What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-27 10:52:30 | TrialWorks Ransomware Attack Disrupts Court Cases and Deadlines (lien direct) | TrialWorks, one of the top-rated providers of legal case management software for law firms and attorneys, became the victim of a ransomware attack earlier this month. [...] | Ransomware | ||
|
2019-10-25 19:03:32 | The Week in Ransomware - October 25th 2019 - Two Week Edition (lien direct) | In this special two week edition of the Week in Ransomware, we have a ton of news ranging from ransomware attacks, new REvill affiliate information, and new ransomware targeting the enterprise. [...] | Ransomware | ||
|
2019-10-25 16:45:00 | New FuxSocy Ransomware Impersonates the Notorious Cerber (lien direct) | A new ransomware has been discovered called FuxSocy that borrows much of its behavior from the notorious and now-defunct Cerber Ransomware. [...] | Ransomware | ||
|
2019-10-25 07:57:56 | Ransomware Attack Shuts Down City of Johannesburg\'s Systems (lien direct) | The City of Johannesburg municipality shut down the website, its e-services platform, and the billing system (SAP ISU and CRM) following a ransomware attack that also led to unauthorized information access according to a ransom note. [...] | Ransomware | ||
|
2019-10-22 16:24:26 | MedusaLocker Ransomware Wants Its Share of Your Money (lien direct) | A new ransomware called MedusaLocker is being actively distributed and victims have been seen from all over the world. It is not known at this time, how the attacker is distributing the ransomware. [...] | Ransomware | ||
|
2019-10-21 00:01:00 | Tools and Tactics of the Sodinokibi Ransomware Distributors (lien direct) | Using a network of honeypots, researchers from McAfee examined the tools and tactics used by the Sodinokibi Ransomware (REvil) affiliates to infect their victims with ransomware and compromise other machines on the network. [...] | Ransomware | ||
|
2019-10-18 14:02:21 | Maze Ransomware Now Delivered by Spelevo Exploit Kit (lien direct) | The Spelevo exploit kit has been spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player use after free vulnerability. [...] | Ransomware | ||
|
2019-10-18 11:00:00 | STOP Ransomware Decryptor Released for 148 Variants (lien direct) | The release of Emsisoft's STOP Ransomware decryption service is a huge achievement and will be a life saver for both the victims and the helpers on BleepingComputer. It should be noted, though, that while this decryptor can help with the majority of STOP variants, anyone who was infected after August 2019 cannot be helped. [...] | Ransomware | ||
|
2019-10-18 10:50:35 | (Déjà vu) REvil Ransomware Affiliates Partner with Corporate Intruders (lien direct) | Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks. [...] | Ransomware Malware | ||
|
2019-10-18 10:50:35 | REvil/Sodinokibi Ransomware Partners with Access-as-a-Service Providers (lien direct) | Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks. [...] | Ransomware Malware | ★★★★★ | |
|
2019-10-14 15:55:50 | Global Shipping Firm Pitney Bowes Affected by Ransomware Attack (lien direct) | Global shipping and mailing services company Pitney Bowes announced today that it was the victim of a ransomware attack that encrypted some of its systems, leading to a partial system outage that impacted customer access to some services. [...] | Ransomware Guideline | ||
|
2019-10-14 00:01:00 | Sodinokibi Ransomware: Following the Affiliate Money Trail (lien direct) | After a Sodinokibi ransomware affiliate posted partial transaction IDs for ransomware payments, researchers were able to use that information to follow the money trail for affiliates and in some cases, how they spend their illicit earnings. [...] | Ransomware | ||
|
2019-10-11 18:37:25 | The Week in Ransomware - October 11th 2019 - Decryptors Released! (lien direct) | We had some interesting news this week, such as the HildaCrypt ransomware releasing their keys, RobbinHood Ransomware bragging about their past exploits, a Muhstik Ransomware victim hacking back and stealing the decryption keys, and a Nemty decryptor being released. [...] | Ransomware | ||
|
2019-10-11 15:36:34 | Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit (lien direct) | The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware. [...] | Ransomware Malware | ||
|
2019-10-10 16:44:13 | Nemty Ransomware Decryptor Released, Recover Files for Free (lien direct) | Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free. [...] | Ransomware | ||
|
2019-10-10 13:34:16 | Apple Software Update Zero-Day Used by BitPaymer Ransomware (lien direct) | Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows. [...] | Ransomware Vulnerability | ||
|
2019-10-07 13:15:52 | RobbinHood Ransomware Using Street Cred to Make Victims Pay (lien direct) | The operators behind the RobbinHood ransomware have changed their language in the ransom note in an effort to take from victims all hope of decrypting the files for free and to make them pay for the recovery. [...] | Ransomware | ||
|
2019-10-07 11:55:01 | Muhstik Ransomware Victim Hacks Back, Releases Decryption Keys (lien direct) | A victim of the Muhstik Ransomware has hacked back against his attackers and released close to 3,000 decryption keys for victims along with a free decryptor to get their files back. [...] | Ransomware | ||
|
2019-10-07 04:01:12 | DCH Hospital Pays Ryuk Ransomware for Decryption Key (lien direct) | DCH hospitals in Alabama have decided to the pay ransom for the Ryuk Ransomware in order to receive a decryptor and get their computer systems back up and running. [...] | Ransomware | ||
|
2019-10-05 16:47:56 | HildaCrypt Ransomware Developer Releases Decryption Keys (lien direct) | The developer behind the HildaCrypt Ransomware has decided to release the ransomware's private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free. [...] | Ransomware | ||
|
2019-10-04 16:45:16 | The Week in Ransomware - October 4th 2019 - That\'s all Folks (lien direct) | This has been quite a busy week with lots of new variants, new ransomware attacks, including those targeting hospitals, and new information coming out about the REvil/Sodinokibi Ransomware. [...] | Ransomware | ||
|
2019-10-03 02:05:31 | FTCode PowerShell Ransomware Resurfaces in Spam Campaign (lien direct) | An old PowerShell ransomware has resurfaced with a vengeance in a spam distribution aimed at Italian recipients. This ransomware is called FTCode and is completely PowerShell based, which means it can encrypt the computer without downloading any additional components. [...] | Ransomware Spam | ||
|
2019-10-02 17:39:27 | FBI Warns U.S. Organizations About High Impact Ransomware (lien direct) | The U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) issued a public service announcement today regarding the increasing number of high-impact ransomware attacks against public and private U.S. organizations. [...] | Ransomware | ||
|
2019-10-02 12:24:15 | Sodinokibi Ransomware Builds An All-Star Team of Affiliates (lien direct) | The Sodinokibi Ransomware (REvil) has been making news lately as they target the enterprise, MSPs, and government entities through their hand-picked team of all-star affiliates. These affiliates appear to have had a prior history with the GandCrab RaaS and use similar distribution methods. [...] | Ransomware | ||
|
2019-10-01 12:39:11 | U.S. and Australian Hospitals Targeted by New Ransomware Attacks (lien direct) | Several hospitals and health service providers from the U.S. and Australia were forced to completely close down or shut down some of their systems after being hit by ransomware attacks that affected and disrupted their IT systems. [...] | Ransomware | ||
|
2019-09-30 17:25:23 | Free Ouroboros Ransomware (Zeropadypt NextGen) Decryption Available (lien direct) | Victims of the Ouroboros Ransomware, otherwise known as Zeropadypt NextGen, can get their files decrypted for free with the help of a security researcher and a decryptor that has been made for different variants. [...] | Ransomware | ||
|
2019-09-27 17:47:11 | The Week in Ransomware - September 27th 2019 - Quiet Before the Storm? (lien direct) | It is another week of small variants and minor ransomware being released, with no major ransomware attacks being publicized or new large scale ransomware attacks. [...] | Ransomware | ||
|
2019-09-26 12:39:33 | REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam (lien direct) | A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. [...] | Ransomware Spam | ||
|
2019-09-25 15:05:01 | Ransomware Decryptors Released for Yatron, WannaCryFake, & FortuneCrypt (lien direct) | Security vendors released decryptors for three ransomware infections today that allow victims to recover their files for free. These decryptors are for the WannaCryFake, Yatron, and FortuneCrypt Ransomware infections. [...] | Ransomware | Wannacry | |
|
2019-09-24 14:55:15 | Shared Code Links Sodinokibi to GandCrab, Minus the Fun & Games (lien direct) | Hints of a connection between the defunct GandCrab and the Sodinokibi ransomware get stronger as researchers find code-level similarities and artifacts suggesting continued operations. [...] | Ransomware | ||
|
2019-09-20 18:41:58 | The Week in Ransomware - September 20th 2019 - Fairly Quiet (lien direct) | This has been a fairly quiet week with no real big news other than further updates from Nemty, the introduction of TFlower, and another Ordinypt campaign targeting Germany. [...] | Ransomware | ||
|
2019-09-20 15:03:00 | Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About (lien direct) | Have you ever heard of the STOP Ransomware? Probably not, as few write about it, most researchers don't cover it, and for the most part it targets consumers through cracked software, adware bundles, and shady sites. [...] | Ransomware | ||
|
2019-09-17 13:18:17 | TFlower Ransomware - The Latest Attack Targeting Businesses (lien direct) | The latest ransomware targeting corporate environments is called TFlower and is being installed on networks after attackers hack into exposed Remote Desktop services. [...] | Ransomware Hack | ||
|
2019-09-16 03:35:07 | How to Enable Ransomware Protection in Windows 10 (lien direct) | Windows Defender includes a security feature called "Ransomware Protection" that allows you to enable various protections against ransomware infections. This feature is disabled by default in Windows 10, but with ransomware running rampant, it is important to enable this feature in order to get the most protection on your computer. [...] | Ransomware | ||
|
2019-09-14 15:11:58 | Nemty Ransomware Update Lets It Kill Processes and Services (lien direct) | Nemty ransomware is under active development, although its version number may not show it. Its authors are clearly making efforts to make it a more efficient and sophisticated malware and it begins wider distribution. [...] | Ransomware Malware | ||
|
2019-09-13 20:40:25 | The Week in Ransomware - September 13th 2019 - Exploit Kits (lien direct) | This week was your standard mix of new variants of existing ransomware and new ransomware families being released. [...] | Ransomware | ||
|
2019-09-13 05:56:05 | Giant Entercom Radio Network Deals with Ransomware-Like Incident (lien direct) | Entercom Communications, one of the largest radio station owners in the U.S. has been dealing with a cyberattack that looks very much like a ransomware incident. The issue occurred over the past weekend and affects all offices the company has across the country. [...] | Ransomware | ||
|
2019-09-11 15:44:01 | Ryuk Related Malware Steals Confidential Military, Financial Files (lien direct) | A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. [...] | Ransomware Malware | ||
|
2019-09-09 16:49:00 | Exploit Kits Target Windows Users with Ransomware and Trojans (lien direct) | Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers. [...] | Ransomware | ||
|
2019-09-08 11:01:01 | Fake PayPal Site Spreads Nemty Ransomware (lien direct) | A web page pretending to offer an official application from PayPal is currently spreading Nemty ransomware to unsuspecting users. [...] | Ransomware | ||
|
2019-09-06 16:56:00 | The Week in Ransomware - September 6th 2019 - Three Week Roundup (lien direct) | Over the past three weeks, we have seen a lot of attacks on schools, local government entities, and MSPs by the REvil and Ryuk crews. These targets tend to pay large ransoms through insurance and thus are prime targets for the ransomware affiliates and developers. [...] | Ransomware | ||
|
2019-09-06 10:19:03 | Lilocked Ransomware Actively Targeting Servers and Web Sites (lien direct) | A relatively new ransomware named Lilocked by researchers and Lilu by the developers is actively targeting servers and encrypting the data located on them. All of the known infected servers are web sites, which is causing the encrypted files to show up in Google search results. [...] | Ransomware | ★★ | |
|
2019-09-05 13:13:05 | Students Rejoice: School District Closed by Ransomware Attack (lien direct) | The summer school holiday has not ended for students in Flagstaff, Arizona, as a ransomware attack hitting the School District computers forces the decision to cancel classes for today. The schedule for tomorrow is uncertain. [...] | Ransomware | ||
|
2019-09-05 06:30:03 | Ransomware Adopts DoppelPaymer Name Given by Researchers (lien direct) | Whether it be malware devs contacting us about our stories or commenting in our forums, we all know that the ransomware developers monitor researchers and technology sites for information about their programs. Nothing shows this better, than a ransomware that recently decided to adopt the name given to it by researchers. [...] | Ransomware Malware | ||
|
2019-09-05 03:33:03 | Hackers Ask for $5.3 Million Ransom, Turn Down $400k, Get Nothing (lien direct) | Hackers infecting the computer systems of the city of New Bedford, Massachusetts, with ransomware wouldn't settle for anything less that than $5.3 million to decrypt the data. The ransom was too high and they got a big fat nothing in return. [...] | Ransomware | ||
|
2019-09-03 04:48:05 | Nemty Ransomware Gets Distribution from RIG Exploit Kit (lien direct) | The operators of Nemty ransomware appear to have struck a distribution deal to target systems with outdated technology that can still be infected by exploit kits. [...] | Ransomware | ||
|
2019-09-02 11:27:03 | Sodinokibi Ransomware Spreads via Fake Forums on Hacked Sites (lien direct) | A distributor for the Sodinokibi Ransomware is hacking into WordPress sites and injecting JavaScript that displays a fake Q & A forum post over the content of the original site. This fake post contains an "answer" from the site's "admin" that contains a link to the ransomware installer. [...] | Ransomware | ||
|
2019-08-30 09:22:05 | A Look Inside the Highly Profitable Sodinokibi Ransomware Business (lien direct) | Sodinokibi operators started looking for affiliates soon after the GandCrab ransomware-as-a-service (RaaS) shutdown. High-profile members in the underground community have already joined the private program. [...] | Ransomware | ||
|
2019-08-29 17:53:05 | Sodinokibi Ransomware Encrypts Records of Hundreds of Dental Practices (lien direct) | A ransomware attack hit a remote data backup service and encrypted files from dental practices in the U.S. Hundreds of customers relying on the backup solution had their data locked by the Sodinokibi file-encrypting malware. [...] | Ransomware | ||
|
2019-08-26 03:29:02 | New Nemty Ransomware May Spread via Compromised RDP Connections (lien direct) | A new ransomware has been spotted over the weekend, carrying references to the Russian president and antivirus software. The researchers call is Nemty. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
