What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-23 14:38:49 | Food producer Dole confirms ransomware attack (lien direct) |  Dole confirmed the incident following a report that an attack had forced some of the company's production plants to close |
Ransomware | ★★ | |
 |
2023-02-23 10:27:10 | Ransomware : pourquoi les entreprises paient-elles encore les rançons ? (lien direct) | Pourquoi, lorsqu'elles sont victimes d'attaques par ransomware, les entreprises acceptent-elles encore de payer ? La réponse revêt plusieurs dimensions. | Ransomware | ★★ | |
 |
2023-02-23 10:07:22 | VMware ESXi cible de cyberattaques : recommandations du laboratoire de détection des menaces de Varonis (lien direct) | Les serveurs exécutant le célèbre hyperviseur de virtualisation VMware ESXi ont été attaqués par au moins un groupe de ransomware au cours de la semaine dernière, probablement à la suite d'un balayage visant à identifier les hôtes présentant des vulnérabilités OpenSLP (Open Service Location Protocol). - Malwares | Ransomware | ★★ | |
 |
2023-02-23 10:00:53 | Fruit giant Dole suffers ransomware attack impacting operations (lien direct) | Dole Food Company, one of the world' largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations. [...] | Ransomware | ★ | |
|
2023-02-23 09:29:42 | Trellix relève que le gang de ransomware LockBit est le plus enclin à divulguer des données volées (lien direct) | Trellix relève que le gang de ransomware LockBit est le plus enclin à divulguer des données volées Le nouveau rapport du Advanced Research Center de Trellix révèle une augmentation des cyberattaques menées depuis la Chine, des attaques contre les infrastructures critiques et des attaques de voice-fishing dans le cadre d'" arnaques au président ". - Malwares | Ransomware | ★ | |
 |
2023-02-22 14:57:19 | Trellix Finds LockBit Ransomware Gang Most Apt To Leak Stolen Data (lien direct) | Pas de details / No more details | Ransomware | ★★ | |
 |
2023-02-22 12:57:00 | Royal Ransomware Targets Linux ESXi Servers (lien direct) | This report shows threat actors actively pivoting to attack Linux/UNIX environments through a new Royal Ransomware variant. Learn more about the technical details of this Linux version. | Ransomware Threat | ★★ | |
 |
2023-02-22 10:10:00 | Time Taken to Deploy Ransomware Drops 94% (lien direct) | Extortion found to be most common impact from cyber-attacks in 2022 | Ransomware | ★★ | |
|
2023-02-22 10:09:36 | Rapport IBM : Les ransomwares persistent malgré l\'amélioration de la détection en 2022 (lien direct) | IBM annonce les résultats de l'édition 2023 de son rapport annuel X-Force Threat Intelligence Index sur le paysage mondial des menaces. L'industrie manufacturière est le secteur qui subit le plus d'extorsions ; les tentatives de détournement d'emails augmentent ; la réussite d'une attaque par ransomware passe de plusieurs mois à quelques jours - Malwares | Ransomware Threat | ★ | |
|
2023-02-22 10:08:17 | Le ransomware HardBit veut connaître les détails de l\'assurance pour fixer un nouveau prix idéal (lien direct) | Le ransomware HardBit veut connaître les détails de l'assurance pour fixer un nouveau prix idéal, Benoit Grunemwald - Expert en Cybersécurité chez ESET France réagit - Malwares | Ransomware | ★ | |
 |
2023-02-22 07:19:07 | (Déjà vu) ASEC Weekly Malware Statistics (February 13th, 2023 – February 19th, 2023) (lien direct) | The AhnLab Security response Center (ASEC) analysis team uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from February 13th, 2023 (Monday) to February 19th, 2023 (Sunday). For the main category, backdoor ranked top with 50.8%, followed by downloader with 41.0%, Infostealer with 7.3%, ransomware with 0.8%, and CoinMiner with 0.2%. Top 1 – RedLine RedLine ranked first place with 49.4%. The malware steals various information such as... | Ransomware Malware | ★★ | |
 |
2023-02-22 05:46:58 | HardBit ransomware tells corporate victims to share their cyber insurance details (lien direct) | A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met. As security researchers at Varonis describe, a new strain of the HardBit ransomware has taken the unusual step of asking targeted companies to spill the beans of whether they have cyber insurance (and the terms of that insurance) anonymously. According to a part of a message in the ransomware note dropped on computers after an attack, sharing insurance details benefits both the victim and the attackers. ...since the sneaky insurance agent purposely negotiates... | Ransomware | ★ | |
|
2023-02-21 19:19:19 | LockBit gang takes credit for attack on water utility in Portugal (lien direct) |  The LockBit ransomware group has taken credit for a cyberattack on Águas e Energia do Porto - the water utility for the city of Porto |
Ransomware | ★★★ | |
 |
2023-02-21 18:08:30 | Israel\'s Top Tech University Targeted by DarkBit Ransomware (lien direct) | An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message - and maybe something more. | Ransomware | ★★ | |
|
2023-02-21 15:48:01 | Rapport sur les ransomwares 2023 : la France au 5ème rang mondial des attaques par ransomware (lien direct) | Rapport sur les ransomwares 2023 : la France au 5ème rang mondial des attaques par ransomware Un éclairage d'Outpost24 sur les motivations à l'origine des attaques ainsi que sur les différents chiffres et tendances Les points importants du rapport : ● La France au 5ème rang mondial des attaques par ransomware ● LockBit est le groupe de cybercriminels qui génère le plus de ransomwares (monde et France) ○ 34 % des attaques enregistrées dans l'année, avec une moyenne d'environ 67 attaques par mois, soit un total d'un peu plus de 800 attaques ● 2363 entreprises ont été victimes de divulgations de données par divers groupes de ransomware en 2022. - Investigations | Ransomware | ★★★★ | |
|
2023-02-21 13:16:28 | Irish TV broadcaster says attempted hack will affect programming (lien direct) |  Virgin Media Television, the Irish broadcaster, said on Monday that an attempted hack was going to impact its programming in coming days. The nature of the attack has not been specified, although a spokesperson told The Record it was not a ransomware attack. In a statement the company described identifying “an unauthorized attempt to access [… |
Ransomware Hack | ★★★ | |
 |
2023-02-21 12:02:58 | HardBit Ransomware Offers to Set Ransom Based on Victim\'s Cyberinsurance (lien direct) | HardBit ransomware operators want to work with victims to negotiate a ransom behind the back of cyberinsurance companies. | Ransomware | ★ | |
|
2023-02-21 11:00:00 | Ransomware Gang Seeks to Exploit Victim\'s Insurance Coverage (lien direct) | Ransomware group tries to demonize carriers in negotiations | Ransomware | ★ | |
|
2023-02-21 07:31:13 | GUEST ESSAY: Too many SMBs continue to pay ransomware crooks - exacerbating the problem (lien direct) | Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. Related: Threat detection for SMBs improves Not only do cyberattacks cost SMBs money, but the damage to a brand's reputation can also hurt growth and trigger the … (more…) | Ransomware Malware | ★★ | |
 |
2023-02-21 00:00:00 | A Deep Dive into the Evolution of Ransomware Part 1 (lien direct) | This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. | Ransomware | ★★ | |
 |
2023-02-21 00:00:00 | Fight Ransomware with a Cybersecurity Audit (lien direct) | An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management. | Ransomware | ★★★ | |
|
2023-02-20 17:09:01 | HardBit ransomware wants insurance details to set the perfect price (lien direct) | A ransomware threat called HardBit has moved to version 2.0 and its operators are trying to negotiate a ransom payment that would be covered by the victim's insurance company. [...] | Ransomware Threat | ★★★★ | |
|
2023-02-20 14:00:00 | Majority of Ransomware Attacks Last Year Exploited Old Bugs (lien direct) | New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft. | Ransomware Threat | ★★★ | |
 |
2023-02-20 02:27:10 | GoDaddy joins the dots and realizes it\'s been under attack for three years (lien direct) | Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.… | Ransomware | ★★★★ | |
|
2023-02-20 00:00:00 | Royal Ransomware expands attacks by targeting Linux ESXi servers (lien direct) | Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog. | Ransomware | ★★ | |
|
2023-02-18 03:02:00 | Malware Arsenal used by Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) in attacks targeting Ukraine (samples) (lien direct) |  2023-02-18Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) is an Advanced Persistent Threat (APT) group believed to be based in Russia. Their primary targets have been diplomatic and government entities in Europe, particularly Ukraine, and the United States. They have also targeted various industries, including defense, energy, and technology. Download the full collectionEmail me if you need the password (see in my profile) (209 MB. 218 samples listed in the hash tables below).The malware arsenal collected here includes:Elephant framework (GrimPlant (Backdoor) and GraphSteel (Stealer).)Graphiron BackdoorOutSteel (LorecDocStealer)BabaDedaCobalt Strike (Beacon)SaintBot DownloaderWhisperGate WiperAPT Group DescriptionAPT Group aliases:UAC-0056 (UA CERT)Ember Bear (Crowdstrike)Saint Bear (F-Secure)UNC2589 (Fireeye, IBM)Lorec53 (NSFOCUS)TA471 (Proofpoint)Nodaria (Symantec)Nascent Ursa (Palo Alto)LorecBearBleeding Bear (Elastic)DEV-0586 (MIcrosoft)The group is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021.The group primarily targets Ukraine and Georgia, but has also targeted Western European and North American foreign ministries, pharmaceutical companies, and financial sector organizations.The group is known for using various malicious implants such as GrimPlant, GraphSteel, and CobaltStrike Beacon, as well as spear phishing attacks with macro-embedded Excel documents.In January 2022, the group performed a destructive wiper attack on multiple Ukrainian government computers and websites, known as WhisperGate.The Lorec53 group is a new type of APT group fi |
Ransomware Malware Hack Tool Vulnerability Threat Medical | ★★ | |
|
2023-02-17 21:03:38 | Semiconductor industry giant says ransomware attack on supplier will cost it $250 million (lien direct) |  Applied Materials said that a ransomware attack on part of its supply chain would cost it $250 million in the next quarter |
Ransomware | ★★ | |
 |
2023-02-17 14:00:00 | How Falling Crypto Prices Impacted Cyber Crime (lien direct) | >Some rare good news in the world of cyber crime trends: Certain crimes declined in 2022 after years of constant rises. Should we credit crypto? Some estimates say that cryptocurrencies have lost $2 trillion in value since November 2021. During that time, the costs associated with cyber crimes, such as ransomware payouts and financial scams, […] | Ransomware | ★★★ | |
|
2023-02-17 13:14:19 | Expect more sanctions and hacking operations on ransomware groups, top Justice official says (lien direct) |  Deputy Attorney General Lisa Monaco said the feds will continue to use sanctions and hacking operations as tools against ransomware groups |
Ransomware | ★★★ | |
|
2023-02-17 01:00:00 | Tracking Distribution Site of Magniber Ransomware Using EDR (lien direct) | AhnLab ASEC has been blocking the Magniber ransomware through various means since its distribution has continued even after, “Redistribution of Magniber Ransomware in Korea (January 28th),” was posted back in January. A particular finding at the time was that the ransomware used the <a> tag to bypass domain blocks. In order to detect this, we have researched response measures by tracking the distribution site URL through a different method. The team is working hard to prevent damages through means such... | Ransomware | ★★ | |
|
2023-02-17 00:00:00 | Overview of AhnLab\'s Response to Joint Cybersecurity Advisory Between South Korea and the United States on North Korean Ransomware (lien direct) | On February 10, intelligence agencies from South Korea and the United States announced a cybersecurity advisory in regard to ransomware attacks from North Korea. It is the first joint report between the South Korean National Intelligence Service and the United States’ National Security Agency (NSA), Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services (HHS) to raise awareness of cyberattacks from North Korea and protect both countries from ransomware. Title: Ransomware... | Ransomware | ★★ | |
|
2023-02-16 22:34:00 | ESXi Ransomware Update Outfoxes CISA Recovery Script (lien direct) | New ESXiArgs-ransomware attacks include a workaround for CISA's decryptor, researchers find. | Ransomware | ★★★ | |
 |
2023-02-16 18:07:49 | Cryptocurrency users in the US hit by ransomware and Clipper malware (lien direct) | >Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. | Ransomware Malware | ★★ | |
|
2023-02-16 17:00:00 | City of Oakland Declares State of Emergency After Ransomware Attack (lien direct) | Core functions are intact, but the city has taken certain non-emergency systems offline | Ransomware | ★★ | |
|
2023-02-16 16:39:18 | Scality selected as inaugural launch partner for Veeam Smart Object Storage API (lien direct) | Scality selected as inaugural launch partner for Veeam Smart Object Storage API Ranked #1 for backup use case by Gartner®, Scality joins forces with Veeam to simplify the 3-2-1 rule with a single-vendor architecture for immutable ransomware protection - Business News | Ransomware | ★ | |
 |
2023-02-16 15:43:00 | ESXiArgs Ransomware Hits Over 500 New Targets in European Countries (lien direct) | More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life." | Ransomware | ★★ | |
|
2023-02-16 15:11:59 | Will the ransom war ever end? (lien direct) | Another day, another ransomware attack. Question is, who is next? Because as new research reveals, ransomware ain't going anywhere. A new report from Ivanti, Cyber Security Works (CSW), Cyware, and Securin reveals the devastating toll that ransomware has had on organisations globally. The study, 2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management, identifies 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022-marking a 19% increase year-over-year. Furthermore, the survey findings indicate that IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware. - Special Reports | Ransomware Vulnerability Threat | ★★ | |
|
2023-02-16 12:11:07 | Companies must learn lessons from Royal Mail ransomware attack, says GlobalData (lien direct) | Following the leak of details of ransom negotiations between Royal Mail and ransomware group LockBit: David Bicknell, Principal Analyst in the Thematic Intelligence team at GlobalData, offers his view. - Opinion | Ransomware | ★★ | |
|
2023-02-16 11:34:00 | (Déjà vu) Ransomware Roundup – CatB Ransomware (lien direct) | In this week's Ransomware Roundup, FortiGuard Labs covers CatB ransomware along with protection recommendations. Read the blog to find out more. | Ransomware | ★★ | |
|
2023-02-16 09:43:51 | (Déjà vu) City Of Oakland Declares State Of Emergency After Ransomware Attack (lien direct) | Because of the effects of a ransomware assault that required the City to shut down all of its IT systems on February 8, the City of Oakland has declared a local state of emergency. G. Harold Duffey, the interim city administrator, announced a state of emergency so that the City of Oakland could swiftly place […] | Ransomware | ★★ | |
|
2023-02-16 09:36:01 | Surge in ESXiArgs Ransomware Attacks as Questions Linger Over Exploited Vulnerability (lien direct) | >Hundreds of new servers were compromised in the past days as part of ESXiArgs ransomware attacks, but it's still unclear which vulnerability is being exploited. | Ransomware Vulnerability | ★★ | |
|
2023-02-16 08:46:40 | Check Point Software présente Quantum SD-WAN (lien direct) | Check Point Software présente Quantum SD-WAN pour sécuriser les succursales en unifiant une sécurité optimale et une connectivité Internet perfectionnée. Check Point Quantum SD-WAN assure une prévention complète contre les attaques de type " zero-day ", phishing et ransomware et offre un routage optimisé pour les utilisateurs et plus de 10 000 applications. - Produits | Ransomware | ★★ | |
|
2023-02-16 07:31:05 | (Déjà vu) ASEC Weekly Malware Statistics (February 6th, 2023 – February 12th, 2023) (lien direct) | The ASEC analysis team uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from February 6th, 2023 (Monday) to February 12th, 2023 (Sunday). For the main category, downloader ranked top with 54.7%, followed by backdoor with 27.7%, Infostealer with 12.8%, ransomware with 4.6%, and CoinMiner with 0.1%. Top 1 – Amadey This week, Amadey Bot ranked first place with 43.9%. Amadey is a downloader that can receive commands... | Ransomware Malware | ★★ | |
 |
2023-02-16 06:15:00 | Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk (lien direct) | The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That's according to the 2023 State of Enterprise DFIR survey by Magnet Forensics, a developer of digital investigation solutions.The firm surveyed 492 DFIR professionals in North America and Europe, the Middle East, and Africa working in organizations in industries such as technology, manufacturing, government, telecommunications, and healthcare. Respondents described the current cybercrime landscape as one that is evolving beyond ransomware and taking a toll on their ability to investigate threats and incidents, Magnet Forensics said.To read this article in full, please click here | Ransomware Guideline | ★★ | |
|
2023-02-16 01:30:06 | ESXiArgs ransomware fights off Team America\'s data recovery script (lien direct) | Want a clue to what you're dealing with? Check the ransom note That didn't take long.… | Ransomware | ★★ | |
|
2023-02-15 21:35:27 | ESXiArgs ransomware has infected hundreds of new targets in Europe, researchers say (lien direct) |  More than 500 European organizations are dealing with new infections of the ESXiArgs ransomware, according to Censys |
Ransomware | ★★ | |
|
2023-02-15 19:03:00 | Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware (lien direct) | A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks, per the cybersecurity company, | Ransomware Malware Threat | ★★★ | |
|
2023-02-15 18:44:59 | State of emergency as City of Oakland grapples with ransomware attack (lien direct) |  The City of Oakland has declared a state of emergency one week after a ransomware attack hampered local government operations. In a statement on Tuesday, interim City Administrator G. Harold Duffey said he was issuing the declaration “due to the ongoing impacts of the network outages resulting from the ransomware attack” that began February 8. [… |
Ransomware | ★★ | |
|
2023-02-15 17:32:28 | Ransomware Attack Pushes City of Oakland Into State of Emergency (lien direct) | >The city of Oakland, California issued a local state of emergency as a result of the impacts following a ransomware attack. | Ransomware | ★★ | |
|
2023-02-15 16:51:00 | LockBit and Royal Mail Ransomware Negotiation Leaked (lien direct) | It shows the threat actor trying to convince Royal Mail to pay the ransom using various techniques | Ransomware Threat | ★★ |
To see everything:
Our RSS (filtrered)
