What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-10 07:24:07 | US, UK slap sanctions on Russians linked to Conti, Ryuk, Trickbot malware (lien direct) | Any act that sends so much as a ruble to seven named netizens now forbidden The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan.… | Ransomware Malware | ★★ | |
 |
2023-02-09 22:25:22 | Mount Saint Mary College confirms December ransomware attack (lien direct) |  Mount Saint Mary College – a liberal arts college in New York – confirmed it experienced a ransomware attack in December after a cybercrime group publicly shared details about the incident this week. The Vice Society ransomware gang, a group known for dozens of attacks on K-12 schools as well as colleges and universities, claimed [… |
Ransomware | ★★ | |
 |
2023-02-09 21:11:46 | North Korea ransomware targets hospitals to fund digital spycraft, US agencies warn (lien direct) | >U.S. and South Korea officials say that North Korean ransomware operators are funding espionage operations through cyberattacks on hospitals. | Ransomware | ★★ | |
 |
2023-02-09 20:24:00 | Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children\'s Schools (lien direct) | Schools paying higher ransoms and seeing longer closures, according to survey of parents. | Ransomware | ★★ | |
 |
2023-02-09 20:23:58 | U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group (lien direct) | Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. | Ransomware | ★★ | |
 |
2023-02-09 16:20:00 | A Hackers Pot of Gold: Your MSP\'s Data (lien direct) | A single ransomware attack on a New Zealand managed service provider (MSP) disrupted several of its clients' business operations overnight, most belonging to the healthcare sector. According to the country's privacy commissioner, "a cyber security incident involving a ransomware attack" in late November upended the daily operations of New Zealand's health ministry when it prevented the staff | Ransomware | ★★★ | |
 |
2023-02-09 16:11:56 | Commentary: Escalation ESXiArgs ransomware attacks (lien direct) | After a serious escalation ESXiArgs ransomware attacks recently the comment from Nigel Seddon, Vice President EMEA West & North, Ivanti. - Malware Update | Ransomware | ★ | |
|
2023-02-09 14:54:04 | US, UK sanctions members of \'notorious cyber gang\' TrickBot (lien direct) | The sanctions are just the latest in a string of U.S. government actions against ransomware operators around the world. | Ransomware | ★★ | |
|
2023-02-09 13:34:05 | Britain and US make major move against ransomware gangs by sanctioning seven individuals (lien direct) |  The sanctions documents formally link the Conti and Ryuk ransomware gangs and the Trickbot banking trojan to a single criminal organization |
Ransomware | ★ | |
 |
2023-02-09 11:00:00 | ESXiArgs Ransomware Hits Over 3,800 Servers as Hackers Continue Improving Malware (lien direct) | >There have been some new developments in the case of the ESXiArgs ransomware attacks, including related to the encryption method used by the malware, victims, and the vulnerability exploited by the hackers. After the US Cybersecurity and Infrastructure Security Agency (CISA) announced the availability of an open source tool designed to help some victims of […] | Ransomware Malware Tool Vulnerability | ★★★ | |
 |
2023-02-09 10:21:02 | U.S. and U.K. sanction TrickBot and Conti ransomware operation members (lien direct) | The United States and the United Kingdom have sanctioned seven Russian individuals for their involvement in the TrickBot cybercrime group, whose malware was used to support attacks by the Conti and Ryuk ransomware operation. [...] | Ransomware Malware | ★ | |
 |
2023-02-09 09:00:00 | VMware ESXi server ransomware evolves, after recovery script released (lien direct) | After the FBI and CISA on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective.The attacks, aimed at VMware's ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions of the software, or those that have not been patched to current standards. Some 3,800 servers have been affected globally, CISA and the FBI said.To read this article in full, please click here | Ransomware Malware | ★★★ | |
 |
2023-02-09 08:04:00 | UK/US cybercrime crackdown sees 7 ransomware criminals sanctioned (lien direct) | A UK/US campaign to tackle international cybercrime has seen Seven Russian cybercriminals linked to notorious ransomware group Trickbot exposed and sanctioned. The sanctions were announced today by the UK's Foreign, Commonwealth and Development Office (FCDO) alongside the US Department of the Treasury's Office of Foreign Assets Control (OFAC). This follows a lengthy investigation by the National Crime Agency (NCA) into the crime group behind Trickbot malware, as well as the Conti and RYUK ransomware strains, among others, a NCA posting read.To read this article in full, please click here | Ransomware | ★ | |
 |
2023-02-09 07:33:24 | Why Ransomware Groups Switch to Rust Programming Language? (lien direct) | The Rust programming language, which was released in 2015, became popular in a short time.... | Ransomware | ★★★ | |
 |
2023-02-09 00:00:00 | Ransomware Revolution: 4 Types of Cyber Risks in 2023 (lien direct) | The ransomware business model is poised to change. These four predictions could help to keep your organization secure from new forms of cyber extortion. | Ransomware | ★★ | |
|
2023-02-08 22:31:00 | CISA Releases Recovery Script for Victims of ESXiArgs Ransomware (lien direct) | The malware has affected thousands of VMware ESXi hypervisors in the last few days. | Ransomware Malware | ★★★ | |
|
2023-02-08 21:30:12 | Among the thousands of ESXiArgs ransomware victim orgs? FBI and CISA to the rescue (lien direct) | The malware has hit more than 3,800 servers globally, according to the Feds The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak.… | Ransomware Malware | ★★★ | |
|
2023-02-08 20:20:00 | ActZero Unveils Next-Generation MDR Platform (lien direct) | Latest release gives small and mid-sized enterprises AI-driven analysis tools and unified visibility across IT environments for stronger ransomware protection. | Ransomware | ★★★ | |
 |
2023-02-08 19:05:14 | Mass Ransomware Campaign Hits US & EU (lien direct) | According to crowdsourced data examined by CNN, a new worldwide ransomware campaign has affected at least 3,800 people, including hundreds in the US, triggering warnings from European and US cybersecurity experts. However, according to “Ransomwhere,” a network created by cybersecurity researchers to track ransomware assaults, only four victims have paid the ransom so far. It’s […] | Ransomware | ★★★ | |
|
2023-02-08 17:14:52 | CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel (lien direct) |  CISA adapted work by two Turkish developers into a script for recovering files affected by ESXiArgs ransomware without having to decrypt them |
Ransomware | ★★★★ | |
|
2023-02-08 16:26:41 | The escalation of ESXiArgs ransomware attacks (lien direct) | There has been an escalation of ESXiArgs ransomware attacks. These attacks have already impacted servers belonging Florida's Supreme Court, as well as a host of US and EU-based academic institutions. The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions on why ransomware attacks are one of the most prominent threats to UK organisations and what businesses need to do in order to mitigate such attacks. - Malware Update | Ransomware | ★★★ | |
|
2023-02-08 16:09:49 | Global ransomware spree infects unpatched VMWare servers. CISA has a fix. (lien direct) | >Ransomware targeting VMware ESXi servers takes advantage of an old vulnerability and has affected more than 3,000 systems worldwide. | Ransomware Vulnerability | ★★ | |
|
2023-02-08 15:09:00 | Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware (lien direct) | A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited from the Netherlands in August 2022. He is awaiting sentencing on April 11, 2023. "Between at least | Ransomware Guideline | ★★ | |
|
2023-02-08 12:55:33 | Decryptors Available for the ESXiArgs Incidents and Cl0p Ransomware Variants (lien direct) | >Researchers have developed decryptors for some recent ransomware operations. The specific ransomware operations use Cl0p ELF variants and the... | Ransomware | ★★★ | |
|
2023-02-08 10:42:22 | Cl0p ransomware targets Linux systems with flawed encryption - Decryptor available (lien direct) | Cl0p ransomware targets Linux systems with flawed encryption - Decryptor available First Linux variant of Cl0p ransomware SentinelLabs observed the first ELF variant of Cl0p (also known as Clop) ransomware targeting Linux systems on the 26th of December 2022. - Malware Update | Ransomware | ★★★ | |
|
2023-02-08 10:31:37 | Armis : " l\'attaque de VMware ESXi Ransomware est un incident mondial majeur " (lien direct) | Armis : " l'attaque de VMware ESXi Ransomware est un incident mondial majeur " Armis,spécialiste des solutions de visibilité et de sécurité des actifs, partage son analyse sur la récente attaque de VMware ESXi Ransomware. Andy Norton European Cyber Risk Officer Armis, commence par souligner que nous sommes devant un incident mondial majeur. - Malwares | Ransomware | ★ | |
|
2023-02-08 10:04:08 | Lessons Learned on Ransomware Prevention from the Rackspace Attack (lien direct) | The ransomware attack on Rackspace has taught us the importance of good cybersecurity habits. Let's see what we can learn from the attack and how organizations can protect themselves. [...] | Ransomware | ★★★ | |
 |
2023-02-08 10:00:00 | CISA Releases Recovery Tool for VMware Ransomware Victims (lien direct) | Legacy bug in ESXi servers is being targeted by threat actors | Ransomware Tool Threat | ★★★ | |
 |
2023-02-08 07:30:02 | (Déjà vu) ASEC Weekly Malware Statistics (January 30th, 2023 – February 5th, 2023) (lien direct) | The ASEC analysis team uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from January 30th, 2023 (Monday) to February 5th, 2023 (Sunday). For the main category, downloader ranked top with 39.3%, followed by Infostealer with 28.8%, backdoor with 27.0%, ransomware with 2.6%, and CoinMiner with 2.2%. Top 1 – SmokeLoader SmokeLoader is an Infostealer/downloader malware that is distributed via exploit kits. This week, it ranked first place... | Ransomware Malware | ★★ | |
|
2023-02-08 06:00:00 | Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery (lien direct) | Data security and management vendor has announced the 7.0 software release of its Cohesity Data Cloud platform. The release provides customers with enhanced cyber resiliency capabilities to help protect and secure data against cyberattacks, the firm stated in its announcement. Expanded features include privileged access hardening, accelerated ransomware recovery for files and objects, and attack surface reduction via AWS GovCloud support, Cohesity added.Cohesity 7.0 focuses on a “data-centric” approach to cyber resilience In a press release, Cohesity explained that the 7.0 software release helps businesses take a more data-centric approach to cyber resilience including data immutability, data isolation (or cyber vaulting), and recovery at scale. “Organizations are facing significant challenges with managing and securing their data estate across cloud and on-premises, with ransomware and data theft as their number one concern,” commented Chris Kent, VP product and solutions marketing, Cohesity. “Cohesity Data Cloud 7.0 adds a new layer of protection and recovery to organizations' most critical data.”To read this article in full, please click here | Ransomware | ★★★ | |
|
2023-02-08 00:34:48 | First Linux variant of Clop ransomware targeted universities, colleges but was flawed (lien direct) |  The first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims. SentinelOne researcher Antonis Terefos said his team observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on December 26. Clop has existed since about 2019, targeting large companies, financial institutions, [… |
Ransomware Tool | ★★ | |
|
2023-02-08 00:20:00 | Redistribution of Magniber Ransomware in Korea (January 28th) (lien direct) | On the morning of January 28th, the ASEC analysis team discovered the redistribution of Magniber disguised as normal Windows Installers (MSI). The distributed Magniber files have MSI as their extensions, disguising themselves as Windows update files. According to AhnLab's log system as seen in Figure 1, it can be noted that the distribution increased starting from January 27th. MS.Update.Center.Security.KB17347418.msi MS.Update.Center.Security.KB2562020.msi MS.Update.Center.Security.KB44945726.msi Figure 1. Increase in Magniber distribution confirmed by AhnLab's log system The site that is currently distributing Magniber is... | Ransomware | ★★★ | |
|
2023-02-07 22:21:00 | Fresh (Buggy) Clop Ransomware Variant Targets Linux Systems (lien direct) | For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change. | Ransomware | ★★★ | |
|
2023-02-07 21:44:50 | After Hive takedown, could the LockBit ransomware crew be the next to fall? (lien direct) | >As international law enforcement agencies turn up the heat on ransomware gangs, LockBit's high-profile cyberattacks make it a prime target. | Ransomware | ★★★ | |
|
2023-02-07 21:17:45 | Russian crypto exchange exec pleads guilty to laundering Ryuk ransomware funds (lien direct) |  A Russian man pleaded guilty on Monday in an Oregon court on charges related to laundering funds for the Ryuk ransomware group. Denis Dubnikov was arrested in November 2021 in the Netherlands before being extradited to the U.S. last August. Prosecutors accused him, along with 13 co-conspirators whose names were redacted in a federal indictment, [… |
Ransomware Guideline | ★★★ | |
|
2023-02-07 20:00:58 | Ransomware attacks take slight dip in 2022 as threat actors evolve and explore new tactics – NCC Group Annual Threat Monitor Report (lien direct) | Ransomware attacks take slight dip in 2022 as threat actors evolve and explore new tactics – NCC Group Annual Threat Monitor Report · Ransomware attacks decrease 5% in 2022 (2,667 in 2021 to 2,531 in 2022) · Industrials sector was the most targeted by criminal gangs for second year running · North America (44%) and Europe (35%) most targeted regions · DDoS incidents and business email compromise (BEC) both take a larger share of attack types as threat actors explore triple extortion methods · Turbulence in threat landscape reflects wider grapple with major conflicts and global economic uncertainty - Special Reports | Ransomware Threat | ★★★ | |
|
2023-02-07 19:19:38 | House approves cybersecurity research bill focused on energy infrastructure (lien direct) |  The U.S. House of Representatives on Monday passed a bill that would provide funding for cybersecurity research with a focus on protecting the country's energy infrastructure. The Energy Cybersecurity University Leadership Act - inspired by the ransomware attack on Colonial Pipeline and several other incidents - proposes grants and other forms of funding to graduate [… |
Ransomware Guideline | ★★★ | |
|
2023-02-07 18:17:00 | Tackling the New Cyber Insurance Requirements: Can Your Organization Comply? (lien direct) | With cyberattacks around the world escalating rapidly, insurance companies are ramping up the requirements to qualify for a cyber insurance policy. Ransomware attacks were up 80% last year, prompting underwriters to put in place a number of new provisions designed to prevent ransomware and stem the record number of claims. Among these are a mandate to enforce multi-factor authentication (MFA) | Ransomware | ★★★ | |
|
2023-02-07 18:06:00 | Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks (lien direct) | The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story. | Ransomware | ★★★ | |
|
2023-02-07 17:33:55 | Russian ransomware money launderer pleads guilty to funneling Ryuk payments (lien direct) | >A Russian man extradited to the U.S. last year pleads guilty to attempting to conceal ransom payments that resulted from attacks on Americans. | Ransomware Guideline | ★★★ | |
|
2023-02-07 16:32:00 | Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm (lien direct) | The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying the ransom," SentinelOne researcher Antonis Terefos said in a report shared with The Hacker News. | Ransomware | ★★ | |
|
2023-02-07 15:51:00 | VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree (lien direct) | VMware on Monday said it found no evidence that threat actors are leveraging an unknown security flaw, i.e., a zero-day, in its software as part of an ongoing ransomware attack spree worldwide. "Most reports state that End of General Support (EoGS) and/or significantly out-of-date products are being targeted with known vulnerabilities which were previously addressed and disclosed in VMware | Ransomware Threat | ★ | |
|
2023-02-07 14:18:24 | LockBit ransomware group threatens Royal Mail with data leak deadline (lien direct) |  The LockBit cybercriminals told the British mail service it has until February 9 to pay up to protect data apparently stolen in January |
Ransomware | ★★★ | |
|
2023-02-07 13:37:45 | Global ransomware attack and Vesuvius - Logpoint comment (lien direct) | In light the news that Italy have warned of a large scale global ransomware attack, please see comment below from Tim Wallen, Regional Director UK, US & Emerging markets, Logpoint. - Malware Update | Ransomware | ★★★ | |
|
2023-02-07 12:12:36 | VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks (lien direct) | >ESXiArgs ransomware attacks continue, with thousands of unpatched ESXi servers compromised within a few days via CVE-2021-21974. | Ransomware | ★★ | |
|
2023-02-07 12:11:30 | Les hackers ciblent les vulnérabilités connues des serveurs et la France, la Finlande et l\'Italie sont les plus touchés en Europe : le commentaire de Tenable (lien direct) | Dimanche dernier, Reuters a publié un rapport dans lequel l'Agence nationale italienne de cybersécurité (ACN) déclare que des milliers de serveurs informatiques ont été la cible d'une attaque mondiale de ransomware visant les serveurs ESXi de VMware (VMW.N). Le piratage était une attaque à grande échelle et visait à exploiter une vulnérabilité logicielle connue. Ce rapport initial a été corroboré par d'autres régions qui ont émis des avertissements similaires. Selon Politico, la France, la Finlande et l'Italie sont les pays les plus touchés en Europe, tandis que les États-Unis et le Canada comptent également un nombre élevé de cibles. Le commentaire de Bernard Montel, directeur technique EMEA et security strategist chez Tenable - Malwares | Ransomware | ★ | |
 |
2023-02-07 10:55:22 | Le ransomware CL0P cible les systèmes Linux avec cryptage défectueux |Decryptor disponible Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available (lien direct) |
Une variante ELF dans le monde du ransomware CL0P montre que le gang regarde au-delà des cibles Windows traditionnelles.
An in-the-wild ELF variant of Cl0p ransomware shows the gang is looking beyond traditional Windows targets. |
Ransomware | ★★★ | |
 |
2023-02-07 10:05:05 | UK second most targeted nation behind America for Ransomware (lien direct) | After closely monitoring the most active ransomware groups in 2022, the KrakenLabs team at Outpost24 are sharing their latest report that delves deep into the significant ransomware trends, threat groups, victim profiles, and motives behind these attacks from the past year. In total, the researchers identified 2,363 disclosed victims by various ransomware groups on Data Leak […] | Ransomware Threat | ★★★ | |
 |
2023-02-07 09:44:00 | LockBit cartel finally claims Royal Mail ransomware attack (lien direct) | Pas de details / No more details | Ransomware | ★★ | |
|
2023-02-07 06:00:00 | Clop ransomware flaw allowed Linux victims to recover files for months (lien direct) | The Clop ransomware gang is now also using a malware variant that explicitly targets Linux servers, but a flaw in the encryption scheme has allowed victims to quietly recover their files for free for months. [...] | Ransomware Malware | ★★★ |
To see everything:
Our RSS (filtrered)
