What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-06 06:54:39 | Snake Ransomware isolates infected Systems before encrypting files (lien direct) | Experts spotted recent samples of the Snake ransomware that were isolating the infected systems while encrypting files to avoid interference. Experts from cybersecurity firm Deep Instinct recently spotted some sample of the Snake ransomware (also known as EKANS) were observed isolating the infected systems to encrypt files without interference In January experts observed a new wave of attacks that targeted organizations worldwide, […] | Ransomware | ||
|
2020-07-04 14:37:27 | Try2Cry ransomware implements wormable capability to infect other Windows systems (lien direct) | A new piece of ransomware dubbed Try2Cry leverages infected USB flash drives and Windows shortcuts (LNK files) to infect other Windows systems. A new ransomware dubbed Try2Cry implements wormable capabilities to infect other Windows systems by using USB flash drives or Windows shortcuts (LNK files). The Try2Cry ransomware was discovered by the malware researcher Karsten Hahn while analyzing an unidentified malware sample. The expert was […] | Ransomware Malware | ||
|
2020-07-03 05:59:29 | Sodinokibi Ransomware Operators hit electrical energy company Light S.A. (lien direct) | Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to […] | Ransomware | ||
|
2020-07-02 21:21:15 | Maze Ransomware operators hacked Highways Authority Of India (Nhai) (lien direct) | Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (Nhai). As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site. The National Highways […] | Ransomware Threat | ★★★★ | |
|
2020-07-01 11:26:15 | New EvilQuest ransomware targets macOS users (lien direct) | Experts discovered a new ransomware dubbed EvilQuest designed to target macOS systems, it also installs a keylogger and a reverse shell to take over them. Security experts have uncovered a new piece of ransomware dubbed EvilQuest designed to encrypt macOS systems, it is also able to install additional payloads and potentially take over the infected […] | Ransomware | ||
|
2020-07-01 07:08:39 | Maze Ransomware operators hacked the Xerox Corporation (lien direct) | Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show […] | Ransomware | ||
|
2020-06-30 06:08:13 | UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack (lien direct) | The University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data after a ransomware attack. Late last week, the University of California San Francisco (UCSF) admitted having paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. […] | Ransomware | ||
|
2020-06-29 19:26:10 | At least 31 US Businesses targeted with WastedLocker Ransomware (lien direct) | Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. The malicious code was first documented by researchers from the NCC Group's report and later Symantec published its own analysis. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered […] | Ransomware | ||
|
2020-06-25 09:28:10 | Maze ransomware operators claim to have breached LG Electronics (lien direct) | Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. “As part of our regular darkweb monitoring, our researchers came across the data leak of LG Electronics been published by the Maze ransomware operators. Just after the WorldNet Telecommunications, the LG […] | Ransomware | ||
|
2020-06-24 09:19:20 | (Déjà vu) REvil ransomware gang scans healthcare victim\'s network for PoS systems (lien direct) | Symantec researchers observed REvil ransomware operators scanning one of their victim’s network for Point of Sale (PoS) servers. Symantec researchers observed REvil ransomware operators scanning one of their victim’s network for Point of Sale (PoS) servers. Researchers from Symantec’s Threat Intelligence team reported that the REvil ransomware operators have been observed while scanning one of their victim’s network for Point of […] | Ransomware Threat | ||
|
2020-06-23 09:55:28 | CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group (lien direct) | CLOP ransomware operators have allegedly hacked IndiaBulls Group, an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group, its primary businesses are housing finance, consumer finance, and wealth management. Indiabulls Group has around 19,000 employees, the company has been earning an average revenue of 25,000 crore Indian rupees. The […] | Ransomware | ||
|
2020-06-21 12:00:11 | Security Affairs newsletter Round 269 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Maze ransomware gang hacked M&A firm Threadstone Advisors LLP Ransomware attack disrupts operations at Australian beverage company Lion Tech firms suspend use of 'biased facial recognition technology Accessories giant Claires […] | Ransomware | ||
|
2020-06-15 13:39:28 | (Déjà vu) Black Kingdom ransomware operators exploit Pulse VPN flaws (lien direct) | Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Researchers from security firm REDTEAM reported that operators behind the Black Kingdom ransomware are targeting enterprises exploiting the CVE-2019-11510 flaw in Pulse Secure VPN software to gain access to the network. Black Kingdom ransomware was first spotted in […] | Ransomware | ||
|
2020-06-14 21:39:08 | Ransomware attack disrupts operations at Australian beverage company Lion (lien direct) | Systems at Australian beverages company Lion were infected with a ransomware that disrupted to manufacturing processes and customer service. Systems at Australian beverages company Lion were infected with a ransomware, the security breach caused the disruption of manufacturing processes and customer service. Lion is a beverage and food company that operates in Australia and New Zealand, […] | Ransomware | ||
|
2020-06-14 08:08:25 | Maze ransomware gang hacked M&A firm Threadstone Advisors LLP (lien direct) | Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to […] | Ransomware | ||
|
2020-06-12 22:16:09 | City of Florence to Pay $300,000 Ransom after ransomware attack (lien direct) | Florence City in Alabama will pay a $300,000 ransom worth of Bitcoins after its computer system was infected with a ransomware. The Council of Florence City voted unanimously at an emergency meeting this week pay the ransom requested by attackers that hit the City’s system. The payment will me made using the city's insurance fund […] | Ransomware | ||
|
2020-06-12 10:05:12 | (Déjà vu) City of Knoxville shuts down IT network after ransomware attack (lien direct) | A ransomware attack that targeted the offices of the City of Knoxville, Tennessee, forced to shut down its entire computer network. The city of Knoxville, Tennessee, has shut down its computer network following a ransomware attack. The attack took place in the night between June 10 and June 11, the malware encrypted multiple systems in the […] | Ransomware Malware | ||
|
2020-06-10 12:00:54 | Japanese car-maker giant Honda hit by a ransomware attack (lien direct) | Japanese carmaker Honda announced it has been hit by a cyberattack that disrupted its business in several countries. The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware. BleepingComputer reported that […] | Ransomware Threat | ||
|
2020-06-06 22:49:26 | Maze ransomware operators stole data from US military contractor Westech (lien direct) | Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. The LGM-30 Minuteman is a U.S. land-based intercontinental ballistic missile (ICBM), in service with the […] | Ransomware | ||
|
2020-06-06 07:42:39 | eCh0raix ransomware is back and targets QNAP NAS devices again (lien direct) | eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […] | Ransomware Threat | ||
|
2020-06-05 19:38:39 | Maze Ransomware leaks files of ST Engineering group (lien direct) | ST Engineering is the last victim of the Maze Ransomware operators that published their data on their leak website. ST Engineering is one of the leading engineering groups worldwide, it specializes in the aerospace, electronics, land systems, and marine sectors. The group operates in more than 100 countries and reported revenue of $7.86b in FY2019. The Maze ransomware operators […] | Ransomware Guideline | ||
|
2020-06-05 12:42:50 | Multi-platform Tycoon Ransomware employed in targeted attacks (lien direct) | Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […] | Ransomware Threat | ||
|
2020-06-03 10:53:58 | Sodinokibi ransomware gang launches auction site to sell stolen data (lien direct) | REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from the UK power grid middleman Elexon it has announced to launch […] | Ransomware | ||
|
2020-06-02 07:49:11 | Sodinokibi ransomware operators leak files stolen from Elexon electrical middleman (lien direct) | The REvil/Sodinokibi ransomware operators have leaked the files allegedly stolen from the UK power grid middleman Elexon. In May Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, its systems have been infected with the Sodinokibi ransomware. The incident impacted only affected the internal IT network, including the […] | Ransomware | ||
|
2020-05-30 14:07:43 | (Déjà vu) NetWalker ransomware gang threatens to release Michigan State University files (lien direct) | Michigan State University is the last victim of the NetWalker ransomware, attackers threaten to leak stolen files if it will not pay the ransom in seven days. Michigan State University hit by ransomware gang, NetWalker ransomware operators are threatening to leak stolen files if the university will not pay the ransom in seven days. At […] | Ransomware | ||
|
2020-05-27 21:57:19 | Microsoft warns about ongoing PonyFinal ransomware attacks (lien direct) | Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. Microsoft’s security team issued a series of tweets warning organizations to deploy protections against a new piece of ransomware dubbed PonyFinal that has been in the wild over the past […] | Ransomware | ||
|
2020-05-27 16:34:48 | The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced (lien direct) | The number of ransomware attacks increased by 40 percent last year, according to Group-IB attackers think bigger and grow more advanced. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, found out that the year of 2019 was marked by ransomware evolution and was dominated by increasingly aggressive ransomware campaigns, with its operators resorting to more cunning […] | Ransomware | ||
|
2020-05-27 12:26:53 | Fuckunicorn ransomware targets Italy in COVID-19 lures (lien direct) | A new piece of ransomware dubbed FuckUnicorn it targeting Italy by tricking victims into downloading a fake COVID-19 contact tracing app. A new ransomware dubbed FuckUnicorn has been targeting computers in Italy by tricking victims into downloading a fake contact tracing app, named Immuni, that promises to provide real-time updates for the COVID-19 outbreak. The COVID-19-themed campaign […] | Ransomware | ||
|
2020-05-25 13:02:15 | Ragnar Ransomware encrypts files from virtual machines to evade detection (lien direct) | Ransomware encrypts from virtual machines to evade antivirus Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Crooks always devise new techniques to evade detection, the Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while bypassing security measures. The Ragnar […] | Ransomware | ||
|
2020-05-25 08:59:32 | Maze ransomware operators leak credit card data from Costa Rica\'s BCR bank (lien direct) | Maze ransomware operators published credit card details stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week. Maze ransomware operators have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week. Early May, Maze Ransomware operators claimed to have hacked the […] | Ransomware | ||
|
2020-05-21 20:00:15 | (Déjà vu) Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware (lien direct) | Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. Threat actors attempted to exploit a zero-day (CVE-2020-12271) in the Sophos XG firewall to spread ransomware to Windows machines, the good news is that the attack was blocked by a hotfix issued […] | Ransomware Threat | ||
|
2020-05-18 17:02:25 | Texas Department of Transportation (TxDOT) hit by a ransomware attack (lien direct) | A new ransomware attack hit the Texas government, the malware this time infected systems at the state's Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. Now ransomware has infected malware the systems […] | Ransomware Malware | ||
|
2020-05-18 10:42:54 | FBI warns US organizations of ProLock ransomware decryptor not working (lien direct) | The FBI issued a flash alert to warn organizations in the United States that the ProLock ransomware decryptor doesn’t work properly. Early this month, the FBI issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. “The decryption key or ‘decryptor’ provided by […] | Ransomware Threat | ||
|
2020-05-13 13:03:07 | Healthcare giant Magellan Health discloses data breach after ransomware attack (lien direct) | Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. Magellan Health Inc. is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. The company ranks 417 on the Fortune […] | Ransomware Data Breach | ||
|
2020-05-11 20:21:22 | ATM vendor Diebold Nixdorf suffered a Ransomware attack (lien direct) | ATM maker Diebold Nixdorf discloses a ransomware attack, the good news is that the infection caused only “a limited IT systems outage.” Diebold Nixdorf, one of the major automatic teller machines (ATMs) maker suffered a ransomware attack that caused only “a limited IT systems outage.” The company discloses the security breach but pointed out that […] | Ransomware | ||
|
2020-05-11 07:58:49 | Sodinokibi ransomware uses MS API to encrypt open and locked files (lien direct) | Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process. Many applications lock files to prevent […] | Ransomware Malware Threat | ||
|
2020-05-09 10:49:45 | Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs (lien direct) | The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware group claims to have stolen gigabytes of legal documents from the entertainment and law firm Grubman Shire Meiselas & Sacks (GSMLaw) that has dozens of international stars and celebrities among […] | Ransomware | ||
|
2020-05-07 13:35:06 | Snake Ransomware hits Europe\'s largest private hospital operator Fresenius during COVID-19 outbreak (lien direct) | Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization. The operators behind the Snake Ransomware have launched a new campaign that targeted companies worldwide and that infected at least one organization in the healthcare industry over the last few days. In January experts observed a new […] | Ransomware | ||
|
2020-05-06 15:43:55 | Shipping Giant Toll suffered a second ransomware attack in a few months (lien direct) | Australian shipping giant Toll informed its customers that it has shut down some IT systems due to a new ransomware attack. The Australian transportation and logistics giant Toll Group informed its customers that it has shut down some IT systems after a new ransomware attack, it is the second infection disclosed by the company this […] | Ransomware | ||
|
2020-05-01 14:51:07 | (Déjà vu) Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR (lien direct) | Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. Banco BCR […] | Ransomware | ||
|
2020-04-27 22:26:40 | (Déjà vu) Shade Ransomware gang shut down operations and releases 750K decryption keys (lien direct) | The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware, the operators behind the threat have shut down their operations and released over 750,000 decryption keys. The cybercrime gang also apologized for the damages they have caused their […] | Ransomware Threat | ||
|
2020-04-24 12:17:55 | SeaChange video delivery software solutions provider hit by Sodinokibi ransomware (lien direct) | The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. The crew has published images of the data they claim to have stolen before encrypting the […] | Ransomware | ||
|
2020-04-22 11:24:23 | DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom (lien direct) | The City of Torrance of the Los Angeles metropolitan area, California, is the last victim of the DoppelPaymer Ransomware, hackers also stole its data. On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. The City of Torrance is located in the […] | Ransomware | ||
|
2020-04-20 15:43:41 | Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console (lien direct) | Cybercriminals have abused LED light control console to launch malicious attacks, Microsoft's security experts warn. Microsoft researchers shared details of a new incident discovered in Taiwan, where crooks abused LED light control consoles to launch malicious attacks. Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used […] | Ransomware Malware Threat | ||
|
2020-04-19 08:56:34 | Are Maze operators behind the attack on the IT services giant Cognizant? (lien direct) | IT services giant Cognizant suffered a ransomware attack on Friday, according to BleepingComputer company was hit by the Maze Ransomware crew. Information technologies services giant Cognizant is the last victim of a ransomware attack, according to BleepingComputer the attack was launched by the Maze Ransomware gang. Cognizant is an American multinational corporation that provides IT services, it is […] | Ransomware | ||
|
2020-04-14 15:25:41 | Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware (lien direct) | PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Experts from Paloalto Unit 42 published a report that analyzes the cross-section between the various types of Coronavirus-themed attacks aimed at organizations in different industries. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that […] | Ransomware | ||
|
2020-04-13 07:45:23 | (Déjà vu) Sodinokibi Ransomware crew chooses Monero for ransom payments (lien direct) | The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. The crew is planning to doesn’t allow bitcoin payments in […] | Ransomware | ||
|
2020-04-10 10:04:25 | DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies (lien direct) | DoppelPaymer hackers leaked online internal confidential documents belonging to some of the largest aerospace companies in the world. The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. Visser Precision is a parts maker for many companies […] | Ransomware | ||
|
2020-04-09 21:24:17 | (Déjà vu) Travelex paid $2.3 Million ransom to restore after a ransomware attack (lien direct) | Travelex reportedly paid a $2.3 million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. The UK-based currency exchange Travelex currency exchange has been forced offline following a malware attack launched on New Year's Eve. The London-based company, which operates more than 1,500 stores globally, suffered the attack on December 31, 2019, […] | Ransomware Malware | ||
|
2020-04-08 07:59:14 | Maze ransomware gang discloses data from drug testing firm HMR (lien direct) | The drug testing firm Hammersmith Medicines Research LTD (HMR), which performs live trials of Coronavirus vaccines, discloses a data breach. Hammersmith Medicines Research LTD (HMR), a London-based company that carries out clinical trials for new medicines and that is on standby to perform live trials of Coronavirus vaccines, has suffered a data breach. On March 21, the […] | Ransomware | ★★★★★ |
To see everything:
Our RSS (filtrered)
