What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-07 11:05:03 | Subsidiary of DXC Technology Suffers Ransomware Attack (lien direct) | Xchanging, a managed service provider for those in the insurance industry, has recently informed its investors of a ransomware attack on some of its systems. The incident was initially reported on the 5th of July but representatives of the company claimed that the ransomware did not spread outside of the Xchanging network. Moreover, investigations appear […] | Ransomware | ||
|
2020-07-02 09:42:43 | (Déjà vu) US news sites attacked with WastedLocker ransomware (lien direct) | Dozens of US newspaper websites owned by the same company were hacked by the Evil Corp gang to infect the employees of over 30 major US private firms. The cybercriminal outfit lured users with fake software update alerts displayed by the malicious SocGholish JavaScript-based framework. After downloads were made, the employees’ computers were the used […] | Ransomware | ||
|
2020-07-01 10:00:57 | (Déjà vu) EvilQuest malware uses ransomware as decoy to steal data from Macs (lien direct) | A new info-stealer and data wiper malware called EvilQuest uses ransomware as a cover to steal files from macOS users. The victims get infected after downloading trojanized installers of popular apps from torrent trackers. EvilQuest was first spotted by K7 Lab malware researcher Dinesh Devadoss and analysed by Malwarebytes’ Director of Mac & Mobile Thomas […] | Ransomware Malware | ||
|
2020-07-01 09:51:07 | (Déjà vu) Xerox Corporation victim of Maze ransomware (lien direct) | Xerox Corporation is the latest victim of the Maze ransomware operators. Hackers have encrypted its files and threatened to release them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show […] | Ransomware | ||
|
2020-06-29 10:54:29 | University of California Paid Cybercriminals a £1 Million Ransom (lien direct) | The University of California, San Francisco (UCSF) says it paid cybercriminals $1.14 million (£1 million) to decrypt a “limited number of servers” in its School of Medicine that was hit by Netwalker ransomware earlier this month. The University – which has 10 campuses around California - was hit by the ransomware attack on June 1. It […] | Ransomware | ||
|
2020-06-26 10:15:17 | LG Electronics Fall Victim to Ransomware Attack (lien direct) | South Korean multinational LG Electronics have supposedly had their website breached and locked by Maze ransomware operators. No details about this attack have been released as of yet, but the cyber criminals claim to have stolen proprietary information for projects involving big US companies. If their ransom demands are not met, or contact with the […] | Ransomware | ||
|
2020-06-25 09:26:36 | FBI warns K12 schools of ransomware threats (lien direct) | The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools that “cyber actors […] | Ransomware | ||
|
2020-06-24 10:10:59 | Hakbit Ransomware Delivered Via Malicious Excel Attachments (lien direct) | A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial, business service, retail, and healthcare sectors. Low-volume style campaigns, sometimes called snowshoe spam attacks, use […] | Ransomware Spam | ||
|
2020-06-23 11:04:18 | (Déjà vu) Indiabulls Group hit with a Cyberattack (lien direct) | Indian conglomerate Indiabulls Group has allegedly been hit with a cyberattack from the CLOP Ransomware operators who have leaked screenshots of stolen data. The Indiabulls Group is an Indian conglomerate with $3.5 billion in revenue (2019), over 19,000 employees, and subsidiaries focusing on housing, personal finance and lending, infrastructure, and pharmaceuticals. “The Indiabulls Group is a […] | Ransomware | ||
|
2020-06-22 10:51:20 | Ransomware operators lurk on your network after their attack (lien direct) | When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over […] | Ransomware Threat | ||
|
2020-06-12 12:39:17 | (Déjà vu) Snake Ransomware Attack that targeted Honda has now targeted Enel Group (lien direct) | European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS (SNAKE) ransomware operators, the group that also targeted Honda earlier this week. Enel Group confirmed for BleepingComputer that its internal IT network was disrupted on Sunday evening […] | Ransomware | ||
|
2020-06-12 12:24:43 | (Déjà vu) Ransomware Attack Leads City of Knoxville to Shut Down Network (lien direct) | The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in […] | Ransomware | ||
|
2020-06-11 10:22:29 | (Déjà vu) Ransomware Auto-Spreads to Windows devices (lien direct) | The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. Thanos first began private distribution at the end of October 2019, but it was not until January 2020 when victims seeking help for […] | Ransomware Threat | ||
|
2020-06-09 11:38:29 | Third US College Hit with Ransomware Attack in a Week (lien direct) | Columbia College, Chicago has become the third US college in a week to fall victim to a cyber-attack involving the Netwalker family of ransomware. The Illinois educational establishment, along with Michigan State University and the University of California, San Francisco, was targeted by cyber-criminals and given six days to pay a ransom to recover its files. Netwalker, […] | Ransomware | ||
|
2020-06-09 11:33:13 | UK Consumers Believe CEOs Are Responsible For Cyberattacks (lien direct) | A survey by data protection firm Veritas Technologies found that more than a third (35%) of UK consumers would see a business leader as personally responsible if a cyber breach of that business occurs. It suggests that more than two-thirds (68%) believe they should be compensated when incidents such as ransomware attacks compromise their data, […] | Ransomware Guideline | ||
|
2020-06-09 11:22:13 | Honda May Have Been the Victim of a Ransomware Attack (lien direct) | Japanese automaker Honda has been hit by a cyber-attack which has impacted many of its business operations. The attack happened on Sunday 7th June, and led to problems across Honda’s IT networks in Europe and Japan. According to multiple reports, cyber actors targeted a Honda server with SNAKE (Ekans) ransomware aiming to cause damage to […] | Ransomware | ||
|
2020-06-08 11:50:57 | (Déjà vu) Ransomware Attacks Target QNAP NAS devices (lien direct) | The operators of the eCh0raix ransomware have launched another wave of attacks against QNAP network-attached storage (NAS) devices. The eCh0raix gang has been active since June 2019, when they first deployed a first version of their ransomware. Despite having its initial ransomware version decrypted, the group has never disappeared, deploying a newer version that security researchers […] | Ransomware | ||
|
2020-06-08 11:46:10 | (Déjà vu) Fake Decryptor Infects Devices with Ransomware (lien direct) | A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse. While ransomware operations such as Maze, REvil, Netwalker, and DoppelPaymer get wide media […] | Ransomware | ||
|
2020-06-04 10:15:25 | (Déjà vu) US colleges Under Attack by Netwalker Ransomware (lien direct) | The Netwalker Ransomware operators claim to have successfully attacked the University of California San Francisco (UCSF), stolen unencrypted data, and encrypted their computers. UCSF is a research university located in San Francisco, California, and is entirely focused on health sciences. According to the U.S. News & World Report’s college rankings, UCSF ranks #2 in medical schools […] | Ransomware | ||
|
2020-06-03 11:23:45 | (Déjà vu) Ransomware Gangs Form an Extortion Cartel (lien direct) | Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence. In November 2019, the Maze Ransomware operators transformed ransomware attacks into data breaches after they released unencrypted data of a victim who refused to pay. Soon after, they launched a dedicated “Maze News” site used to shame their […] | Ransomware | ||
|
2020-06-03 10:36:36 | One of NASA\'s IT Contractors Potentially Breached (lien direct) | The operators of the DopplePaymer ransomware have congratulated SpaceX and NASA for their first human-operated rocket launch and then immediately announced that they infected the network of one of NASA’s IT contractors. In a blog post published today, the DopplePaymer ransomware gang said it successfully breached the network of Digital Management Inc. (DMI), a Maryland-based […] | Ransomware | ||
|
2020-06-03 10:30:25 | (Déjà vu) eBay-like auction site created for stolen data (lien direct) | The operators of the REvil ransomware have launched a new auction site used to sell victim’s stolen data to the highest bidder. REvil, otherwise known as Sodinokibi, is a ransomware operation that breaches corporate networks using exposed remote desktop services, spam, exploits, and hacked Managed Service Providers. Once established on a network, they quietly spread laterally through the company […] | Ransomware | ||
|
2020-06-01 14:38:58 | (Déjà vu) Nipissing First Nation Locked Down By Ransomware (lien direct) | The Nipissing First Nation administration stopped a ransomware attack in its tracks but not soon enough to prevent disruption of communications. The attack was discovered on May 8 and affected all departments of the administration but most of the network remained unaffected. Source: BleepingComputer | Ransomware | ||
|
2020-05-29 09:58:00 | Toll Group resume services after ransomware (lien direct) | Toll Group has said it was making “good progress” with the restoration of its key online systems, following the ransomware attack it suffered after a January infection. In an update posted on Friday, the company said MyToll customers could now access most features and its Track and Trace function is available for a number of […] | Ransomware | ||
|
2020-05-28 10:18:51 | (Déjà vu) PonyFinal ransomware warning issued by Microsoft (lien direct) | Microsoft’s security team has issued an advisory today warning organizations around the globe to deploy protections against a new strain of ransomware that has been in the wild over the past two months. “PonyFinal is a Java-based ransomware that is deployed in human-operated ransomware attacks,” Microsoft said in a series of tweets published today. Human-operated […] | Ransomware | ||
|
2020-05-27 09:46:40 | Backdoor into Windows computers opened my malware (lien direct) | A new version of the Sarwent malware can open the Remote Desktop Protocol (RDP) port on target Windows computers to make sure that crooks can find their way back into the system through the backdoor. Whether that access is used later by the same crooks or sold to ransomware gangs or cyber espionage groups is […] | Ransomware Malware | ||
|
2020-05-21 09:41:26 | Stolen data on \'dark web\' after Toll Group ransomware attack (lien direct) | Toll Group has provided an update on the ransomware attack it suffered following a January infection. The Australian transport giant said, after revealing the extent of data theft it suffered earlier this month, that the stolen information has found its way onto the “dark web”. “Following our announcement last week that a ransomware attacker had […] | Ransomware | ||
|
2020-05-19 10:30:52 | Hackers threaten to release Trump\'s “dirty laundry” (lien direct) | The hacker group behind last week’s REvil (Sodinokibi) ransomware attack on New York-based law firm Grubman Shire Meiselas & Sacks is now demanding $42 million and threatening to release controversial information on U.S. President Donald Trump. Last week, the hacker group infiltrated the law firm’s network and stole personal data and contractual information belonging to […] | Ransomware | ||
|
2020-05-19 10:30:03 | QakBot Trojan and ProLock Ransomware join up to attack (lien direct) | ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection. A relatively new ransomware, ProLock, has paired up with the QakBot banking trojan to access victims' networks. ProLock's leveraging of QakBot gives it bolstered persistence, anti-detection and credential-dumping techniques. ProLock ransomware first […] | Ransomware | ||
|
2020-05-18 10:11:16 | (Déjà vu) ProLock ransomware decryptor branded ineffective by FBI (lien direct) | Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. The FBI issued a flash alert at the beginning of the month to alert organizations of the new threat actor, saying that its targets […] | Ransomware Threat | ||
|
2020-05-18 10:10:20 | Toll Group hacker stole employee data (lien direct) | Australian transport giant Toll Group has revealed the extent of data theft it has suffered after its second bout of ransomware this year, following a January infection. “Our ongoing investigations have established that the attacker has accessed at least one specific corporate server. This server contains information relating to some past and present Toll employees, […] | Ransomware | ||
|
2020-05-18 10:09:37 | Hacking crew arrested in Romania (lien direct) | The Romanian law enforcement authorities arrested four cybercriminals that were planning to launch ransomware attacks on health care organizations in Romania. Three hackers were arrested in Romania and the fourth one was arrested in the Republic of Moldova. The hackers were charged for committing crimes of illegal operations with computer devices and programs, illegal access […] | Ransomware | ||
|
2020-05-14 09:56:10 | Magellan Healthcare hit by ransomware attack (lien direct) | Logins, personal information and tax info were all exfiltrated ahead of the ransomware attack, thanks to a phishing email. Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, […] | Ransomware Guideline | ||
|
2020-05-14 09:55:12 | We won\'t pay, say Texas appellate courts after ransomware attack (lien direct) | Texas appellate courts and judicial agencies' websites and computer servers were shut down after a ransomware attack. A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested […] | Ransomware Guideline | ||
|
2020-05-14 09:51:48 | Ransomware attack on Diebold Nixdorf (lien direct) | ATM manufacturer Diebold Nixdorf has suffered a ransomware attack on its corporate network, disrupting some operations. The malware attack, first reported by security blogger Brian Krebs, did not affect the company’s ATMs or customer networks. Diebold Nixdorf discovered the issue – in which crooks appear to have installed the ProLock ransomware – on 25 April. […] | Ransomware Malware | ||
|
2020-05-14 09:17:45 | Fortune 500 Insurance Company Magellan Health Falls Victim to Ransomware Attack (lien direct) | Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, said the incident was discovered on April 11. It also said that it became apparent during a forensic investigation that […] | Ransomware Guideline | ||
|
2020-05-13 09:49:35 | “Anti-Ransomware Day” declared by Interpol (lien direct) | International crime-fighting organization INTERPOL has teamed up with cybersecurity firm Kaspersky to declare WannaCry’s third anniversary ‘Anti-Ransomware Day.’ bWannaCry, notorious as the largest ransomware epidemic in history, reached its peak on May 12, 2017. Recent research by Kaspersky confirms that three years on, WannaCry retains the dubious honor of being among the most prevalent ransomware […] | Ransomware | Wannacry | |
|
2020-05-12 10:15:05 | Ransomware attack on celebrity data (lien direct) | Today's big ransomware story is a star-studded affair, according to entertainment news website Variety.com. Variety says that the law firm Grubman Shire Meiselas & Sacks, or just gsmlaw.com for short, has experienced a ransomware attack that apparently involved the appropriately named REvil malware. Rather than simply knocking the law firm out of action temporarily, the […] | Ransomware | ||
|
2020-05-12 10:07:58 | Second Maze ransomware attack for Pitney Bownes (lien direct) | The cyber criminal group behind the increasingly dangerous Maze ransomware strain claims it has successfully encrypted systems at mailing and shipping services firm Pitney Bowes, less than a year after it was hit by a similar attack. previous major attack. The group behind Maze, which specialises in double extortion, a type of attack that increases […] | Ransomware | ||
|
2020-05-11 10:21:39 | New encrypt and open locked files features for Sodinokibi ransomware (lien direct) | The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent […] | Ransomware | ||
|
2020-05-11 10:19:31 | $70M ransomware loss for Cognizant (lien direct) | IT services provider Cognizant is expecting to lose between US$50 to US$70 million in the aftermath of a recent ransomware attack. The US-based company revealed on 18 April it had been hit by a “Maze” ransomware cyber attack, resulting in service disruptions for some of its clients. Although Cognizant claimed it responded “immediately” to the […] | Ransomware | ||
|
2020-05-07 09:55:52 | Snake ransomware attack at Fresenius Group hospital operator (lien direct) | A major ransomware attack has disrupted operations at Germany-based Fresenius Group, Europe’s largest private hospital operator whose dialysis products and services are in huge demand in the middle of the COVID-19 pandemic. The ransomware attack was first reported to security researcher Brian Krebs of KrebsOnSecurity by an employee of Fresenius Kabi, a division of the […] | Ransomware | ||
|
2020-05-06 09:30:58 | Ransomware attack on Taiwan\'s state-opened energy company (lien direct) | Ransomware has struck the computer systems of Taiwan's state-owned energy company, CPC Corp., according to local media and private forensic reports reviewed by CyberScoop. CPC Corp., an important national asset responsible for delivering oil products and importing liquefied natural gas (LNG), said Tuesday that, after hackers attacked its IT network, the company had restored some […] | Ransomware | ||
|
2020-05-01 10:09:55 | Shade release 750K encryption keys (lien direct) | The team behind the ransomware, first spotted in late 2014 and typically targeting Russian victims, apologized to victims in a post on GitHub. The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User “shade-team” posted four files on […] | Ransomware Threat | ||
|
2020-05-01 10:09:12 | New ransomware for hire: LockBit (lien direct) | Ransomware has emerged as one of the top threats facing large organizations over the past few years, with researchers reporting a more than a fourfold increase in detections last year. A recent infection by a fairly new strain called LockBit explains why: after it ransacked one company's poorly secured network in a matter of hours, […] | Ransomware | ||
|
2020-04-29 09:50:44 | Fake FBI porn warning is new ransomware strain (lien direct) | A variant of the Black Rose Lucy malware-as-a-service dropper, which originated in Russia a little over two years ago, downloads ransomware that passes itself off as an official message from the US's Federal Bureau of Investigation (FBI) in order to dupe victims into paying a ransom that they believe to be a fine. The new […] | Ransomware | ||
|
2020-04-29 09:46:59 | Cyber-attack suffered by Zaha Hadid Architects (lien direct) | Zaha Hadid Architects has warned architecture practices to be vigilant after hackers held its server to ransom while the company works remotely during the coronavirus pandemic. The practice, founded by the late Zaha Hadid, alerted the police after data was stolen last week, reported the Architects’ Journal. The hacker used ransomware to encrypt all the […] | Ransomware | ||
|
2020-04-28 10:12:57 | ExecuPharm internal data published after ransomware hack (lien direct) | U.S. pharmaceutical giant ExecuPharm has become the latest victim of data-stealing ransomware. ExecuPharm said in a letter to the Vermont attorney general's office that it was hit by a ransomware attack on March 13, and warned that Social Security numbers, financial information, driver licenses, passport numbers and other sensitive data may have been accessed. But […] | Ransomware Hack | ||
|
2020-04-22 09:51:29 | Ransomware Attacks Fall in USA (lien direct) | Ransomware attacks on the United States have diminished significantly and are “now at a level not seen in several years,” according to cybersecurity company Emsisoft. In new research published today, Emsisoft found a marked drop in ransomware attacks on US entities coinciding with the onset of the COVID-19 health crisis. In 2019, ransomware impacted 966 […] | Ransomware | ||
|
2020-04-20 10:52:34 | Cognizant Hacked with “Maze” Ransomware (lien direct) | “A security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack” Another IT services heavyweight has fallen victim to a ransomware attack, with the US's Cognizant - a $16.8 billion by 2019 revenue stalwart of the Fortune 500 - admitting over the […] | Ransomware |
To see everything:
Our RSS (filtrered)
