What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-24 17:24:24 | Oakland says 311, business license systems still down, but National Guard is helping (lien direct) |  IT experts from the California National Guard and other state agencies are helping Oakland deal with a crippling ransomware attack |
Ransomware | ★★★ | |
 |
2023-02-24 10:14:08 | Cyber Sanctions: An Effective Weapon or Just Posturing? (lien direct) | >Our CEO Brian Honan spoke to Infosecurity Magazine about the impact government sanctions can have on companies who have been victim to a ransomware attack. Read More > | Ransomware | ★ | |
 |
2023-02-24 09:27:34 | Ransomware Attack Forces Produce Giant Dole to Shut Down Plants (lien direct) | >Dole was forced to shut down systems in North America due to a ransomware attack, which has reportedly led to salad shortages in some grocery stores. | Ransomware | ★★ | |
 |
2023-02-24 09:24:25 | Fruit Giant Dole Suffers Ransomware Attack Affecting Activities (lien direct) | One of the world’s biggest growers and distributors of fresh food, Dole Food Company, has disclosed that a ransomware attack has affected its business. There is now little information available, and the business is looking into “the scope of the event,” emphasizing minimal damage. The business has a workforce of about 38,000 employees and generates […] | Ransomware | ★★★ | |
 |
2023-02-24 09:15:38 | Trend Micro : Rançongiciels Chaque paiement de rançon finance 9 nouvelles attaques ! (lien direct) | Trend Micro Incorporated publie les résultats d'un nouveau rapport de recherches portant sur le fonctionnement des groupes de rançongiciels et la spirale de financement de leur attaque. Intitulé " What Decision Makers Need to Know About Ransomware Risk ", il révèle qu'il suffit du paiement de seulement 10 % des demandes de rançons pour financer de nouvelles vagues d'attaques. " Les rançongiciels constituent aujourd'hui une menace majeure pour la cybersécurité des entreprises, des collectivités et des (...) - Malwares | Ransomware Prediction | ★★★★ | |
|
2023-02-24 08:29:23 | FortiGuard Labs signale un bond de plus de 50 % des malwares dévastateurs de type wiper (lien direct) | FortiGuard Labs signale un bond de plus de 50 % des malwares dévastateurs de type wiper. Les principaux enseignements de ce rapport (couvrant le 2ème semestre 2022) : • La diffusion massive des wipers (menace de type APT qui supprime les données) est un nouveau signal que le potentiel destructeur de certaines se renforce. • De nouvelles informations sur les menaces permettent aux DSSI de hiérarchiser les mesures à prendre et de minimiser la surface d'attaque, à l'aide d'une approche dite de "Red Zone" qui identifie les périmètres critiques à protéger. • Le ransomware reste particulièrement dynamique, avec de nouvelles variantes rendues possibles par le Ransomware-as-a-Service (RaaS). Rien ne laisse présager d'un ralentissement de cette activité malveillante à l'échelle mondiale. - Malwares | Ransomware | ★★★ | |
 |
2023-02-24 00:00:00 | (Déjà vu) A Deep Dive into the Evolution of Ransomware Part 2 (lien direct) | This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. | Ransomware | ★★ | |
 |
2023-02-23 23:10:00 | Magniber Ransomware\'s Relaunch Technique (lien direct) | ASEC (AhnLab Security Emergency Response Center) has been constantly monitoring the Magniber ransomware which has been displaying a high number of distribution cases. It has been distributed through the IE (Internet Explorer) vulnerability for the past few years, but stopped exploiting the vulnerability after the support for the browser ended. Recently, the ransomware is distributed as a Windows installer package file (.msi) in Edge and Chrome browsers. There have been recent reports of systems being reinfected by Magniber. Analysis revealed... | Ransomware Vulnerability | ★★ | |
|
2023-02-23 21:35:10 | WithSecure\'s new tech is an \'undo\' button for ransomware (lien direct) | WithSecure's new tech is an 'undo' button for ransomware WithSecure's Activity Monitor technology rolls back changes to data caused malware. - Product Reviews | Ransomware | ★ | |
 |
2023-02-23 20:40:00 | Cyberattack on Dole Causes Temporary Salad Shortage (lien direct) | The produce company said it suffered a ransomware attack earlier this month. | Ransomware | ★★★ | |
 |
2023-02-23 16:28:04 | Ransomware Attacks Using Extortion Tactics Reaches Critical Mass at 96% of all Attacks (lien direct) |
|
Ransomware | ★★★ | |
|
2023-02-23 14:38:49 | Food producer Dole confirms ransomware attack (lien direct) |  Dole confirmed the incident following a report that an attack had forced some of the company's production plants to close |
Ransomware | ★★ | |
 |
2023-02-23 10:27:10 | Ransomware : pourquoi les entreprises paient-elles encore les rançons ? (lien direct) | Pourquoi, lorsqu'elles sont victimes d'attaques par ransomware, les entreprises acceptent-elles encore de payer ? La réponse revêt plusieurs dimensions. | Ransomware | ★★ | |
|
2023-02-23 10:07:22 | VMware ESXi cible de cyberattaques : recommandations du laboratoire de détection des menaces de Varonis (lien direct) | Les serveurs exécutant le célèbre hyperviseur de virtualisation VMware ESXi ont été attaqués par au moins un groupe de ransomware au cours de la semaine dernière, probablement à la suite d'un balayage visant à identifier les hôtes présentant des vulnérabilités OpenSLP (Open Service Location Protocol). - Malwares | Ransomware | ★★ | |
 |
2023-02-23 10:00:53 | Fruit giant Dole suffers ransomware attack impacting operations (lien direct) | Dole Food Company, one of the world' largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations. [...] | Ransomware | ★ | |
|
2023-02-23 09:29:42 | Trellix relève que le gang de ransomware LockBit est le plus enclin à divulguer des données volées (lien direct) | Trellix relève que le gang de ransomware LockBit est le plus enclin à divulguer des données volées Le nouveau rapport du Advanced Research Center de Trellix révèle une augmentation des cyberattaques menées depuis la Chine, des attaques contre les infrastructures critiques et des attaques de voice-fishing dans le cadre d'" arnaques au président ". - Malwares | Ransomware | ★ | |
|
2023-02-22 14:57:19 | Trellix Finds LockBit Ransomware Gang Most Apt To Leak Stolen Data (lien direct) | Pas de details / No more details | Ransomware | ★★ | |
 |
2023-02-22 12:57:00 | Royal Ransomware Targets Linux ESXi Servers (lien direct) | This report shows threat actors actively pivoting to attack Linux/UNIX environments through a new Royal Ransomware variant. Learn more about the technical details of this Linux version. | Ransomware Threat | ★★ | |
 |
2023-02-22 10:10:00 | Time Taken to Deploy Ransomware Drops 94% (lien direct) | Extortion found to be most common impact from cyber-attacks in 2022 | Ransomware | ★★ | |
|
2023-02-22 10:09:36 | Rapport IBM : Les ransomwares persistent malgré l\'amélioration de la détection en 2022 (lien direct) | IBM annonce les résultats de l'édition 2023 de son rapport annuel X-Force Threat Intelligence Index sur le paysage mondial des menaces. L'industrie manufacturière est le secteur qui subit le plus d'extorsions ; les tentatives de détournement d'emails augmentent ; la réussite d'une attaque par ransomware passe de plusieurs mois à quelques jours - Malwares | Ransomware Threat | ★ | |
|
2023-02-22 10:08:17 | Le ransomware HardBit veut connaître les détails de l\'assurance pour fixer un nouveau prix idéal (lien direct) | Le ransomware HardBit veut connaître les détails de l'assurance pour fixer un nouveau prix idéal, Benoit Grunemwald - Expert en Cybersécurité chez ESET France réagit - Malwares | Ransomware | ★ | |
|
2023-02-22 07:19:07 | (Déjà vu) ASEC Weekly Malware Statistics (February 13th, 2023 – February 19th, 2023) (lien direct) | The AhnLab Security response Center (ASEC) analysis team uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from February 13th, 2023 (Monday) to February 19th, 2023 (Sunday). For the main category, backdoor ranked top with 50.8%, followed by downloader with 41.0%, Infostealer with 7.3%, ransomware with 0.8%, and CoinMiner with 0.2%. Top 1 – RedLine RedLine ranked first place with 49.4%. The malware steals various information such as... | Ransomware Malware | ★★ | |
 |
2023-02-22 05:46:58 | HardBit ransomware tells corporate victims to share their cyber insurance details (lien direct) | A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met. As security researchers at Varonis describe, a new strain of the HardBit ransomware has taken the unusual step of asking targeted companies to spill the beans of whether they have cyber insurance (and the terms of that insurance) anonymously. According to a part of a message in the ransomware note dropped on computers after an attack, sharing insurance details benefits both the victim and the attackers. ...since the sneaky insurance agent purposely negotiates... | Ransomware | ★ | |
|
2023-02-21 19:19:19 | LockBit gang takes credit for attack on water utility in Portugal (lien direct) |  The LockBit ransomware group has taken credit for a cyberattack on Águas e Energia do Porto - the water utility for the city of Porto |
Ransomware | ★★★ | |
|
2023-02-21 18:08:30 | Israel\'s Top Tech University Targeted by DarkBit Ransomware (lien direct) | An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message - and maybe something more. | Ransomware | ★★ | |
|
2023-02-21 15:48:01 | Rapport sur les ransomwares 2023 : la France au 5ème rang mondial des attaques par ransomware (lien direct) | Rapport sur les ransomwares 2023 : la France au 5ème rang mondial des attaques par ransomware Un éclairage d'Outpost24 sur les motivations à l'origine des attaques ainsi que sur les différents chiffres et tendances Les points importants du rapport : ● La France au 5ème rang mondial des attaques par ransomware ● LockBit est le groupe de cybercriminels qui génère le plus de ransomwares (monde et France) ○ 34 % des attaques enregistrées dans l'année, avec une moyenne d'environ 67 attaques par mois, soit un total d'un peu plus de 800 attaques ● 2363 entreprises ont été victimes de divulgations de données par divers groupes de ransomware en 2022. - Investigations | Ransomware | ★★★★ | |
|
2023-02-21 13:16:28 | Irish TV broadcaster says attempted hack will affect programming (lien direct) |  Virgin Media Television, the Irish broadcaster, said on Monday that an attempted hack was going to impact its programming in coming days. The nature of the attack has not been specified, although a spokesperson told The Record it was not a ransomware attack. In a statement the company described identifying “an unauthorized attempt to access [… |
Ransomware Hack | ★★★ | |
|
2023-02-21 12:02:58 | HardBit Ransomware Offers to Set Ransom Based on Victim\'s Cyberinsurance (lien direct) | HardBit ransomware operators want to work with victims to negotiate a ransom behind the back of cyberinsurance companies. | Ransomware | ★ | |
|
2023-02-21 11:00:00 | Ransomware Gang Seeks to Exploit Victim\'s Insurance Coverage (lien direct) | Ransomware group tries to demonize carriers in negotiations | Ransomware | ★ | |
|
2023-02-21 07:31:13 | GUEST ESSAY: Too many SMBs continue to pay ransomware crooks - exacerbating the problem (lien direct) | Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. Related: Threat detection for SMBs improves Not only do cyberattacks cost SMBs money, but the damage to a brand's reputation can also hurt growth and trigger the … (more…) | Ransomware Malware | ★★ | |
|
2023-02-21 00:00:00 | A Deep Dive into the Evolution of Ransomware Part 1 (lien direct) | This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. | Ransomware | ★★ | |
 |
2023-02-21 00:00:00 | Fight Ransomware with a Cybersecurity Audit (lien direct) | An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management. | Ransomware | ★★★ | |
|
2023-02-20 17:09:01 | HardBit ransomware wants insurance details to set the perfect price (lien direct) | A ransomware threat called HardBit has moved to version 2.0 and its operators are trying to negotiate a ransom payment that would be covered by the victim's insurance company. [...] | Ransomware Threat | ★★★★ | |
|
2023-02-20 14:00:00 | Majority of Ransomware Attacks Last Year Exploited Old Bugs (lien direct) | New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft. | Ransomware Threat | ★★★ | |
 |
2023-02-20 02:27:10 | GoDaddy joins the dots and realizes it\'s been under attack for three years (lien direct) | Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.… | Ransomware | ★★★★ | |
|
2023-02-20 00:00:00 | Royal Ransomware expands attacks by targeting Linux ESXi servers (lien direct) | Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog. | Ransomware | ★★ | |
|
2023-02-18 03:02:00 | Malware Arsenal used by Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) in attacks targeting Ukraine (samples) (lien direct) |  2023-02-18Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) is an Advanced Persistent Threat (APT) group believed to be based in Russia. Their primary targets have been diplomatic and government entities in Europe, particularly Ukraine, and the United States. They have also targeted various industries, including defense, energy, and technology. Download the full collectionEmail me if you need the password (see in my profile) (209 MB. 218 samples listed in the hash tables below).The malware arsenal collected here includes:Elephant framework (GrimPlant (Backdoor) and GraphSteel (Stealer).)Graphiron BackdoorOutSteel (LorecDocStealer)BabaDedaCobalt Strike (Beacon)SaintBot DownloaderWhisperGate WiperAPT Group DescriptionAPT Group aliases:UAC-0056 (UA CERT)Ember Bear (Crowdstrike)Saint Bear (F-Secure)UNC2589 (Fireeye, IBM)Lorec53 (NSFOCUS)TA471 (Proofpoint)Nodaria (Symantec)Nascent Ursa (Palo Alto)LorecBearBleeding Bear (Elastic)DEV-0586 (MIcrosoft)The group is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021.The group primarily targets Ukraine and Georgia, but has also targeted Western European and North American foreign ministries, pharmaceutical companies, and financial sector organizations.The group is known for using various malicious implants such as GrimPlant, GraphSteel, and CobaltStrike Beacon, as well as spear phishing attacks with macro-embedded Excel documents.In January 2022, the group performed a destructive wiper attack on multiple Ukrainian government computers and websites, known as WhisperGate.The Lorec53 group is a new type of APT group fi |
Ransomware Malware Hack Tool Vulnerability Threat Medical | ★★ | |
|
2023-02-17 21:03:38 | Semiconductor industry giant says ransomware attack on supplier will cost it $250 million (lien direct) |  Applied Materials said that a ransomware attack on part of its supply chain would cost it $250 million in the next quarter |
Ransomware | ★★ | |
 |
2023-02-17 14:00:00 | How Falling Crypto Prices Impacted Cyber Crime (lien direct) | >Some rare good news in the world of cyber crime trends: Certain crimes declined in 2022 after years of constant rises. Should we credit crypto? Some estimates say that cryptocurrencies have lost $2 trillion in value since November 2021. During that time, the costs associated with cyber crimes, such as ransomware payouts and financial scams, […] | Ransomware | ★★★ | |
|
2023-02-17 13:14:19 | Expect more sanctions and hacking operations on ransomware groups, top Justice official says (lien direct) |  Deputy Attorney General Lisa Monaco said the feds will continue to use sanctions and hacking operations as tools against ransomware groups |
Ransomware | ★★★ | |
|
2023-02-17 01:00:00 | Tracking Distribution Site of Magniber Ransomware Using EDR (lien direct) | AhnLab ASEC has been blocking the Magniber ransomware through various means since its distribution has continued even after, “Redistribution of Magniber Ransomware in Korea (January 28th),” was posted back in January. A particular finding at the time was that the ransomware used the <a> tag to bypass domain blocks. In order to detect this, we have researched response measures by tracking the distribution site URL through a different method. The team is working hard to prevent damages through means such... | Ransomware | ★★ | |
|
2023-02-17 00:00:00 | Overview of AhnLab\'s Response to Joint Cybersecurity Advisory Between South Korea and the United States on North Korean Ransomware (lien direct) | On February 10, intelligence agencies from South Korea and the United States announced a cybersecurity advisory in regard to ransomware attacks from North Korea. It is the first joint report between the South Korean National Intelligence Service and the United States’ National Security Agency (NSA), Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services (HHS) to raise awareness of cyberattacks from North Korea and protect both countries from ransomware. Title: Ransomware... | Ransomware | ★★ | |
|
2023-02-16 22:34:00 | ESXi Ransomware Update Outfoxes CISA Recovery Script (lien direct) | New ESXiArgs-ransomware attacks include a workaround for CISA's decryptor, researchers find. | Ransomware | ★★★ | |
 |
2023-02-16 18:07:49 | Cryptocurrency users in the US hit by ransomware and Clipper malware (lien direct) | >Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. | Ransomware Malware | ★★ | |
|
2023-02-16 17:00:00 | City of Oakland Declares State of Emergency After Ransomware Attack (lien direct) | Core functions are intact, but the city has taken certain non-emergency systems offline | Ransomware | ★★ | |
|
2023-02-16 16:39:18 | Scality selected as inaugural launch partner for Veeam Smart Object Storage API (lien direct) | Scality selected as inaugural launch partner for Veeam Smart Object Storage API Ranked #1 for backup use case by Gartner®, Scality joins forces with Veeam to simplify the 3-2-1 rule with a single-vendor architecture for immutable ransomware protection - Business News | Ransomware | ★ | |
 |
2023-02-16 15:43:00 | ESXiArgs Ransomware Hits Over 500 New Targets in European Countries (lien direct) | More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life." | Ransomware | ★★ | |
|
2023-02-16 15:11:59 | Will the ransom war ever end? (lien direct) | Another day, another ransomware attack. Question is, who is next? Because as new research reveals, ransomware ain't going anywhere. A new report from Ivanti, Cyber Security Works (CSW), Cyware, and Securin reveals the devastating toll that ransomware has had on organisations globally. The study, 2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management, identifies 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022-marking a 19% increase year-over-year. Furthermore, the survey findings indicate that IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware. - Special Reports | Ransomware Vulnerability Threat | ★★ | |
|
2023-02-16 12:11:07 | Companies must learn lessons from Royal Mail ransomware attack, says GlobalData (lien direct) | Following the leak of details of ransom negotiations between Royal Mail and ransomware group LockBit: David Bicknell, Principal Analyst in the Thematic Intelligence team at GlobalData, offers his view. - Opinion | Ransomware | ★★ | |
|
2023-02-16 11:34:00 | (Déjà vu) Ransomware Roundup – CatB Ransomware (lien direct) | In this week's Ransomware Roundup, FortiGuard Labs covers CatB ransomware along with protection recommendations. Read the blog to find out more. | Ransomware | ★★ |
To see everything:
