What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-05 14:00:18 | Ransomware target list – Week in security with Tony Anscombe (lien direct) | >Why schools, hospitals, local governments and other public sector organizations are in a sweet spot for ransomware attacks | Ransomware | ★★ | |
 |
2023-01-05 13:32:40 | These grim figures show that the ransomware problem isn\'t going away (lien direct) |
|
Ransomware | ★★ | |
 |
2023-01-05 11:00:00 | The dos and don\'ts of ransomware negotiations (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Has your organization suddenly been attacked by a ransomware virus? Take a deep breath and try to remain composed. It can be easy to panic or become overwhelmed in the face of an attack, but it is vital to remain calm and focused in order to make the best decisions for your organization. The initial actions to take in the event of a ransomware attack Disconnect the affected devices from the network as soon as possible. This can help to prevent the ransomware from spreading to other computers or devices. Determine what data has been affected and assess the extent of the damage. Determine the specific type of ransomware virus that has infected your devices to understand how this malware operates and what steps you need to take to remove it. It is important to notify all employees about the ransomware attack and instruct them not to click on any suspicious links or open any suspicious attachments. Consider reporting the attack. This can help to increase awareness of the attack and may also help to prevent future attacks. Please note that in some regions, business owners are required by law to report an attack. Do not rush into a decision. Take the time to carefully evaluate your options and the potential consequences of each of them before deciding whether to pay the ransom or explore other solutions. Paying the ransom is not the only option. Consider exploring other solutions, such as restoring your data from backups. If you do not have backups, cybersecurity experts may be able to help you recover your data since many ransomware strains were decrypted and keys are publicly available. Strategies cybercrooks employ to obtain funds from victims swiftly Cyber extortionists use various tactics beyond just encrypting data. They also use post-exploitation blackmail methods to coerce victims into paying them. Very often, cybercriminals use several extortion tactics simultaneously. Some examples of these tactics include: Steal and disclose Cyber extortionists not only encrypt victims' data but also often steal it. If the ransom is not paid, the stolen files may be made publicly available on special leak websites, which can cause severe damage to the victim's reputation and make them more likely to give in to the attackers' demands. Destroy keys if a negotiation company intervenes Some ransomware authors have threatened to delete the private keys necessary for decrypting victims' data if they seek the help of a professional third party to negotiate on their behalf. Launch a DDoS attack Ransomware attackers often threaten to flood the victim's website with a large volume of traffic in an effort to put it down and intimidate the targeted company into paying the ransom faster. Cause printers to behave abnormally Some hackers were able to take control of the printers and print ransom notes directly in front of partners and customers. This provides a high level of visibility for the attack, as it is difficult for people to ignore the ransom notes being printed. Use Facebook ads for malicious purposes Criminals have been known to use advertising to gain attention for their attacks. In one ins | Ransomware Malware Threat Prediction | ★★★ | |
 |
2023-01-05 10:25:12 | Play Ransomware Group Used New Exploitation Method in Rackspace Attack (lien direct) | The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this week. | Ransomware | ★★★ | |
 |
2023-01-05 09:30:00 | Rail Tech Giant Wabtec Discloses Global Data Breach (lien direct) | Incident thought to stem from 2022 ransomware attack | Ransomware Data Breach | ★★ | |
 |
2023-01-05 09:00:04 | A crowning achievement: Exploring the exploit of Royal ransomware (lien direct) | >By Anish Bogati, Security ResearchContentsFast FactsRoyal analysisAnalysis of an older version of RoyalDetecting Royal using LogpointInvestigation and response using LogpointEnd-to-end detection, investigation, and response of Royal with LogpointTL;DRFirst observed in January 2022 and unlike any other ransomware we have covered, Royal is a private group with no known affiliations at this time. In another campaign, [...] | Ransomware | ★★★★ | |
 |
2023-01-05 07:51:45 | LockBit ransomware gang says sorry, gives free decryptor to SickKids hospital (lien direct) | Do ransomware gangs actually have a heart? Perhaps... Just days before Christmas, on the night of Sunday 18 December 2022, Canada's Hospital for Sick Children (better known as SickKids) was hit by a ransomware attack. The Toronto-based teaching and research hospital reported that the attack had impacted its internal systems, phone lines, and website. The hospital predicted that it would take weeks before all of its systems were back up-and-running as normal, and warned that - although scheduled appointments and procedures were continuing - its clinical teams were experiencing delays, and that... | Ransomware | ★ | |
 |
2023-01-05 05:50:00 | Focusing on Your Adversary (lien direct) | Every day, we hear news stories or read articles about data breaches and other cyber security threats. As malicious threat actors and the risk of cyber threats increase, protecting networks and valuable information becomes more critical. So what can organizations do to ensure their networks remain secure? Organizations must understand their adversaries’ identities to keep data safe and protect it from cyber-attacks. This article will explore the different types of threats facing enterprise organizations and what they can do to stay ahead of them. Evolving Cyber Attacks Cyber attacks are constantly evolving as attackers continue to find new ways to exploit vulnerabilities. This includes: Increased use of artificial intelligence (AI) and machine learning: Attackers are using AI and machine learning to automate and improve the effectiveness of their attacks. For example, AI can be used to generate convincing phishing emails or to bypass security systems. Rise of ransomware: Ransomware attacks, which involve encrypting a victim’s data and demanding a ransom to decrypt it, have become increasingly common in recent years. Ransomware attacks can significantly impact businesses, disrupting operations and resulting in financial losses. More targeted attacks: Rather than broad-based attacks that aim to compromise as many systems as possible, attackers are increasingly using targeted attacks designed to exploit a particular organization’s vulnerabilities. Increased focus on mobile devices: Mobile devices, such as smartphones and tablets, are becoming increasingly vulnerable to cyber-attacks. As a result, attackers focus more on exploiting these devices’ vulnerabilities. Increased use of cloud services: As more organizations move to the cloud, attackers are finding new ways to exploit vulnerabilities in these systems. For example, attackers may try to gain access to an organization’s cloud-based data or disrupt its cloud-based operations. It’s not only crucial for organizations to stay up-to-date on the latest trends in cyber attacks and to implement appropriate security measures to protect against them. It’s even more important to pinpoint your adversaries to understand their TTPs to protect and predict their next attack. Types of Adversaries There are many different types of cybersecurity adversaries that organizations have to deal with. Some common types of adversaries include: Hackers: Individuals or groups who attempt to gain unauthorized access to systems or networks for various reasons, such as stealing data, disrupting operations, or causing damage. Cybercriminals: Individuals or groups who use the internet to commit crimes, such as identity theft, fraud, or extortion. Cyber Terrorists: A group that’s goal is to disrupt operations, cause harm, and destroy data. Increasingly targeting critical infrastructures such as power plants, water treatment facilities, transportation systems, and healthcare providers. Nation-state actors: Governments or government-sponsored organizations that use cyber attacks as part of their foreign policy or military operations. Insider threats: Individuals with legitimate access to an organization’s systems or networks use that access to cause harm or steal sensitive information. Malicious insiders: These are individuals who are intentionally malicious and seek to cause harm to an organization’s systems or networks. Hacktivists: The term “hacktivists” refers to people who use hacking techniques to disrupt computer systems and networks in pursuit of political goals. Hackers often work alone, though some groups do exist. Script Kiddies: Originally used to describe young hackers, it now refer | Ransomware Malware Tool Vulnerability Threat Industrial Prediction | ★★★ | |
 |
2023-01-04 23:21:00 | Rackspace: Ransomware Attack Bypassed ProxyNotShell Mitigations (lien direct) | The hosting provider had not applied Microsoft's new patch due to publicly reported issues with the update. | Ransomware | ★★★ | |
 |
2023-01-04 20:00:11 | The Guardian ransomware attack hits week two as staff told to work from home (lien direct) | UK data watchdog would like a word over failure to systems Long-standing British broadsheet The Guardian has told staff to continue working from home and notified the UK's data privacy watchdog about the security breach following a suspected ransomware attack before Christmas.… | Ransomware | ★★★ | |
 |
2023-01-04 15:58:06 | Wabtec breach linked to LockBit ransomware group (lien direct) | Rail and locomotive company Wabtec sent out letters to affected parties about the data breach at the end of the year, and industry analysts told SC Media that such notification lags are unfortunately common in the ransomware space. | Ransomware Data Breach | ★★ | |
 |
2023-01-04 15:54:00 | The FBI\'s Perspective on Ransomware (lien direct) | Ransomware: contemporary threats, how to prevent them and how the FBI can help In April 2021, Dutch supermarkets faced a food shortage. The cause wasn't a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, | Ransomware Threat Medical | ★★★ | |
|
2023-01-04 14:26:37 | Healthcare disruptions rise due to ransomware attacks, though reporting gaps limit insights (lien direct) | A JAMA report confirms impacts on both healthcare delivery and patient data have drastically increased since 2016, as researchers call for policy updates to address reporting gaps. | Ransomware | ★★ | |
 |
2023-01-04 13:12:00 | (Déjà vu) Ransomware Roundup – Monti, BlackHunt, and Putin Ransomware (lien direct) | In this week's ransomware roundup, FortiGuard Labs covers the Monti, BlackHunt, and Putin ransomware along with protection recommendations. Read our blog to find out more. | Ransomware | ★★ | |
|
2023-01-04 13:07:13 | Wabtec Says Personal Information Compromised in Ransomware Attack (lien direct) | Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year. The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees. | Ransomware | ★★★ | |
|
2023-01-04 12:34:54 | Los Angeles housing authority probing reported ransomware attack (lien direct) | The Housing Authority of the City of Los Angeles said an investigation is underway after the LockBit ransomware gang announced it had performed a cyberattack on the agency, according to TechCrunch. | Ransomware | ★★ | |
|
2023-01-04 11:25:53 | Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack (lien direct) | A hacker is offering to sell data allegedly stolen from Swedish vehicle manufacturer Volvo Cars following a ransomware attack carried out in late December. | Ransomware | ★★★ | |
 |
2023-01-04 11:00:00 | A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023 (lien direct) | >In 2023, the global annual cost of cyber crime is predicted to top $8 trillion, according to a recent Cybersecurity Ventures report. This seemingly enormous figure might still be a major underestimate. In 2021, U.S. financial institutions lost nearly $1.2 billion in costs due to ransomware attacks alone. That was a nearly 200% increase over […] | Ransomware | ★★ | |
 |
2023-01-04 08:50:45 | Ransomware Attackers Don\'t Just Want your Data, Now They are After the Backups Too (lien direct) | Ransomware Attackers Don't Just Want your Data, Now They are After the Backups Too explain Rick Vanover, Senior Director of Product Strategy, Veeam - Opinion / affiche | Ransomware | ★★★ | |
|
2023-01-04 00:59:55 | LockBit: Sorry about the SickKids ransomware, not sorry about the rest (lien direct) | Blame it on the affiliate Notorious ransomware gang LockBit "formally apologized" for an extortion attack against Canada's largest children's hospital that the criminals blamed on a now-blocked affiliate group, and said it published a free decryptor for the victim to recover the files.… | Ransomware | ★★ | |
|
2023-01-03 23:13:07 | Check Point, Intel to bolster ransomware defenses in processors (lien direct) | SiliconAngle reports that Check Point Software Technologies has partnered with Intel to integrate the threat detection technology of the Intel vPro platform into its Check Point Harmony Endpoint, enabling stronger hardware- and software-level ransomware defenses. | Ransomware Threat | ★★ | |
|
2023-01-03 23:06:01 | Major cybersecurity concerns this year examined (lien direct) | Critical sectors will continue to face cybersecurity threats, ransomware attacks and foreign spyware will persist, and the cybersecurity workforce shortage will remain this year, reports The Hill. | Ransomware | ★★ | |
|
2023-01-03 23:02:07 | Ransomware attack disrupts Texas city (lien direct) | Ransomware attack disrupts Texas city Texas' Tomball City had most of its networks compromised by a ransomware attack on Dec. 20, resulting in damages estimated to be more than $50,000, according to Community Impact. | Ransomware | ★★ | |
|
2023-01-03 23:00:22 | Vice Society claims leak of stolen Xavier University data (lien direct) | Louisiana-based Xavier University had data stolen from its students and employees allegedly leaked by the Vice Society ransomware gang following university officials' refusal to pay the demanded ransom, reports Government Technology. | Ransomware | ★★ | |
|
2023-01-03 22:59:46 | US hit with deluge of ransomware attacks in 2022 (lien direct) | More than 200 larger government, educational, and healthcare entities across the U.S. have been compromised by ransomware attacks last year, BleepingComputer reports. | Ransomware | ★★ | |
|
2023-01-03 22:54:37 | BlackCat leaks data stolen from financial services firm (lien direct) | The ALPHV ransomware gang, also known as BlackCat, copied a victims site and used it to publish all the stolen files after its demands for payment were not met, BleepingComputer reports. | Ransomware | ★★ | |
|
2023-01-03 22:47:30 | Ransomware attack disrupts major Canadian copper mine (lien direct) | Major Canadian copper mine Copper Mountain Mining Corporation had its corporate and mine IT systems compromised by a ransomware attack on Dec. 27, prompting mill shutdowns and the use of manual processes, reports The Record, a news site by cybersecurity firm Recorded Future. | Ransomware | ★★★ | |
|
2023-01-03 22:44:35 | Play ransomware gang behind Rackspace attack (lien direct) | Play ransomware gang behind Rackspace attack Texas Public Radio reports that the Play ransomware gang has been noted by Rackspace to be the perpetrators of an attack against its Hosted Exchange platform in early December. | Ransomware | ★★ | |
|
2023-01-03 22:33:52 | Port of Lisbon cyberattack claimed by LockBit (lien direct) | The LockBit ransomware gang has admitted launching an attack against the website of Portugal's Port of Lisbon, from which it claimed having stolen the port's audits, financial reports, contracts, budgets, ship logs, and other cargo and crew information, according to The Record, a news site by cybersecurity firm Recorded Future. | Ransomware | ★★ | |
|
2023-01-03 22:10:14 | Shared responsibility in ransomware protection emphasized (lien direct) | Organizations should have a shared responsibility in ensuring ransomware protection with their software providers, according to SiliconAngle. "It is a shared responsibility between the cloud provider, in this case AWS and the user. | Ransomware | ★★ | |
|
2023-01-03 21:56:44 | Cyberattack disclosed by Jakks Pacific following ransomware gangs\' leaks (lien direct) | Major U.S. toy manufacturer Jakks Pacific has disclosed being impacted by a ransomware attack after having its stolen data exposed by the Hive and BlackCat ransomware operations, reports The Record, a news site by cybersecurity firm Recorded Future. | Ransomware | ★★ | |
 |
2023-01-03 15:30:55 | Après l\'attaque d\'un hôpital pédiatrique, les pirates de Lockbit s\'excusent et offrent la clé de déchiffrement (lien direct) |  Accusés d'être à l'origine de la cyberattaque ayant touché un hôpital pour enfants au Canada, l'équipe de pirates derrière le ransomware LockBit a présenté ses excuses. Le groupe, qui a également fourni gratuitement la clé de déchiffrement à l'hôpital, a mis en cause un de ses partenaires. |
Ransomware | ★★★ | |
|
2023-01-03 15:25:59 | NJ hospital CentraState diverting patients after cyberattack, IT shutdown (lien direct) | This healthcare cybersecurity roundup includes a LockBit ransomware attack against a Canadian hospital and is led by an ongoing outage at New Jersey's CentraState Medical Center. | Ransomware Medical | ★ | |
 |
2023-01-03 15:13:35 | Rail giant Wabtec discloses data breach after Lockbit ransomware attack (lien direct) | U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. [...] | Ransomware Data Breach | ★★ | |
|
2023-01-03 11:40:00 | Royal ransomware claims attack on Queensland University of Technology (lien direct) | The Royal ransomware gang has claimed responsibility for a recent cyberattack on the Queensland University of Technology and begun to leak data allegedly stolen during the security breach. [...] | Ransomware | ★★ | |
|
2023-01-03 10:37:40 | Ransomware Attack Forces Canadian Mining Company to Shut Down Mill (lien direct) | Canadian Copper Mountain Mining Corporation (CMMC) last week shut down its mill after falling victim to a ransomware attack. Listed on the Toronto Stock Exchange, the firm owns most of the Copper Mountain mine. Located in southern British Columbia, the mine produces an average of 100 million pounds of copper equivalent per year. | Ransomware | ★★★ | |
|
2023-01-03 10:30:00 | LockBit Hands Ransomware Decryptor to Kids\' Hospital (lien direct) | Group apologizes to Toronto-based SickKids | Ransomware | ★★★★ | |
|
2023-01-03 09:30:00 | No Major Spike in Reported Ransomware in 2022 (lien direct) | Number of government, education and healthcare incidents remains steady | Ransomware | ★★ | |
 |
2023-01-03 06:57:00 | LockBit apologizes for ransomware attack on hospital, offers decryptor (lien direct) | LockBit, a prominent ransomware-as-a-service (RaaS) operation, has apologized for an attack on the Toronto-based Hospital for Sick Children, also known as SickKids, and offered a free decryptor. SickKids, a major pediatric teaching hospital, announced on December 19 that it had called a Code Grey system failure, as it was responding to a cybersecurity incident that was affecting several network systems at the hospital.To read this article in full, please click here | Ransomware | ★★ | |
|
2023-01-02 02:00:00 | Ransomware ecosystem becoming more diverse for 2023 (lien direct) | The ransomware ecosystem has changed significantly in 2022, with attackers shifting from large groups that dominated the landscape toward smaller ransomware-as-a-service (RaaS) operations in search of more flexibility and drawing less attention from law enforcement. This democratization of ransomware is bad news for organizations because it also brought in a diversification of tactics, techniques, and procedures (TTPs), more indicators of compromise (IOCs) to track, and potentially more hurdles to jump through when trying to negotiate or pay ransoms."We can likely date the accelerated landscape changes back to at least mid-2021, when the Colonial Pipeline DarkSide ransomware attack and subsequent law enforcement takedown of REvil led to the dispersal of several ransomware partnerships," researchers from Cisco's Talos group said in their annual report. "Fast forward to this year, when the ransomware scene seems as dynamic as ever, with various groups adapting to increased disruptive efforts by law enforcement and private industry, infighting and insider threats, and a competitive market that has developers and operators shifting their affiliation continuously in search of the most lucrative ransomware operation."To read this article in full, please click here | Ransomware | ★★★ | |
 |
2023-01-02 01:18:00 | (Déjà vu) ASEC Weekly Malware Statistics (December 19th, 2022 – December 25th, 2022) (lien direct) | The ASEC analysis team uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from December 19th, 2022 (Monday) to December 25th, 2022 (Sunday). For the main category, Infostealer ranked top with 37.3%, followed by downloader with 35.7%, backdoor with 23.9%, and ransomware with 3.1%. Top 1 – BeamWinHTTP BeamWinHTTP is a downloader malware that ranked top with 23.3%. The malware is distributed via malware disguised as PUP installer.... | Ransomware Malware | ★★ | |
|
2023-01-01 15:54:56 | Ransomware gang cloned victim\'s website to leak stolen data (lien direct) | The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim's site to publish stolen data on it. [...] | Ransomware | ★★★ | |
|
2022-12-30 11:44:55 | LockBit ransomware claims attack on Port of Lisbon in Portugal (lien direct) | A cyberattack hitting the Port of Lisbon Administration (APL), the third-largest port in Portugal, on Christmas day has been claimed by the LockBit ransomware gang. [...] | Ransomware | ★★ | |
|
2022-12-30 11:09:56 | Canadian mining firm shuts down mill after ransomware attack (lien direct) | The Copper Mountain Mining Corporation (CMMC), a Canadian copper mining company in British Columbia, has announced it has become the target of a ransomware attack that impacted its operations. [...] | Ransomware | ★★★ | |
 |
2022-12-29 21:45:04 | Ransom Deadline Given By LockBit in Port of Lisbon Attack (lien direct) | The third largest port in Portugal has gone offline after the gang launched a ransomware attack on Christmas Day. Although this does not affect its operational activity, Its been nearly a week of extreme ambiguity, and LockBit claimed responsibility for the Port of Lisbon cyber-attack. Visitors can still not access the main website, and no […] | Ransomware | ★★★ | |
|
2022-12-29 14:00:00 | The 13 Costliest Cyberattacks of 2022: Looking Back (lien direct) | >2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the […] | Ransomware | ★★★ | |
|
2022-12-29 12:41:05 | Ohio court: Non-physical software damage in ransomware attack not covered under insurance (lien direct) | The Supreme Court of Ohio ruled that a ransomware attack against a business should not be covered by insurance because the attack did not physically or directly cause harm to the tangible components of the software programs encrypted in the incident. | Ransomware | ★★ | |
 |
2022-12-29 12:30:23 | New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection (lien direct) | >We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora […] | Ransomware | ★★★ | |
|
2022-12-29 11:51:00 | Intrado ransomware attack claimed by Royal ransomware gang (lien direct) | BleepingComputer reports that telecommunications firm Intrado was claimed to have been attacked by the Royal ransomware gang. | Ransomware | ★★ | |
|
2022-12-28 17:00:00 | Healthcare Providers and Hospitals Under Ransomware\'s Siege (lien direct) | According to the FBI and Internet Crime Complaint Center, 25% of ransomware complaints involve healthcare providers. | Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
