What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-06 14:30:00 | CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams (lien direct) |
CyberheistNews Vol 12 #49 | December 6th, 2022
[Keep An Eye Out] Beware of New Holiday Gift Card Scams
By Roger A. Grimes
Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something.
The gift card market is estimated in the many hundreds of BILLIONS of dollars. Who doesn't like to get a free gift card? Unfortunately, scammers often use gift cards as a way to steal value from their victims. There are dozens of ways gift cards can be used by scammers to steal money.
Roger covers these three scams in a short [VIDEO] and in detail on the KnowBe4 blog:
You Need to Pay a Bill Using Gift Cards
Maliciously Modified Gift Cards in Stores
Phish You for Information to Supposedly Get a Gift Card
Blog post with 2:13 [VIDEO] and links you can share with your users and family:https://blog.knowbe4.com/beware-of-holiday-gift-card-scams
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.
Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.
NEW! KnowBe4 Mobile Learner App - Users Can Now Train Anytime, Anywhere!
NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers
NEW! AI-Driven phishing and training recommendations for your end users
Did You Know? You can upload your own training video and SCORM modules into your account for home workers
Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes
Find out how 50,000+ organizations have mobilized their end-users as their human firewall.
Date/Time: TOMORROW, Wednesday, December 7 @ 2:00 PM (ET)
Save My Spot!https://event.on24.com/wcc/r/3947028/0273119CCBF116DBE42DF81F151FF99F?partnerref=CHN3
|
Ransomware Data Breach Spam Hack Tool Guideline | ★★★ | |
 |
2022-12-06 14:10:34 | Action1 Unveils AI-Based Threat Actor Filtering to Thwart Abuse of Its Remote Management Platform by Ransomware Groups (lien direct) | Action1 Unveils AI-Based Threat Actor Filtering to Thwart Abuse of Its Remote Management Platform by Ransomware Groups With cybercriminals increasingly abusing legitimate remote access and remote management tools, Action1 has upgraded its platform with AI-based automatic blocking of hackers' accounts, which prevents illicit usage of its service. - Product Reviews | Ransomware Threat | ★★ | |
 |
2022-12-06 14:00:00 | Inside the Second White House Ransomware Summit (lien direct) | >Ransomware is a growing, international threat. It’s also an insidious one. The state of the art in ransomware is simple but effective. Well-organized criminal gangs hiding in safe-haven countries breach an organization, find, steal and encrypt important files. Then they present victims with the double incentive that, should they refuse to pay, their encrypted files […] | Ransomware | ★★ | |
 |
2022-12-06 13:59:00 | Ransomware attack knocks Rackspace\'s Exchange servers offline (lien direct) | Cloud services and hosting provider Rackspace Technology acknowledged Tuesday that a recent incident that took most of its Hosted Exchange email server business offline was the product of a ransomware attack. The company shut the service down last Friday.It was not initially clear what had caused the outage, but Rackspace quickly moved to shift Exchange customers over to Microsoft 365, as this part of the company's infrastructure was apparently unaffected.Rackspace offers migration to Microsoft 365 Rackspace said today that there is “no timeline” for restoration of Exchange service, but it is offering Exchange users technical assistance and free access to Microsoft 365 as a substitute, though it acknowledged that migration is unlikely to be a simple process for every user. Rackspace said that, while the migration is in progress, customers can forward emails sent to their Hosted Exchange inboxes to an external server, as a temporary workaround.To read this article in full, please click here | Ransomware | ★ | |
 |
2022-12-06 12:04:33 | CryWiper Data Wiper Targeting Russian Sites (lien direct) | Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that’s not vital for the functioning of the operating system. It doesn’t affect files with extensions .exe, .dll, .lnk, .sys or .msi, and ignores several system folders in the C:\Windows directory. The malware focuses on databases, archives, and user documents. So far, our experts have seen only pinpoint attacks on targets in the Russian Federation. However, as usual, no one can guarantee that the same code won’t be used against other targets... | Ransomware Malware | ★★★ | |
 |
2022-12-06 11:41:00 | Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware (lien direct) | A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its "weak architecture and programming." Cryptonite, unlike other ransomware strains, is not available for sale on the cybercriminal underground, and was instead offered for free by an actor named CYBERDEVILZ until recently through a GitHub repository. The source code and | Ransomware Malware | ★★★ | |
 |
2022-12-06 10:31:18 | Rackspace confirms outage was caused by ransomware attack (lien direct) | Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage. [...] | Ransomware | ★★★ | |
 |
2022-12-06 06:00:00 | Action1 launches threat actor filtering to block remote management platform abuse (lien direct) | Action1 has announced new AI-based threat actor filtering to detect and block abuse of its remote management platform. The cloud-native patch management, remote access, and remote monitoring and management (RMM) firm stated its platform has been upgraded to spot abnormal user behavior and automatically block threat actors to prevent attackers exploiting its tool to carry out malicious activity. The release comes amid a trend of hackers misusing legitimate systems management platforms to deploy ransomware or steal data from corporate environments.Action1 platform enhanced to identify and terminate RMM abuse In an announcement, Action1 stated that the new enhancement helps ensure that any attempt at misuse of its remote management platform is identified and terminated before cybercriminals accomplish their goals. “It scans user activity for suspicious patterns of behavior, automatically suspends potentially malicious accounts, and alerts Action1's dedicated security team to investigate the issue,” it added.To read this article in full, please click here | Ransomware Tool Threat | ★★ | |
|
2022-12-06 05:40:00 | BrandPost: Five Ways to Enhance Your Security Stack Right Now (lien direct) | As we look at how the threat landscape might evolve, one thing is certain: Bad actors are increasingly adding more attack tactics and vectors to their playbooks. Case in point: In the first half of 2022, the number of new ransomware variants identified increased by nearly 100% compared to the previous six-month period, largely thanks to the rise in popularity of Ransomware-as-a-Service (RaaS). Combine this proliferation of new threats with expanding attack surfaces, resulting in elevated risk levels impacting every industry.To read this article in full, please click here | Ransomware | ★★ | |
|
2022-12-05 19:32:00 | New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers (lien direct) | Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers. "The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants, and server physical damage (bricking)," | Ransomware Guideline | ★★ | |
|
2022-12-05 17:54:00 | Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware (lien direct) | A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts. "Although it disguises itself as a ransomware and extorts money from the victim for 'decrypting' data, [it] does not actually encrypt, but purposefully destroys data in the affected system," Kaspersky researchers Fedor Sinitsyn and Janis Zinchenko said in a | Ransomware Malware Medical | APT 38 | ★★★ |
 |
2022-12-05 17:37:16 | Cybersecurity Risk Management In The Real World (lien direct) | New cyber risks, data breaches, attack trajectories, and undisclosed vulnerabilities emerge every year. In 2022 alone, 71% of organisations were hit by ransomware attacks, with more than 60% paying the ransom to retrieve the damaged data. One unsettling truth emerges from the present environment of cybersecurity risk management: controlling cyber risk throughout an organization is […] | Ransomware | ★★ | |
|
2022-12-05 15:41:11 | Ransomware attack forces French hospital to transfer patients (lien direct) | The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that hit on Saturday evening. [...] | Ransomware | ★★ | |
|
2022-12-05 14:01:54 | Kaspersky prévoit des changements dans le paysage des menaces pour les systèmes de contrôle industriel en 2023 (lien direct) | Les chercheurs de l'ICS CERT de Kaspersky ont partagé leurs prédictions concernant les évolutions et les risques concernant les systèmes de contrôle industriel auxquels les organisations doivent se préparer en 2023. Parmi ces prédictions, les experts de Kaspersky prévoient une augmentation de la surface d'attaque due à la numérisation, des activités d'initiés bénévoles et cybercriminels, des attaques de ransomware ciblant les infrastructures critiques, mais aussi des incidences techniques, économiques et géopolitiques sur les capacités de détection des menaces et l'augmentation des vulnérabilités potentielles exploitées par les agents malveillants. - Points de Vue | Ransomware Industrial | ★★★★ | |
 |
2022-12-05 10:00:58 | If one sheep leaps over the ditch… (lien direct) | In this report, Kaspersky researchers discuss propagation methods of several ransomware families, and a vulnerable driver abuse case that may become a trend. | Ransomware | ★★★ | |
 |
2022-12-05 07:57:00 | The Story of a Ransomware Turning into an Accidental Wiper (lien direct) | FortiGuard Labs provides a deeper analysis of an open-source Cryptonite ransomware sample that never offers a decryption window, but instead acts as wiper malware. Read to find out more. | Ransomware | ★★ | |
 |
2022-12-05 00:18:31 | Les pirates Play payés par 16 entreprises en 15 jours ? (lien direct) | Les pirates informatiques du groupe Play Ransomware ont-ils été payés 16 fois sur 24 prises d'otages d'entreprises ?... | Ransomware | ★★ | |
|
2022-12-02 17:51:35 | The Week in Ransomware - December 2nd 2022 - Disrupting Health Care (lien direct) | This week's big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country's largest healthcare providers. [...] | Ransomware | ★★ | |
|
2022-12-02 17:36:35 | Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations (lien direct) |
|
Ransomware | ★★ | |
 |
2022-12-02 15:45:58 | Cybersecurity fears are just the tip of the iceberg for CTOS (lien direct) | That CTOs should be concerned about cybersecurity and data breaches is perhaps not the biggest surprise. 2022 has seen more data breaches than ever before, and it feels like the impact of a breach is increasing too. Damage to the brand, paying ransomware costs, time and resources to address the breach, data privacy law penalties […] | Ransomware | ★★★ | |
 |
2022-12-02 13:00:00 | FBI, CISA Issue Warning on Cuba Ransomware (lien direct) |
|
Ransomware | ★★★ | |
 |
2022-12-02 10:15:00 | Cuba Ransomware Actors Pocket $60m (lien direct) | Number of US victims has doubled over the past year | Ransomware | ★★★ | |
|
2022-12-02 09:47:18 | Près de 6 entreprises françaises sur 10 effectuent leur veille de renseignement sur les menaces sur les réseaux sociaux, selon une étude Kaspersky (lien direct) | Près de 6 entreprises françaises sur 10 effectuent leur veille de renseignement sur les menaces sur les réseaux sociaux, selon une étude Kaspersky • 47% des décideurs européens et 55% des décideurs français se basent sur des articles de presse, des blogs de l'industrie et les réseaux sociaux pour se nourrir en threat intelligence (renseignement sur la menace). • 40% des dirigeants européens et jusqu'à 48,5% des dirigeants français font appel à des équipes internes pour regrouper des renseignements sur la menace et les aborder pendant les comités de direction. • Pour autant, environ 45% des dirigeants de grande entreprise, en France, trouvent que les termes basiques de cybersécurité, tels que malware, phishing et ransomware sont confus. - Points de Vue | Ransomware Threat | ★★★ | |
 |
2022-12-02 09:03:00 | Hunting and remediating BlackCat ransomware (lien direct) | >By Anish Bogati and Bibek Thapa Magar; Security Research Contents TL;DR Hunting and remediating BlackCat ransomware Fast Facts Technical Analysis Detecting BlackCat with Logpoint Investigation and response using Logpoint SOAR Recommended Mitigation Despite prevalence and sophistication, it's easy to detect BlackCat TL;DR Known by many names, including ALPHV, AlphaV, ALPHVM, and Noberus, BlackCat ransomware [...] | Ransomware | ★★★ | |
|
2022-12-02 01:04:00 | Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities (lien direct) | The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of... | Ransomware Threat | ★★ | |
 |
2022-12-02 00:54:11 | (Déjà vu) ASEC Weekly Malware Statistics (November 21st, 2022 – November 27th, 2022) (lien direct) | The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 21st, 2022 (Monday) to November 27th (Sunday). For the main category, downloader ranked top with 40.3%, followed by Infostealer with 35.8%, backdoor with 16.3%, ransomware with 7.2%, and CoinMiner with 0.4%. Top 1 – AgentTesla AgentTesla is an Infostealer that ranked first place with 17.3%. It leaks user credentials saved in web... | Ransomware Malware | ★★ | |
|
2022-12-01 18:00:00 | Hackers Target Colombia\'s Healthcare System With Ransomware (lien direct) | The attack disrupted IT operations, websites and scheduling of medical appointments | Ransomware | ★★★ | |
|
2022-12-01 15:47:53 | Mimecast comments on growing legislation (lien direct) | The geopolitical landscape is constantly changing, and a rise in Cybercriminals using geopolitical events as an opportunity to conduct a variety of cyberattacks, ransomware included, has become a worrisome trend; now the UK government think the time to act is now. Below is a comment from Jonathan Miles, Head of Strategic Intelligence and Security Research Mimecast, on how increased legislation is now expected. - Opinion | Ransomware | ★★ | |
 |
2022-12-01 11:00:27 | Is there a way for healthcare providers to prevent cyber-attacks from spreading? (lien direct) | >By Antoine Korulski, Product Marketing Manager, Infinity architecture Highlights: The Healthcare sector was the most targeted industry for ransomware during the third quarter of 2022, with one in 42 organizations impacted by ransomware. 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio, they concluded that having too many security vendors results… | Ransomware | ★★ | |
|
2022-12-01 11:00:00 | Nine Cybersecurity Predictions for 2023 (lien direct) |
In 2022, ransomware continued to reign king and became one of the most common and dangerous threats facing healthcare organizations and software supply chains. The war on Ukraine created heightened concern over zero-day threats wreaking havoc for organizations worldwide. The cyber gang Conti with Russian-linked ties managed to disrupt financial operations throughout Costa Rica, and it seems there is no end in sight to the hacking group Lapsus$, which has proven itself to be a formidable threat actor. |
Ransomware Threat | ★★★ | |
 |
2022-12-01 08:18:01 | Cyberattacks, ransomware incidents expected to rise in 2023 (lien direct) | Pas de details / No more details | Ransomware | ★★ | |
|
2022-11-30 18:25:53 | Keralty ransomware attack impacts Colombia\'s health care system (lien direct) | The Keralty multinational healthcare organization suffered a RansomHouse ransomware attack on Sunday, disrupting the websites and operations of the company and its subsidiaries. [...] | Ransomware | ★★ | |
|
2022-11-30 16:35:59 | RansomBoggs Ransomware Targeted Multiple Ukrainian Organizations (lien direct) | FortiGuard Labs is aware of a report that a new ransomware strain named "RansomBoggs" was deployed to multiple unnamed organizations in Ukraine. The ransomware encrypts files on compromised machines and provides attacker's contact information for victims to talk with the attacker for file recovery.Why is this Significant?This is significant because RansomBoggs is the latest ransomware that targets Ukrainian organizations. Based on the tactics, techniques, and procedures (TTPs) used in the attack, security vendor ESET attributed RansomBoggs to the Sandworm APT group who is believed to be associated with the Main Directorate of the General Staff of the Armed Forces of the Russian Federation.What is RansomBoggs Ransomware?RansomBoggs ransomware encrypts files on compromised machines and adds a ".chsch" file extension to the affected files. It drops a ransom note requesting victims to get in touch with the attacker for file recovery.Currently, there is no indication that RansomBoggs ransomware has wiper functionality.What is the Status of Coverage?FortiGuard Labs provides the following AV signature for RansomBoggs ransomware:MSIL/Filecoder.A!tr.ransom | Ransomware | ★★ | |
|
2022-11-30 12:12:16 | Cyber insurance paradigm shift: Protecting the business without the \'hail mary\' remedy (lien direct) | >Ransomware attacks and their significant financial threat to organizations have contributed to a growing interest in cyber insurance policies. After all, insurance has traditionally promised to cover everything from ransom payouts to incident response and PR related to corporate image taking a hit in the wake of an attack.Ironically, this year ransomware attacks have intensified [...] | Ransomware Threat | ★★ | |
|
2022-11-30 10:00:00 | Most Small Biz IaaS Users Seeing Surge in Attacks (lien direct) | A further 67% were hit by ransomware in past year | Ransomware | ★★ | |
 |
2022-11-30 07:49:00 | South Staffs Water customer data leaked after ransomware attack (lien direct) | Pas de details / No more details | Ransomware | ★★ | |
|
2022-11-30 02:00:00 | What is Ransom Cartel? A ransomware gang focused on reputational damage (lien direct) | Ransom Cartel, a ransomware-as-a-service (RaaS) operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti. Believed to have launched in December 2021, Ransom Cartel has made victims of organizations from among the education, manufacturing, utilities, and energy sectors with aggressive malware and tactics that resemble those used by REvil.To read this article in full, please click here | Ransomware Malware | ★★ | |
|
2022-11-30 01:37:55 | Domains Used for Magniber Distribution in Korea (lien direct) | On November 7th, the ASEC analysis team introduced through a blog post the Magniber ransomware which attempted MOTW (Mark of the Web) bypassing. Afterward, using the data left in Zone.Identifier, we conducted an investigation on the sources used for the distribution of Magniber. With the typosquatting method-which exploits typos-when the user accesses the wrongly entered domain, the msi file (Magniber) is downloaded after redirecting to an advertisement page. Examination of Zone.Identifier created at this stage reveals the URL from where... | Ransomware | ★★ | |
|
2022-11-29 17:57:18 | Trigona ransomware spotted in increasing attacks worldwide (lien direct) | A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. [...] | Ransomware | ★★ | |
|
2022-11-29 17:00:00 | PII May Have Been Stolen in Virginia County Ransomware Attack (lien direct) | A W-2 form was reportedly published on a dark web forum with stolen, sensitive data | Ransomware | ★★★ | |
 |
2022-11-29 16:00:00 | Anomali Cyber Watch: Caller-ID Spoofing Actors Arrested, Fast-Moving Qakbot Infection Deploys Black Basta Ransomware, New YARA Rules to Detect Cobalt Strike, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Caller-ID spoofing, False-flag, Phishing, Ransomware, Russia, the UK, and Ukraine. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Voice-Scamming Site “iSpoof” Seized, 100s Arrested in Massive Crackdown
(published: November 25, 2022)
iSpoof was a threat group offering spoofing for caller phone numbers (also known as Caller ID, Calling Line Identification). iSpoof core group operated out of the UK with presence in other countries. In the 12 months until August 2022 around 10 million fraudulent calls were made globally via iSpoof. On November 24, 2022, Europol announced a joint operation involving Australia, Canada, France, Germany, Ireland, Lithuania, Netherlands, Ukraine, the UK, and the USA, that led to the arrest of 142 suspects and seizure of iSpoof websites.
Analyst Comment: Threat actors can spoof Caller ID (Calling Line Identification) similar to spoofing the “From:” header in an email. If contacted by an organization you should not confirm any details about yourself, take the caller’s details, disconnect and initiate a call back to the organization yourself using a trusted number. Legitimate organizations understand scams and fraud and do not engage in unsolicited calling.
Tags: iSpoof, Teejai Fletcher, United Kingdom, source-country:UK, Caller ID, Calling Line Identification, Voice-scamming, Social engineering
New Ransomware Attacks in Ukraine Linked to Russian Sandworm Hackers
(published: November 25, 2022)
On November 21, 2022, multiple organizations in Ukraine were targeted with new ransomware written in .NET. It was dubbed RansomBoggs by ESET researchers who attributed it to the Russia-sponsored Sandworm Team (aka Iridium, BlackEnergy). Sandworm distributed RansomBoggs from the domain controller using the same PowerShell script (PowerGap) that was seen in its previous attacks. RansomBoggs encrypts files using AES-256 in CBC mode using a randomly generated key. The key is RSA encrypted prior to storage and the encrypted files are appended with a .chsch extension.
Analyst Comment: Ransomware remains one of the most dangerous types of malware threats and even some government-sponsored groups are using it. Sandworm is a very competent actor group specializing in these forms of attack. Organizations with exposure to the military conflict in Ukraine, or considered by the Russian state to be providing support relating to the conflict, should prepare offline backups to minimize the effects of a potential data-availability-denial attack.
MITRE ATT&CK: [MITRE ATT&CK] Command and Scripting Interpreter - T1059 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 | [MITRE ATT&CK] Obfuscated Files or Information - T1027
Tags: detection:RansomBoggs, detection:Filecoder.Sullivan, malware-type:Ransomware, AES-256, PowerShell, detection:PowerGap, mitre-group:Sandworm Team, actor:Iridium, Russia |
Ransomware Malware Tool Threat Guideline | ★★★★ | |
 |
2022-11-29 13:32:35 | Ransomware Gang Takes Credit for Maple Leaf Foods Hack (lien direct) | The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. | Ransomware Hack | ★★★ | |
|
2022-11-29 09:24:02 | Les prévisions de Tenable pour 2023 (lien direct) | Tenable présente ses prévisions pour l'année 2023. Entre désamour des ransomware au profit de l'extorsion pure et simple à la compromission programmée d'un acteur majeur du SaaS en passant par des investissements accrus dans l'OT, les dirigeants de Tenable anticipe une fois de plus une années mouvementée en matière de cybersécurité. - Points de Vue | Ransomware | ★★ | |
 |
2022-11-29 08:30:15 | Sandworm gang launches Monster ransomware attacks on Ukraine (lien direct) | The RansomBoggs campaign is the Russia-linked group's latest assault on the smaller country The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs.… | Ransomware | ★★ | |
|
2022-11-28 23:05:26 | Les pirates du Département des Alpes-Maritimes diffusent 20% des données volées (lien direct) | Les pirates du groupe Play Ransomware donnent 5 jours au Département des Alpes-Maritimes pour payer la rançon réclamée sous peine de diffuser 290gb de fichiers voler. Les hackers malveillants ont déjà diffusé des milliers de fichiers exfiltrés. Même sanction pour deux filiales IKEA.... | Ransomware | ★★ | |
|
2022-11-28 17:45:52 | Virginia County Confirms Personal Information Stolen in Ransomware Attack (lien direct) | Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. | Ransomware Threat | ★★★ | |
 |
2022-11-28 15:23:40 | RansomBoggs: New ransomware targeting Ukraine (lien direct) | >ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm's fingerprints all over it | Ransomware | ★★ | |
|
2022-11-28 14:00:00 | Worms of Wisdom: How WannaCry Shapes Cybersecurity Today (lien direct) | >WannaCry wasn’t a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol. As a result, when the WannaCry “ransomworm” hit networks in 2017, it expanded […] | Ransomware Malware | Wannacry Wannacry | ★★ |
|
2022-11-28 10:45:00 | Belgian Police Under Fire After Major Ransomware Leak (lien direct) | Crime reports dating back 15 years are made public | Ransomware | ★★ | |
|
2022-11-28 10:10:00 | Russian Sandworm Hackers Linked to New Ransomware Blitz (lien direct) | Ukrainian targets are on the receiving end of RansomBoggs variant | Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
