What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-20 11:59:01 | NCSC warns of a surge in ransomware attacks on education institutions (lien direct) | The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. The British security agency is urging the institutions in the industry to follow the recommendations […] | Ransomware | ||
|
2020-09-20 09:39:26 | Security Affairs newsletter Round 282 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Gaming hardware manufacturer Razer suffered a data leak CIRWA Project tracks ransomware attacks on critical infrastructure Popular Marketing Tool exposes data of users of dating sites Staples discloses data breach […] | Ransomware Data Breach Tool | ||
|
2020-09-20 09:13:26 | IPG Photonics high-performance laser developer hit with ransomware (lien direct) | IPG Photonics, a leading U.S. manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. The company was founded in 1990 in Russia by physicist Valentin Gapontsev, it employs over 4,000 people […] | Ransomware Guideline | ||
|
2020-09-18 09:38:15 | Ransomware en masse on the wane: top threats inside web-phishing in H1 2020 (lien direct) | Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 - Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It came as no […] | Ransomware Threat | ||
|
2020-09-17 21:30:19 | Maze ransomware uses Ragnar Locker virtual machine technique (lien direct) | The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. This technique was first adopted by Ragnar Locker gang in […] | Ransomware Malware | ||
|
2020-09-17 11:26:39 | SunCrypt ransomware operators leak data of University Hospital New Jersey (lien direct) | University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online. The incident took place in September. The UHNJ is […] | Ransomware Threat | ||
|
2020-09-14 05:53:49 | CIRWA Project tracks ransomware attacks on critical infrastructure (lien direct) | Researchers from Temple University have been tracking ransomware attacks on critical infrastructure all over the world. A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide. The project was launched in September 2019 and […] | Ransomware | ||
|
2020-09-13 17:08:16 | Fairfax County Public Schools hit by Maze ransomware (lien direct) | Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators. Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators. FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion […] | Ransomware | ||
|
2020-09-13 11:53:37 | Security Affairs newsletter Round 281 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Visa warns of new sophisticated credit card skimmer dubbed Baka WhatsApp discloses six previously undisclosed flaws Chilean bank BancoEstado hit by REVil ransomware Epic Manchego gang uses Excel docs that […] | Ransomware | ||
|
2020-09-12 17:12:30 | Bank of Seychelles hit by a ransomware attack (lien direct) | The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. DBS is a joint venture by the Seychelles government and some shareholders including […] | Ransomware | ||
|
2020-09-10 19:19:19 | Colocation data centers giant Equinix data hit by Netwalker Ransomware (lien direct) | Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Equinix, one of the leaders in the global colocation data center market share, with 205 data centers in 25 countries on five continents, was hit by Netwalker ransomware operators. The popular cybercrime gang is demanding a […] | Ransomware Guideline | ||
|
2020-09-10 07:55:27 | SeaChange video delivery provider discloses REVIL ransomware attack (lien direct) | US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020. SeaChange's customers include major organizations such as BBC, Cox, Verizon, […] | Ransomware | ||
|
2020-09-09 14:37:27 | Netwalker ransomware hit K-Electric, the major Pakistani electricity provider (lien direct) | K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services. K-Electric (KE) (formerly known as Karachi Electric Supply Company / […] | Ransomware | ||
|
2020-09-08 09:57:09 | Newcastle University infected with DoppelPaymer Ransomware (lien direct) | UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide […] | Ransomware | ||
|
2020-09-07 18:32:40 | Chilean bank BancoEstado hit by REVil ransomware (lien direct) | Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations. […] | Ransomware | ||
|
2020-09-06 22:49:52 | Netwalker Ransomware hit Argentina\'s official immigration agency (lien direct) | Argentina’s official immigration agency, Dirección Nacional de Migraciones, is the last victim of the Netwalker ransomware operators. Argentina’s official immigration agency, Dirección Nacional de Migraciones, was hit by a Netwalker ransomware attack that caused the interruption of the border crossing into and out of the country for four hours. The ransomware operators also exfiltrated sensitive […] | Ransomware | ||
|
2020-09-05 13:22:27 | FBI issued a second flash alert about ProLock ransomware in a few months (lien direct) | FBI issued a second flash alert about ProLock ransomware stealing data, four months after the first advisory published by the feds on the same threat. The FBI has issued the 20200901-001 Private Industry Notification about ProLock ransomware stealing data on September 1st. The fresh alert is the second one related to this threat, the first […] | Ransomware | ||
|
2020-09-04 22:26:01 | SunCrypt Ransomware behind North Carolina school district data breach (lien direct) | A school district in North Carolina disclosed a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The Haywood County School district in North Carolina has suffered a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The ransomware attack took place on August 24th, 2020, but at the […] | Ransomware Data Breach | ||
|
2020-08-30 11:29:55 | Security Affairs newsletter Round 279 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A Google Drive weakness could allow attackers to serve malware Adobe released open- source tool Stringlifier to identify randomly generated strings Canadian delivery company Canpar Express suffered a ransomware attack […] | Ransomware Malware Tool | ||
|
2020-08-27 15:44:06 | REvil ransomware operators breached healthcare org Valley Health Systems (lien direct) | REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. Healthcare organizations are a privileged target of […] | Ransomware | ||
|
2020-08-24 15:43:24 | Canadian delivery company Canpar Express suffered a ransomware attack (lien direct) | A ransomware attack hit TFI International's four Canadian courier divisions last week, Canpar Express, ICS Courier, Loomis Express and TForce Integrated Solutions. A couple of days after the transportation and logistics TFI International company raised millions of dollars in a share offering, the news of a ransomware attack against its four Canadian courier divisions (Canpar Express, […] | Ransomware | ||
|
2020-08-23 07:54:12 | Security Affairs newsletter Round 278 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Ritz hotel diners were victims of a sophisticated scam Sodinokibi ransomware gang stole 1TB of data from Brown-Forman Texas man sentenced to 57 months for the hacking of a major […] | Ransomware | ||
|
2020-08-21 17:48:00 | Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators (lien direct) | Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen […] | Ransomware Hack Threat | ||
|
2020-08-21 07:19:50 | University of Utah pays a $457,000 ransom to ransomware gang (lien direct) | The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social […] | Ransomware | ||
|
2020-08-18 08:21:25 | Cruise line operator Carnival Corporation suffers a ransomware attack (lien direct) | The world’s largest cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. Cruise line operator Carnival Corporation has disclosed that one of their brands was hit with a ransomware attack over the past weekend. Carnival Corporation & plc is a British-American cruise operator, currently […] | Ransomware | ||
|
2020-08-17 08:12:48 | Technology giant Konica Minolta hit by a ransomware attack (lien direct) | IT giant Konica Minolta was hit with a ransomware attack at the end of July, its services have been impacted for almost a week. A ransomware attack has impacted the services at the business technology giant Konica Minolta for almost a week, the attack took place at the end of July. Konica Minolta is a […] | Ransomware | ||
|
2020-08-16 06:51:40 | Sodinokibi ransomware gang stole 1TB of data from Brown-Forman (lien direct) | Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Threat actors claim to have […] | Ransomware Threat | ||
|
2020-08-15 07:04:49 | XCSSET Mac spyware spreads via Xcode Projects (lien direct) | A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The first zero-day issue is used to steal cookies via […] | Ransomware Malware | ||
|
2020-08-14 08:01:32 | Maze ransomware gang leaked Canon USA\'s stolen files (lien direct) | Maze ransomware operators have leaked online the unencrypted files allegedly stolen from Canon during a recent ransomware attack. According to an internal memo obtained by ZDNet last week, the recent outage suffered by Canon was caused by a ransomware attack, at the same time Maze ransomware operators were taking the credit for the incident. The memo […] | Ransomware | ||
|
2020-08-11 08:16:32 | Avaddon ransomware operators have launched their data leak site (lien direct) | Avaddon ransomware operators, like other cybercrime groups, decided to launch a data leak site where publish data of victims who refuse to pay a ransom demand. Avaddon ransomware operators announced the launch of their data leak site where they will publish the data stolen from the victims who do not pay a ransom demand. The […] | Ransomware | ||
|
2020-08-10 14:58:32 | Nefilim ransomware operators claim to have hacked the SPIE group (lien direct) | Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services. The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to […] | Ransomware Threat Guideline | ||
|
2020-08-09 17:30:01 | Security Affairs newsletter Round 276 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account FBI issued a flash alert about Netwalker ransomware attacks Garmin allegedly paid for a decryptor for WastedLocker […] | Ransomware | ||
|
2020-08-07 15:58:06 | Did Maze ransomware operators steal 10 GB of data from Canon? (lien direct) | An internal memo confirms that the prolonged outage suffered by Canon last week was caused by a ransomware infection, Maze operators took credit for it. According to an internal memo obtained by ZDNet, the recent outage of Canon was caused by a ransomware attack, while Maze ransomware operators are taking the credit for the incident. […] | Ransomware | ||
|
2020-08-06 12:52:32 | Netwalker ransomware operators claim to have stolen data from Forsee Power (lien direct) | Netwalker ransomware operators breached the networks of Forsee Power, a well-known player in the electromobility market. A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power, which provides advanced lithium-ion battery systems for any mobility application. The industrial group is based in France and […] | Ransomware | ||
|
2020-08-04 10:04:42 | Maze Ransomware operators published data from LG and Xerox (lien direct) | Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. Maze ransomware operators published 50.2 GB […] | Ransomware | ||
|
2020-08-04 08:47:46 | NetWalker ransomware operators have made $25 million since March 2020 (lien direct) | NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. The malware has been active […] | Ransomware Malware | ||
|
2020-08-03 09:24:18 | Belarussian authorities arrested GandCrab ransomware distributor (lien direct) | Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware. The arrest is the result of an […] | Ransomware | ||
|
2020-08-02 16:29:41 | (Déjà vu) FBI issued a flash alert about Netwalker ransomware attacks (lien direct) | The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. and foreign government organizations. The feds are recommending victims, not to pay the ransom and reporting incidents to their local FBI field offices. The flash […] | Ransomware | ||
|
2020-08-02 13:14:51 | (Déjà vu) Garmin allegedly paid for a decryptor for WastedLocker ransomware (lien direct) | BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services […] | Ransomware | ||
|
2020-07-29 06:42:42 | North Korea-Linked Lazarus APT is behind the VHD ransomware (lien direct) | Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises. The activity of the Lazarus Group surged in 2014 and […] | Ransomware | APT 38 | |
|
2020-07-28 15:19:38 | Nefilim ransomware operators leaked data alleged stolen from the Dussmann group (lien direct) | Cyble researchers reported that Nefilim ransomware operators allegedly targeted the Dussmann group, the German largest private multi-service provider Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly targeted the Dussmann group, the German largest private multi-service provider. The Dussmann Group has over 64,500 employees in 22 countries, it is one of the […] | Ransomware Threat | ||
|
2020-07-27 21:27:36 | Garmin says many of the systems are returning to operation (lien direct) | Smartwatch and wearable device maker Garmin announced that its computer networks were coming back after the ransomware attack that took place last week. Last week, on July 23, smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. A few days after the […] | Ransomware | ||
|
2020-07-24 12:00:29 | Spanish state-owned railway infrastructure manager ADIF infected with ransomware (lien direct) | ADIF, a Spanish state-owned railway infrastructure manager under the responsibility of the Ministry of Development, was hit by REVil ransomware operators. Administrador de Infraestructuras Ferroviarias (ADIF), a Spanish state-owned railway infrastructure manager was hit by REVil ransomware operators. ADIF (Administrador de Infraestructuras Ferroviarias) is charged with the management of most of Spain’s railway infrastructure, that is the track, signaling and stations. It was formed in 2005 […] | Ransomware | ||
|
2020-07-23 22:51:20 | Garmin shut down its services after an alleged ransomware attack (lien direct) | Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services due to a ransomware attack that targeted its internal network and some production systems. “We are currently experiencing […] | Ransomware | ||
|
2020-07-23 14:46:05 | New MATA Multi-platform malware framework linked to NK Lazarus APT (lien direct) | North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide The notorious Lazarus Group is using a new multi-platform malware framework, dubbed MATA, in attacks aimed at organizations worldwide, to deploy Kaspersky researchers observed that MATA was used by the threat actors to distribute ransomware (i.e. VHD […] | Ransomware Malware Threat Medical | APT 38 | |
|
2020-07-21 09:55:44 | Cloud computing provider Blackbaud paid a ransom after data breach (lien direct) | Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Blackbaud is a cloud computing provider that serves the social good community - nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents. Its products focus on fundraising, website management, CRM, analytics, financial […] | Ransomware Data Breach | ||
|
2020-07-20 19:30:32 | REVil ransomware infected 18,000 computers at Telecom Argentina (lien direct) | Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina, one of the largest internet service providers in Argentina, was hit by a ransomware attack. Ransomware operators infected roughly 18,000 computers during the weekend and now are asking for a $7.5 million ransom. […] | Ransomware | ||
|
2020-07-17 21:48:54 | Orange Business Services hit by Nefilim ransomware operators (lien direct) | Security researchers at Cyble reported that Nefilim ransomware operators allegedly targeted the mobile network operator Orange. Researchers from Cyble came across a post of Nefilim ransomware operators which were claiming to have stolen sensitive data of Orange S.A., one of the largest mobile networks based in France. The discovery was made by the experts during their regular […] | Ransomware | ||
|
2020-07-08 07:16:33 | (Déjà vu) SentinelOne released free decryptor for ThiefQuest ransomware (lien direct) | Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. Early July, security expert K7 Lab malware researcher Dinesh Devadoss […] | Ransomware Malware | ||
|
2020-07-07 06:16:10 | Ransomware infected systems at Xchanging, a DXC subsidiary (lien direct) | Systems at Xchanging, a subsidiary of Global IT services and solutions provider DXC Technology was hit by ransomware over the weekend. Global IT services and solutions provider DXC Technology disclosed a ransomware attack that infected systems at its Xchanging subsidiary. Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services […] | Ransomware |
To see everything:
Our RSS (filtrered)
