What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-17 17:11:05 | The Week in Ransomware - June 17th 2022 - Have I Been Ransomed? (lien direct) | Ransomware operations are constantly evolving their tactics to pressure victims to pay. For example, this week, we saw a new extortion tactic come into play with the creation of dedicated websites to extort victims with searchable data. [...] | Ransomware | ||
|
2022-06-17 05:52:36 | QNAP \'thoroughly investigating\' new DeadBolt ransomware attacks (lien direct) | Network-attached storage (NAS) vendor QNAP once again warned customers on Friday to secure their devices against a new campaign of attacks pushing DeadBolt ransomware. [...] | Ransomware | ||
|
2022-06-16 06:07:20 | Microsoft Office 365 feature can help cloud ransomware attacks (lien direct) | Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage. [...] | Ransomware Threat | ||
|
2022-06-15 12:28:27 | Extortion gang ransoms Shoprite, largest supermarket chain in Africa (lien direct) | Shoprite Holdings, Africa's largest supermarket chain that operates almost three thousand stores across twelve countries in the continent, has been hit by a ransomware attack. [...] | Ransomware | ||
|
2022-06-14 19:03:26 | Ransomware gang creates site for employees to search for their stolen data (lien direct) | The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack [...] | Ransomware | ||
|
2022-06-13 13:14:14 | Microsoft: Exchange servers hacked to deploy BlackCat ransomware (lien direct) | Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities. [...] | Ransomware | ||
|
2022-06-12 10:11:04 | Hello XD ransomware now drops a backdoor while encrypting (lien direct) | Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger encryption. [...] | Ransomware | ||
|
2022-06-11 10:31:49 | Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware (lien direct) | Ransomware gangs are now targeting a recently patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian Confluence Server and Data Center instances for initial access to corporate networks. [...] | Ransomware Vulnerability | ||
|
2022-06-10 18:18:21 | The Week in Ransomware - June 10th 2022 - Targeting Linux (lien direct) | It has been relatively quiet this week with many companies and researchers at the RSA conference. However, we still had some interesting ransomware reports released this week. [...] | Ransomware | ||
|
2022-06-09 15:29:09 | (Déjà vu) Roblox Game Pass store used to sell ransomware decryptor (lien direct) | A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. [...] | Ransomware | ||
|
2022-06-09 11:43:51 | Vice Society ransomware claims attack on Italian city of Palermo (lien direct) | The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage. [...] | Ransomware | ||
|
2022-06-08 10:55:57 | Cuba ransomware returns to extorting victims with updated encryptor (lien direct) | The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks. [...] | Ransomware Malware | ||
|
2022-06-07 15:06:36 | Linux version of Black Basta ransomware targets VMware ESXi servers (lien direct) | Black Basta is the latest ransomware gang to add support for encrypting VMware ESXi virtual machines running on enterprise Linux servers. [...] | Ransomware | ||
|
2022-06-06 17:01:20 | QBot now pushes Black Basta ransomware in bot-powered attacks (lien direct) | The Black Basta ransomware gang has partnered with the QBot malware operation to gain spread laterally through hacked corporate environments. [...] | Ransomware Malware | ||
|
2022-06-06 15:54:02 | Mandiant: “No evidence” we were hacked by LockBit ransomware (lien direct) | American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...] | Ransomware | ||
|
2022-06-06 12:56:10 | Ransomware gangs now give victims time to save their reputation (lien direct) | Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. [...] | Ransomware Threat | ||
|
2022-06-03 16:41:26 | The Week in Ransomware - June 3rd 2022 - Evading sanctions (lien direct) | Ransomware gangs continue to evolve their operations as victims refuse to pay ransoms due to sanctions or other reasons. [...] | Ransomware | ||
|
2022-06-02 16:35:29 | Evil Corp switches to LockBit ransomware to evade sanctions (lien direct) | The Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets' networks to evade sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC). [...] | Ransomware | ||
|
2022-06-02 15:01:51 | Ransomware gang now hacks corporate websites to show ransom notes (lien direct) | A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. [...] | Ransomware Hack | ||
|
2022-06-02 09:22:31 | Conti ransomware targeted Intel firmware for stealthy attacks (lien direct) | Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [...] | Ransomware | ||
|
2022-06-02 04:20:27 | Foxconn confirms ransomware attack disrupted production in Mexico (lien direct) | Foxconn electronics manufacturer has confirmed that one of its Mexico-based production plants has been impacted by a ransomware attack in late May. [...] | Ransomware | ||
|
2022-06-01 07:32:43 | Ransomware attacks need less than four days to encrypt systems (lien direct) | The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019. [...] | Ransomware | ||
|
2022-05-31 13:34:25 | Costa Rica\'s public health agency hit by Hive ransomware (lien direct) | All computer systems on the network of Costa Rica's public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. [...] | Ransomware | ||
|
2022-05-28 11:10:00 | Clop ransomware gang is back, hits 21 victims in a single month (lien direct) | After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...] | Ransomware | ||
|
2022-05-27 09:23:18 | BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (lien direct) | Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. [...] | Ransomware | ||
|
2022-05-26 15:44:58 | Windows 11 KB5014019 breaks Trend Micro ransomware protection (lien direct) | This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...] | Ransomware | ★★★ | |
|
2022-05-26 08:02:01 | Industrial Spy data extortion market gets into the ransomware game (lien direct) | The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...] | Ransomware | ||
|
2022-05-25 15:25:48 | New \'Cheers\' Linux ransomware targets VMware ESXi servers (lien direct) | A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...] | Ransomware | ||
|
2022-05-25 07:43:34 | (Déjà vu) SpiceJet airline passengers stranded after ransomware attack (lien direct) | Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] | Ransomware | ||
|
2022-05-25 07:43:34 | Indian airline SpiceJet\'s flights impacted by ransomware attack (lien direct) | Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] | Ransomware | ||
|
2022-05-24 13:34:32 | US Senate: Govt\'s ransomware fight hindered by limited reporting (lien direct) | A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. [...] | Ransomware | ||
|
2022-05-21 13:32:30 | Ransomware attack exposes data of 500,000 Chicago students (lien direct) | The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. [...] | Ransomware Data Breach | ||
|
2022-05-20 20:08:20 | The Week in Ransomware - May 20th 2022 - Another one bites the dust (lien direct) | Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...] | Ransomware | ||
|
2022-05-19 19:32:59 | Conti ransomware shuts down operation, rebrands into smaller units (lien direct) | The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...] | Ransomware Guideline | ||
|
2022-05-19 14:26:06 | Media giant Nikkei\'s Asian unit hit by ransomware attack (lien direct) | Publishing giant Nikkei disclosed that the group's headquarters in Singapore was hit by a ransomware attack almost one week ago, on May 13th. [...] | Ransomware | ||
|
2022-05-19 06:38:26 | QNAP alerts NAS customers of new DeadBolt ransomware attacks (lien direct) | Taiwan-based network-attached storage (NAS) maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. [...] | Ransomware | ||
|
2022-05-19 05:36:56 | Ransomware gangs rely more on weaponizing vulnerabilities (lien direct) | Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks. [...] | Ransomware | ||
|
2022-05-18 16:13:12 | National bank hit by ransomware trolls hackers with dick pics (lien direct) | After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination). [...] | Ransomware | ||
|
2022-05-16 16:46:50 | US links Thanos and Jigsaw ransomware to 55-year-old doctor (lien direct) | The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. [...] | Ransomware | ||
|
2022-05-16 10:17:58 | Engineering firm Parker discloses data breach after ransomware attack (lien direct) | The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month. [...] | Ransomware Data Breach | ||
|
2022-05-13 16:58:23 | The Week in Ransomware - May 13th 2022 - A National Emergency (lien direct) | While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...] | Ransomware Malware Threat | ||
|
2022-05-12 15:18:45 | Eternity malware kit offers stealer, miner, worm, ransomware tools (lien direct) | Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...] | Ransomware Malware Threat | ||
|
2022-02-14 14:31:00 | Sports brand Mizuno hit with ransomware attack delaying orders (lien direct) | Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. [...] | Ransomware | ||
|
2022-02-14 10:41:14 | (Déjà vu) FBI: BlackByte ransomware breached US critical infrastructure (lien direct) | The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. [...] | Ransomware | ||
|
2022-02-13 08:22:11 | NFL\'s San Francisco 49ers hit by Blackbyte ransomware attack (lien direct) | The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. [...] | Ransomware | ||
|
2022-02-11 16:57:54 | The Week in Ransomware - February 11th 2022 - Maze, Egregor decryptors (lien direct) | We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations. [...] | Ransomware | ★★★ | |
|
2022-02-09 10:26:31 | Ransomware dev releases Egregor, Maze master decryption keys (lien direct) | The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. [...] | Ransomware Malware | ||
|
2022-02-08 07:45:04 | NetWalker ransomware affiliate sentenced to 80 months in prison (lien direct) | Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. [...] | Ransomware Guideline | ||
|
2022-02-07 15:49:03 | Puma hit by data breach after Kronos ransomware attack (lien direct) | Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...] | Ransomware Data Breach | ||
|
2022-02-07 12:08:23 | (Déjà vu) Free decryptor released for TargetCompany ransomware victims (lien direct) | Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. [...] | Ransomware |
To see everything:
