Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-06-06 15:54:02 |
Mandiant: “No evidence” we were hacked by LockBit ransomware (lien direct) |
American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...] |
Ransomware
|
|
|
|
2022-06-06 12:56:10 |
Ransomware gangs now give victims time to save their reputation (lien direct) |
Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. [...] |
Threat
Ransomware
|
|
|
|
2022-06-03 16:41:26 |
The Week in Ransomware - June 3rd 2022 - Evading sanctions (lien direct) |
Ransomware gangs continue to evolve their operations as victims refuse to pay ransoms due to sanctions or other reasons. [...] |
Ransomware
|
|
|
|
2022-06-02 16:35:29 |
Evil Corp switches to LockBit ransomware to evade sanctions (lien direct) |
The Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets' networks to evade sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC). [...] |
Ransomware
|
|
|
|
2022-06-02 15:01:51 |
Ransomware gang now hacks corporate websites to show ransom notes (lien direct) |
A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. [...] |
Ransomware
Hack
|
|
|
|
2022-06-02 09:22:31 |
Conti ransomware targeted Intel firmware for stealthy attacks (lien direct) |
Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [...] |
Ransomware
|
|
|
|
2022-06-02 04:20:27 |
Foxconn confirms ransomware attack disrupted production in Mexico (lien direct) |
Foxconn electronics manufacturer has confirmed that one of its Mexico-based production plants has been impacted by a ransomware attack in late May. [...] |
Ransomware
|
|
|
|
2022-06-01 07:32:43 |
Ransomware attacks need less than four days to encrypt systems (lien direct) |
The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019. [...] |
Ransomware
|
|
|
|
2022-05-31 13:34:25 |
Costa Rica\'s public health agency hit by Hive ransomware (lien direct) |
All computer systems on the network of Costa Rica's public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. [...] |
Ransomware
|
|
|
|
2022-05-28 11:10:00 |
Clop ransomware gang is back, hits 21 victims in a single month (lien direct) |
After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...] |
Ransomware
|
|
|
|
2022-05-27 09:23:18 |
BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (lien direct) |
Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. [...] |
Ransomware
|
|
|
|
2022-05-26 15:44:58 |
Windows 11 KB5014019 breaks Trend Micro ransomware protection (lien direct) |
This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...] |
Ransomware
|
|
★★★
|
|
2022-05-26 08:02:01 |
Industrial Spy data extortion market gets into the ransomware game (lien direct) |
The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...] |
Ransomware
|
|
|
|
2022-05-25 15:25:48 |
New \'Cheers\' Linux ransomware targets VMware ESXi servers (lien direct) |
A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...] |
Ransomware
|
|
|
|
2022-05-25 07:43:34 |
(Déjà vu) SpiceJet airline passengers stranded after ransomware attack (lien direct) |
Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] |
Ransomware
|
|
|
|
2022-05-25 07:43:34 |
Indian airline SpiceJet\'s flights impacted by ransomware attack (lien direct) |
Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] |
Ransomware
|
|
|
|
2022-05-24 13:34:32 |
US Senate: Govt\'s ransomware fight hindered by limited reporting (lien direct) |
A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. [...] |
Ransomware
|
|
|
|
2022-05-21 13:32:30 |
Ransomware attack exposes data of 500,000 Chicago students (lien direct) |
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. [...] |
Ransomware
Data Breach
|
|
|
|
2022-05-20 20:08:20 |
The Week in Ransomware - May 20th 2022 - Another one bites the dust (lien direct) |
Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...] |
Ransomware
|
|
|
|
2022-05-19 19:32:59 |
Conti ransomware shuts down operation, rebrands into smaller units (lien direct) |
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...] |
Ransomware
Guideline
|
|
|
|
2022-05-19 14:26:06 |
Media giant Nikkei\'s Asian unit hit by ransomware attack (lien direct) |
Publishing giant Nikkei disclosed that the group's headquarters in Singapore was hit by a ransomware attack almost one week ago, on May 13th. [...] |
Ransomware
|
|
|
|
2022-05-19 06:38:26 |
QNAP alerts NAS customers of new DeadBolt ransomware attacks (lien direct) |
Taiwan-based network-attached storage (NAS) maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. [...] |
Ransomware
|
|
|
|
2022-05-19 05:36:56 |
Ransomware gangs rely more on weaponizing vulnerabilities (lien direct) |
Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks. [...] |
Ransomware
|
|
|
|
2022-05-18 16:13:12 |
National bank hit by ransomware trolls hackers with dick pics (lien direct) |
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination). [...] |
Ransomware
|
|
|
|
2022-05-16 16:46:50 |
US links Thanos and Jigsaw ransomware to 55-year-old doctor (lien direct) |
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. [...] |
Ransomware
|
|
|
|
2022-05-16 10:17:58 |
Engineering firm Parker discloses data breach after ransomware attack (lien direct) |
The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month. [...] |
Ransomware
Data Breach
|
|
|
|
2022-05-13 16:58:23 |
The Week in Ransomware - May 13th 2022 - A National Emergency (lien direct) |
While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...] |
Threat
Ransomware
Malware
|
|
|
|
2022-05-12 15:18:45 |
Eternity malware kit offers stealer, miner, worm, ransomware tools (lien direct) |
Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...] |
Threat
Ransomware
Malware
|
|
|
|
2022-02-14 14:31:00 |
Sports brand Mizuno hit with ransomware attack delaying orders (lien direct) |
Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. [...] |
Ransomware
|
|
|
|
2022-02-14 10:41:14 |
(Déjà vu) FBI: BlackByte ransomware breached US critical infrastructure (lien direct) |
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. [...] |
Ransomware
|
|
|
|
2022-02-13 08:22:11 |
NFL\'s San Francisco 49ers hit by Blackbyte ransomware attack (lien direct) |
The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. [...] |
Ransomware
|
|
|
|
2022-02-11 16:57:54 |
The Week in Ransomware - February 11th 2022 - Maze, Egregor decryptors (lien direct) |
We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations. [...] |
Ransomware
|
|
★★★
|
|
2022-02-09 10:26:31 |
Ransomware dev releases Egregor, Maze master decryption keys (lien direct) |
The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. [...] |
Ransomware
Malware
|
|
|
|
2022-02-08 07:45:04 |
NetWalker ransomware affiliate sentenced to 80 months in prison (lien direct) |
Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. [...] |
Ransomware
Guideline
|
|
|
|
2022-02-07 15:49:03 |
Puma hit by data breach after Kronos ransomware attack (lien direct) |
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...] |
Ransomware
Data Breach
|
|
|
|
2022-02-07 12:08:23 |
(Déjà vu) Free decryptor released for TargetCompany ransomware victims (lien direct) |
Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. [...] |
Ransomware
|
|
|
|
2022-02-06 10:17:34 |
Law enforcement action push ransomware gangs to surgical attacks (lien direct) |
The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [...] |
Threat
Ransomware
Guideline
|
|
|
|
2022-02-05 17:29:54 |
BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs (lien direct) |
The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation. [...] |
Ransomware
|
|
|
|
2022-02-05 10:00:00 |
FBI shares Lockbit ransomware technical details, defense tips (lien direct) |
The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday. [...] |
Ransomware
|
|
|
|
2022-02-04 19:15:26 |
The Week in Ransomware - February 4th 2022 - Critical Infrastructure (lien direct) |
Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks. [...] |
Threat
Ransomware
|
|
|
|
2022-02-04 13:16:06 |
A look at the new Sugar ransomware demanding low ransoms (lien direct) |
A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. [...] |
Ransomware
|
|
|
|
2022-02-04 11:01:14 |
HHS: Conti ransomware encrypted 80% of Ireland\'s HSE IT systems (lien direct) |
A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack. [...] |
Threat
Ransomware
|
|
|
|
2022-02-04 09:29:04 |
Swissport ransomware attack delays flights, disrupts operations (lien direct) |
Aviation services company Swissport International has disclosed a ransomware attack that has impacted its IT infrastructure and services, causing flights to suffer delays. [...] |
Ransomware
|
|
|
|
2022-02-02 11:49:49 |
KP Snacks giant hit by Conti ransomware, deliveries disrupted (lien direct) |
KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets. [...] |
Ransomware
Guideline
|
|
★★★★
|
|
2022-02-02 11:02:58 |
Business services provider Morley discloses ransomware incident (lien direct) |
Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [...] |
Threat
Ransomware
Data Breach
|
|
|
|
2022-02-01 14:00:00 |
Cyberspies linked to Memento ransomware use new PowerShell malware (lien direct) |
An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called PowerLess and developed using PowerShell. [...] |
Ransomware
Malware
Conference
|
APT 35
APT 35
|
|
|
2022-01-31 14:28:48 |
QNAP: DeadBolt ransomware exploits a bug patched in December (lien direct) |
Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks. [...] |
Ransomware
|
|
|
|
2022-01-28 16:57:32 |
The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet (lien direct) |
It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. [...] |
Ransomware
|
|
|
|
2022-01-28 01:30:00 |
QNAP force-installs update after DeadBolt ransomware hits 3,600 devices (lien direct) |
QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. [...] |
Ransomware
|
|
|
|
2022-01-27 14:28:27 |
Taiwanese Apple and Tesla contractor hit by Conti ransomware (lien direct) |
Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. [...] |
Ransomware
|
|
|