What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-20 11:51:15 | QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor (lien direct) | The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. Egregor has been actively distributed since September 2020 and has so far hit […] | Ransomware Threat | ||
|
2020-11-19 09:20:23 | REvil ransomware demands 500K ransom to Managed.com hosting provider (lien direct) | Managed web hosting provider Managed.com was hit with REvil ransomware that forced it to take down their servers and web hosting systems. Managed web hosting provider Managed.com was hit by a REvil ransomware attack over the weekend that took their servers and web hosting systems offline. At the time of writing this post, Managed.com hosting […] | Ransomware | ||
|
2020-11-15 12:13:23 | Chilean-based retail giant Cencosud hit by Egregor Ransomware (lien direct) | Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Cencosud the largest retail company in Chile and the third largest listed […] | Ransomware | ||
|
2020-11-14 11:45:16 | Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware (lien direct) | Biotech research firm Miltenyi Biotec disclosed a ransomware attack that took place in October and affected its IT infrastructure worldwide. Biotech research firm Miltenyi Biotec was hit with a ransomware attack that took place in October and affected its IT infrastructure worldwide. The company announced that it has fully restored systems after the attack, anyway in some […] | Ransomware | ||
|
2020-11-11 14:24:04 | Ragnar Locker ransomware gang advertises Campari hack on Facebook (lien direct) | Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attackers threaten to release the stolen […] | Ransomware Hack Threat | ||
|
2020-11-10 13:22:03 | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike (lien direct) | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and […] | Ransomware Tool Guideline | ||
|
2020-11-09 15:30:37 | Compal, the Taiwanese giant laptop manufacturer hit by ransomware (lien direct) | The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. Compal Electronics is a Taiwanese original design manufacturer (ODM), handling the production of notebook computers, monitors, tablets and televisions for a variety of clients around the world, including Apple Inc., Acer, Lenovo, Dell, Toshiba, Hewlett-Packard and Fujitsu. […] | Ransomware | ||
|
2020-11-09 10:22:51 | E-commerce platform X-Cart hit by a ransomware attack (lien direct) | The e-commerce software platform X-Cart suffered a ransomware attack at the end of October, e-stores hosted by the company went down. At the end of October, the e-commerce software platform X-Cart suffered a ransomware attack, the infection brought down customers’ e-stores hosted by the company on its platform. The software and services company X-Cart was recently acquired […] | Ransomware | ||
|
2020-11-08 14:06:43 | Security Affairs newsletter Round 288 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. 103,000 machines are still vulnerable to SMBGhost attacks A data breach broker is selling account databases of 17 companies Maze ransomware is going out of the business Nuclear Regulation Authority […] | Ransomware Data Breach | ||
|
2020-11-07 17:27:56 | Ransomware operators target CVE-2020-14882 WebLogic flaw (lien direct) | At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. At the end of October, threat actors have started scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the […] | Ransomware Vulnerability Threat | ||
|
2020-11-06 22:29:16 | RansomExx ransomware now targets also Linux systems (lien direct) | The RansomExx Ransomware gang is expanding its operations by creating a new version that is able to infect Linux machines. RansomExx ransomware operators are expanding their operations by developing a Linux version of their malware. Kaspersky researchers have analyzed the Linux version of the RansomExx ransomware, also tracked as Defray777. This week the RansomExx ransomware has been […] | Ransomware | ||
|
2020-11-06 10:47:45 | Brazil\'s court system shut down after a massive ransomware attack (lien direct) | This week, Brazil’s Superior Court of Justice has temporarily shut down its operation following a ransomware attack during judgment sessions. Brazil’s Superior Court of Justice was hit by a ransomware attack on Tuesday during judgment sessions, the attack forced a temporary shut down of the court’s information technology network. “The Superior Court of Justice (STJ) announces that the court’s […] | Ransomware | ||
|
2020-11-06 08:18:27 | Prominent Italian firms under attack, Campari is the last one (lien direct) | Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. The […] | Ransomware | ||
|
2020-11-04 17:06:18 | REvil Ransomware member win the auction for KPot stealer source code (lien direct) | The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction, and the REvil ransomware operators will likely be the only group to bid. KPOT Stealer is a “stealer” malware […] | Ransomware Malware | ||
|
2020-11-04 11:10:39 | Toymaker giant Mattel disclosed a ransomware attack (lien direct) | Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. The good news that the company excluded the theft of […] | Ransomware | ||
|
2020-11-02 18:57:57 | Maze ransomware gang shuts down operations, states their press release (lien direct) | The Maze ransomware operators finally announced that they have officially shut down their operations and denies the creation of a cartel. Today the Maze ransomware gang announced that they have officially shut down their operations, the news was anticipated last week. The cybercrime gang announced that it will no longer leak data of new companies […] | Ransomware | ||
|
2020-11-01 14:56:34 | Maze ransomware is going out of the business (lien direct) | The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. The gang was the […] | Ransomware Threat | ||
|
2020-10-31 21:22:18 | REvil ransomware gang hacked gaming firm Gaming Partners International (lien direct) | The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). Gaming Partners International (GPI) is a full-service supplier of gaming furniture and equipment for casinos worldwide. The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before […] | Ransomware | ||
|
2020-10-30 12:11:36 | DoppelPaymer ransomware gang leaked Hall County, Georgia, voter info (lien direct) | The DoppelPaymer ransomware operators have released data that was stolen from Hall County, Georgia earlier this month. The DoppelPaymer ransomware operators have published online data that was stolen from Hall County, Georgia earlier this month. The attack took place on October 7, it hit Hall County, in the northern part of the state and it […] | Ransomware | ||
|
2020-10-30 09:27:25 | Brooklyn & Vermont US hospitals hit by ransomware attacks (lien direct) | Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network are the last victims of the Ryuk ransomware operators. Ryuk ransomware operators continue the target the US healthcare industry, the last victims in order of time are the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The […] | Ransomware | ||
|
2020-10-29 19:10:33 | FBI, CISA alert warns of imminent ransomware attacks on healthcare sector (lien direct) | FBI and the DHS's CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The FBI, the DHS's Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks […] | Ransomware | ||
|
2020-10-28 08:46:36 | Steelcase office furniture giant hit by Ryuk ransomware attack (lien direct) | Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading. Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture […] | Ransomware Malware | ||
|
2020-10-27 21:15:38 | Enel Group suffered the second ransomware attack this year (lien direct) | Multinational energy company Enel Group has been hit by Netwalker ransomware operators that are asking a $14 million ransom. Systems at the multinational energy company Enel Group has been infected with Netwalker ransomware, it is the second ransomware attack suffered by the energy giant this year. Netwalker ransomware operators are asking a $14 million ransom […] | Ransomware | ||
|
2020-10-26 09:21:45 | Ransomware attack disabled Georgia County Election database (lien direct) | A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. It is a common process to validate absentee ballots sent by […] | Ransomware | ||
|
2020-10-24 13:31:03 | Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware (lien direct) | The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts is a collection of mountain and lakeside resorts, ski areas, and attractions spanning from British Columbia to Maine. The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division […] | Ransomware | ★★★ | |
|
2020-10-23 18:20:39 | Sopra Steria hit by the Ryuk ransomware gang (lien direct) | French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected French IT outsourcer Sopra Steria has been hit by a ransomware attack, while the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware. “A cyber attack was detected on the Sopra Steria […] | Ransomware Malware | ||
|
2020-10-20 11:13:53 | Nefilim ransomware gang published Luxottica data on its leak site (lien direct) | The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world's largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass […] | Ransomware | ||
|
2020-10-18 21:01:11 | FIN11 gang started deploying ransomware to monetize its operations (lien direct) | The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. The group carried out multiple high-volume operations targeting companies across the world, most of them in North America and Europe. In recent attacks, the […] | Ransomware | ||
|
2020-10-18 09:24:29 | Security Affairs newsletter Round 286 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Hackers targeted the US Census Bureau network, DHS report warns Tyler Technologies finally paid the ransom to receive the decryption key Underestimating the FONIX – Ransomware as a Service could […] | Ransomware | ||
|
2020-10-15 20:11:03 | Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek (lien direct) | The Egregor ransomware gang has hit the game developer Crytek and leaked files allegedly stolen from the systems of the gaming firm Ubisoft. A previously unknown ransomware gang dubbed Egregor has hit the game developer Crytek and leaked files allegedly stolen from the internal network of another leading gaming firm, Ubisoft. A few days ago, the Egregor […] | Ransomware Guideline | ||
|
2020-10-14 10:07:00 | The G7 expresses its concern over ransomware attacks (lien direct) | G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies. Finance ministers from the G7 industrialized countries expressed concern on Tuesday over the rise in malicious cyberattacks, especially ransomware attacks, in the midst of the Covid-19 pandemic. G7 Finance ministers warn of ransomware attacks […] | Ransomware | ||
|
2020-10-13 11:23:31 | Leading Law firm Seyfarth Shaw discloses ransomware attack (lien direct) | Seyfarth Shaw, one of the leading global legal firms announced that it was a victim of an “aggressive malware” attack, likely a ransomware attack. Seyfarth Shaw LLP is an international AmLaw 100 law firm headquartered in Chicago, Illinois, its clients include over 300 of the Fortune 500 companies, and its practice reflects virtually every industry and segment of the economy. […] | Ransomware Guideline | ||
|
2020-10-11 16:44:16 | Underestimating the FONIX – Ransomware as a Service could be an error (lien direct) | FONIX is a new Ransomware as a Service available in the threat landscape that was analyzed by SentinelLabs researchers. FONIX is a relatively new Ransomware as a Service (RaaS) analyzed by researchers from Sentinel Labs, its operators were previously specialized in the developers of binary crypters/packers. The actors behind FONIX RaaS advertised several products on […] | Ransomware Threat | ||
|
2020-10-11 08:54:56 | Tyler Technologies finally paid the ransom to receive the decryption key (lien direct) | Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector. At the end of September, the company disclosed a ransomware attack and its customers reported finding suspicious logins […] | Ransomware | ||
|
2020-10-10 13:04:07 | Carnival confirms data breach as a result of the August ransomware attack (lien direct) | Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the august ransomware attack. Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the ransomware attack that took place in August. Ransomware operators have stolen the personal information of customers, […] | Ransomware Data Breach | ||
|
2020-10-09 21:31:01 | (Déjà vu) German tech firm Software AG hit by ransomware attack (lien direct) | German tech firm Software AG has suffered a ransomware attack that took place during last weekend, media blamed the Clop ransomware gang. The website ZDNet revealed in exclusive that German tech firm Software AG was hit by the Clop ransomware, the criminal gang is demanding more than $20 million ransom. Software AG is an enterprise software […] | Ransomware | ||
|
2020-10-09 11:44:54 | New MalLocker.B ransomware displays ransom note in innovative way (lien direct) | Microsoft warns of Android ransomware that activates when you press the Home button Microsoft spotted a new strain of Amdroid ransomware tracked as MalLocker.B that activates when the users press the Home button. Researchers from Microsoft spotted a new strain of Android ransomware that abuses the mechanisms behind the “incoming call” notification and the “Home” […] | Ransomware | ||
|
2020-10-08 22:54:56 | Springfield Public Schools district hit with ransomware (lien direct) | The Springfield Public Schools district in Massachusetts was forced to shut down its systems after a ransomware attack and closed the schools. The Springfield Public Schools district, the third largest school district in Massachusetts, was forced to shut down its systems after a ransomware attack. The district, which has over 25,000 students, 4,500 employees, and […] | Ransomware | ||
|
2020-10-01 17:52:56 | Netwalker ransomware operators leaked files stolen from K-Electric (lien direct) | K-Electric, Pakistan’s largest private power company, did not pay the ransom and the Netwalker ransomware operators have leaked the stolen data. In early September, K-Electric (KE), the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric is the largest power supplier in the […] | Ransomware | ||
|
2020-09-29 20:11:53 | Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack (lien direct) | US-based Arthur J. Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. US-based Arthur J. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. The company did not provide technical details about the attack, it is not clear how the ransomware […] | Ransomware | ||
|
2020-09-29 07:56:36 | QNAP urges users to update NAS firmware and app to prevent infections (lien direct) | While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. The name AgeLocker comes from the use of the […] | Ransomware | ||
|
2020-09-29 07:15:18 | Maritime transport and logistics giant CMA CGM hit with ransomware (lien direct) | The French maritime transport and logistics giant CMA CGM S.A. revealed it was the victim of a malware attack that affecting some servers on its network. CMA CGM S.A., a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. The company is present in over 160 countries through 755 […] | Ransomware Malware | ||
|
2020-09-29 07:08:20 | Ransomware attack on Tyler Technologies might be worse than initially thought (lien direct) | Customers of Tyler Technologies are reporting finding suspicious logins and previously unseen remote access tools on their infrastructure Tyler Technologies, Inc. is the largest provider of software to the United States public sector. The company last week disclosed a ransomware attack, and now its customers are reporting finding suspicious logins and previously unseen remote access tools […] | Ransomware | ||
|
2020-09-28 18:01:01 | UHS hospitals hit by Ryuk ransomware attack (lien direct) | Universal Health Services (UHS) healthcare providers has reportedly shut down systems at healthcare facilities after a Ryuk ransomware attack. Universal Health Services (UHS), one of the largest hospital and healthcare services providers, has shut down systems at healthcare facilities in the United States after they were infected with the Ryuk ransomware. The attack cyber-attack took […] | Ransomware | ||
|
2020-09-28 15:52:24 | REvil ransomware operators are recruiting new affiliates (lien direct) | REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. The REvil Ransomware (Sodinokibi) operators have deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. Some hacker forum allows members to deposit funds that can […] | Ransomware | ||
|
2020-09-28 08:08:45 | Mount Locker ransomware operators demand multi-million dollar ransoms (lien direct) | The operators behind new ransomware dubbed Mount Locker have adopted the same tactic of other gangs threatening the victims to leak stolen data. A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to BleepingComputer, the ransomware operators are demanding multi-million dollar ransoms. Like other ransomware operators, Mount […] | Ransomware | ||
|
2020-09-27 10:37:50 | Security Affairs newsletter Round 283 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. IPG Photonics high-performance laser developer hit with ransomware Mozi Botnet is responsible for most of the IoT Traffic Alleged Activision hack, 500,000 Call Of Duty players impacted DHS CISA orders […] | Ransomware | ||
|
2020-09-26 16:06:03 | Victims of ThunderX ransomware can recover their files for free (lien direct) | Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the […] | Ransomware Threat | ||
|
2020-09-25 07:36:12 | Polish police shut down major group of hackers in the country (lien direct) | Polish police dismantled a major group of hackers that was behind several criminal activities, including ransomware attacks, and banking fraud. Polish authorities have dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores, and even making bomb threats at the […] | Ransomware Malware | ||
|
2020-09-23 10:06:30 | Group-IB detects a series of ransomware attacks by OldGremlin (lien direct) | Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. The Russian-speaking threat actors are relatively new to the Big Game Hunting. Since […] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
