected to meet will be fairly complex. Every provider will likely conduct a risk assessment to determine if you qualify for cyber insurance. The process will help them to determine how much coverage they can offer you, and what you\'ll need to pay for it. The risk assessment might be as quick and simple as a questionnaire or as complex and time-consuming as a third-party audit. Here are six examples | Ransomware Data Breach Tool Threat | ★★★ | |
 |
2024-01-01 14:03:20 | 1er janvier & # 8211;Rapport de renseignement sur les menaces 1st January – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes en cyberLes meilleures attaques et violation du réseau hospitalier allemand Katholische Hospitalveinigung Ostwestfalen (KHO) ont été victimes de cyberattaques qui ont perturbé les systèmes des hôpitaux de Bielefeld, Rheda-Wiedenbr & Uuml; CK et Herford.Lockbit Ransomware Group a revendiqué la responsabilité de l'attaque.[& # 8230;]
>For the latest discoveries in cyber research for the week of 1st January, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has been a victim of cyber-attack that disrupted the systems of hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford. Lockbit ransomware group claimed responsibility for the attack. […] |
Ransomware Threat | ★★★ | |
|
2024-01-01 11:05:10 | Les opérations d'application de la loi ciblant la cybercriminalité en 2023 The law enforcement operations targeting cybercrime in 2023 (lien direct) |
En 2023, nous avons vu de nombreuses opérations d'application de la loi ciblant les opérations de cybercriminalité, notamment des escroqueries de crypto-monnaie, des attaques de phishing, un vol d'identification, un développement de logiciels malveillants et des attaques de ransomwares.[...]
In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. [...] |
Ransomware Malware Legislation | ★★★ | |
|
2023-12-30 16:23:55 | La Chine arrête 4 qui a armé le chatpt pour des attaques de ransomwares China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks (lien direct) |
> Par deeba ahmed
La police a arrêté deux suspects à Pékin et deux en Mongolie intérieure.
Ceci est un article de HackRead.com Lire le post original: Chine Arrests4 qui a armé le chatppt pour les attaques de ransomwares
>By Deeba Ahmed The police arrested two suspects in Beijing and two in Inner Mongolia. This is a post from HackRead.com Read the original post: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks |
Ransomware | ChatGPT | ★★★ |
|
2023-12-29 15:20:27 | Les hôpitaux demandent aux tribunaux de forcer l'entreprise de stockage du cloud de retourner des données volées Hospitals ask courts to force cloud storage firm to return stolen data (lien direct) |
Deux hôpitaux à but non lucratif de New York recherchent une ordonnance du tribunal pour récupérer les données volées dans une attaque de ransomware d'août qui est maintenant stockée sur les serveurs d'une société de stockage de Boston Cloud.[...]
Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack that\'s now stored on the servers of a Boston cloud storage company. [...] |
Ransomware Legislation Medical Cloud | ★★★ | |
 |
2023-12-29 10:46:00 | Microsoft désactive le protocole d'installation de l'application MSIX largement utilisée dans les attaques de logiciels malveillants Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks (lien direct) |
Microsoft a déclaré jeudi qu'il désactivant à nouveau le gestionnaire de protocole & nbsp; MS-Appinstaller & NBSP; à la suite de ses abus de plusieurs acteurs de menace pour distribuer des logiciels malveillants.
«L'activité de l'acteur de menace observée abuse
Microsoft on Thursday said it\'s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” the Microsoft Threat Intelligence |
Ransomware Malware Threat Patching | ★★★★ | |
 |
2023-12-29 00:00:07 | Obtenir le conseil d'administration: expliquer le ROI de la cybersécurité Getting the Board on Board: Explaining Cybersecurity ROI (lien direct) |
Malgré l'augmentation des violations de données, des attaques de ransomwares et des cyber-menaces assorties, convaincant le conseil d'administration d'investir dans une cybersécurité robuste n'est pas toujours facile pour de nombreuses entreprises.Le défi provient principalement de la nécessité de démontrer un retour sur investissement quantifiable (ROI) de toute initiative de cybersécurité.De nombreux conseils se concentrent sur les indicateurs de performance, les bénéfices et la distribution stratégique des ressources, tandis que la cybersécurité se concentre principalement sur l'atténuation des risques.Il est crucial de combler cet écart de communication pour s'assurer que le conseil comprend et reconnaît la signification ...
Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn\'t always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment (ROI) from any cybersecurity initiative. Many Boards concentrate on performance indicators, profits, and strategic resource distribution, while cybersecurity primarily focuses on risk mitigation. It is crucial to bridge this communication gap to ensure that the Board understands and acknowledges the significance... |
Ransomware | ★★ | |
|
2023-12-28 16:06:43 | Gouvernement du Royaume-Uni \\ 'mal préparé \\' pour faire face à un risque élevé d'attaques de ransomware catastrophiques U.K. Government \\'Ill-Prepared\\' to Deal With High Risk of Catastrophic Ransomware Attacks (lien direct) |
Ransomware | ★★★ | ||
 |
2023-12-28 16:00:00 | Ransomware Roundup - 8Base (lien direct) | Le Ransomware 8Base, une variante de Phobos, a émergé en mai 2023 et cible des organisations dans divers secteurs du monde à gain financier.Apprendre encore plus.
The 8base ransomware, a variant of Phobos, emerged in May 2023 and has been targeting organizations across various industries globally for financial gain. Learn more. |
Ransomware | ★★ | |
|
2023-12-28 11:30:00 | Ohio Lottery frappé par les ransomwares, les pirates revendiquent le vol de données des employés et des joueurs Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data (lien direct) |
> Le groupe DragonForce Ransomware a pris le crédit du hack de loterie de l'Ohio, affirmant avoir volé des millions d'enregistrements de données.
>The DragonForce ransomware group has taken credit for the Ohio Lottery hack, claiming to have stolen millions of data records. |
Ransomware Hack | ★★ | |
|
2023-12-27 20:30:00 | L'Agence de sécurité sociale de Trinidad et Tobago a frappé avec une attaque de ransomware post-Christmas Trinidad and Tobago social security agency hit with post-Christmas ransomware attack (lien direct) |
Une agence gouvernementale clé de Trinidad et Tobago a déclaré qu'elle avait été frappée par une attaque de ransomware qui limitera ses opérations pendant au moins le reste de l'année.Le National Insurance Board du pays (NIBTT) - qui gère le système de sécurité sociale du pays \\ desservant plus de 630 000 personnes - a écrit que tous les bureaux seront
A key government agency in Trinidad and Tobago said it was hit with a ransomware attack that will limit its operations for at least the rest of the year. The country\'s National Insurance Board (NIBTT) - which runs the nation\'s social security system serving more than 630,000 people - wrote that all offices will be |
Ransomware | ★★★ | |
|
2023-12-27 16:05:26 | Lockbit Ransomware perturbe les soins d'urgence dans les hôpitaux allemands Lockbit ransomware disrupts emergency care at German hospitals (lien direct) |
Le réseau hospitalier allemand Katholische Hospitalveinigung Ostwestfalen (KHO) a confirmé que les perturbations de services récentes ont été causées par une attaque de ransomware de verrouillage où les acteurs de la menace ont eu accès aux systèmes informatiques et aux appareils chiffrés sur le réseau.[...]
German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network. [...] |
Ransomware Threat | ★★★ | |
|
2023-12-27 12:32:54 | Ransomware Group réclame 100 Go de données volées à Nissan Ransomware Group Claims 100 Gb of Data Stolen From Nissan (lien direct) |
> Le groupe Akira Ransomware a pris le crédit de la récente attaque qui a eu un impact sur Nissan Australie et la Nouvelle-Zélande.
>The Akira ransomware group has taken credit for the recent attack that impacted Nissan Australia and New Zealand. |
Ransomware | ★★ | |
 |
2023-12-27 07:39:30 | Découverte du ransomware Rhysida et de ses activités (lien direct) | >Faits marquants concernant le ransomware RhysidaRhysida est devenu l'un des groupes de ransomware les plus actifs en novembre 2023.Il cible les grandes et moyennes entreprises avec un impact significatif sur le secteur de l'éducation.Les victimes du groupe Rhysida sont réparties dans 25 pays, avec une majorité de victimes aux États-Unis.Il utilise les familles de malware [...] | Ransomware Malware | ★★ | |
|
2023-12-26 13:18:09 | Les pirates d'Ubisoft se sont brouillés pour 900 Go de données avant de déjouer Ubisoft Hackers Scrambled for 900GB of Data Before Foiled (lien direct) |
> Par deeba ahmed
La cyberattaque sur Ubisoft est venue quelques jours seulement après que les pirates du gang de ransomware Rhysida ont ciblé les jeux Insomniac, les développeurs de Spider-Man 2.
Ceci est un article de HackRead.com Lire la publication originale: Les pirates Ubisoft se sont brouillés pour 900 Go de données avant la foi
>By Deeba Ahmed The cyberattack on Ubisoft came just days after hackers from the Rhysida ransomware gang targeted Insomniac Games, the developers of Spider-Man 2. This is a post from HackRead.com Read the original post: Ubisoft Hackers Scrambled for 900GB of Data Before Foiled |
Ransomware | ★★★ | |
|
2023-12-26 12:56:00 | Carbanak Banking Malware refait surface avec de nouvelles tactiques de ransomware Carbanak Banking Malware Resurfaces with New Ransomware Tactics (lien direct) |
Le malware bancaire connu sous le nom de & nbsp; carbanak & nbsp; a été observé utilisé dans & nbsp; ransomware attaques & nbsp; avec tactiques mises à jour.
"Le malware s'est adapté pour incorporer les fournisseurs d'attaque et les techniques pour diversifier son efficacité", la société de cybersécurité NCC Group & NBSP; a déclaré & NBSP; dans une analyse des attaques de ransomware qui ont eu lieu en novembre 2023.
"Carbanak est revenu le mois dernier par le biais de nouveaux
The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new |
Ransomware Malware | ★★★ | |
|
2023-12-25 14:00:00 | Les victimes du site de fuite de ransomware ont atteint un sommet record en novembre Ransomware Leak Site Victims Reached Record-High in November (lien direct) |
Le nombre de victimes répertoriées sur des sites de fuite de ransomware a augmenté de 110% en glissement annuel en novembre, selon Corvus Insurance
The number of victims listed on ransomware leak sites is up 110% year-on-year in November, according to Corvus Insurance |
Ransomware | ★★ | |
 |
2023-12-22 21:21:54 | Nouvelles campagnes de malvertisation métassières New MetaStealer Malvertising Campaigns (lien direct) |
#### Description
Une nouvelle campagne de malvertising a été observée distribuant le malware du métaste.MetaStealer est un malware populaire qui a été vu pour la première fois en 2022 et a depuis été exploité par divers acteurs de menace.Le logiciel malveillant est principalement distribué via le logiciel Malspam et Cracked via des comptes YouTube volés.Cependant, il a également été vu dans une campagne de malvertising début décembre.La récente campagne a été observée en distribution de métastealer via deux annonces différentes pour Notepad ++ et AnyDesk via Google Recherches.La charge utile contenait un raccourci de lancement de PowerShell qui a utilisé un chemin à code dur vers le dossier de téléchargements.
La campagne de décembre s'est débarrassée du PowerShell et la DLL malveillante a été recompilée.Les développeurs de Metastealer améliorent leur produit et nous verrons probablement plus de leurs clients la distribution.Les voleurs peuvent servir plusieurs fins mais ont tendance à tourner autour des articles que les criminels peuvent facilement monétiser.Les portefeuilles cryptographiques sont généralement assez convoités, mais il en va de même pour divers services en ligne.Les voleurs peuvent également être utilisés par les courtiers d'accès initiaux, en ouvrant le chemin des acteurs de ransomwares.Les publicités malveillantes ont été signalées à Google et l'infrastructure derrière ces campagnes a été bloquée.
#### URL de référence (s)
1. https://www.malwarebytes.com/blog/thereat-intelligence/2023/12/new-metastealer-malvertising-campaignes
#### Date de publication
19 décembre 2023
#### Auteurs)
MalwareBytes Mende Intelligence Team
#### Description A new malvertising campaign has been observed distributing the MetaStealer malware. MetaStealer is a popular piece of malware that was first seen in 2022 and has since been leveraged by various threat actors. The malware is primarily distributed via malspam and cracked software via stolen YouTube accounts. However, it was also seen in a malvertising campaign in early December. The recent campaign was observed distributing MetaStealer via two different ads for Notepad++ and AnyDesk via Google searches. The payload contained a shortcut launching PowerShell that used a hardcoded path to the Downloads folder. The December campaign got rid of the PowerShell and the malicious DLL was recompiled. The developers of MetaStealer are improving their product, and we are likely to see more of their customers distributing it. Stealers can serve multiple purposes but tend to revolve around items that criminals can easily monetize. Crypto wallets are usually quite coveted, but so are credentials for various online services. Stealers can also be used by initial access brokers, paving the path for ransomware actors. The malicious ads have been reported to Google, and the infrastructure behind these campaigns has been blocked. #### Reference URL(s) 1. https://www.malwarebytes.com/blog/threat-intelligence/2023/12/new-metastealer-malvertising-campaigns #### Publication Date December 19, 2023 #### Author(s) Malwarebytes Threat Intelligence Team |
Ransomware Malware Threat | ★★★ | |
|
2023-12-22 20:10:00 | Les attaquants de ransomware abusent plusieurs fenêtres CLFS pilotes zéro jours Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days (lien direct) |
Les attaquants augmentaient les privilèges à gauche et à droite en 2023, grâce à un pilote axé sur les performances et à la sécurité.
Attackers were escalating privileges left and right in 2023, thanks to one performance-oriented, security-lacking driver. |
Ransomware | ★★ | |
|
2023-12-22 16:20:53 | La semaine en ransomware - 22 décembre 2023 - Blackcat piraté The Week in Ransomware - December 22nd 2023 - BlackCat hacked (lien direct) |
Plus tôt ce mois-ci, l'opération BlackCat / AlphV Ransomware a subi une perturbation de cinq jours sur leurs sites de fuite de données et de négociation,, selon les rumeurs, causées par une action en application de la loi.[...]
Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. [...] |
Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
