What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-04-07 07:05:31 | Interpol warns that crooks are increasingly targeting hospitals (lien direct) | While the Coronavirus outbreak is threatening the world, the INTERPOL warns that crooks are increasingly targeting hospitals with ransomware. The INTERPOL (International Criminal Police Organisation) is warning of ransomware attacks against hospitals despite the currently ongoing Coronavirus outbreak. Attackers are targeting organizations in the healthcare industry via malspam campaigns using malicious attachments. The attachments used […] | Ransomware | ||
|
2020-04-05 09:23:04 | Security Affairs newsletter Round 258 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 22 – March 28, 2020 FIN7 hackers target enterprises with weaponized USB drives via USPS Source code of Dharma ransomware now surfacing on public hacking forums Crooks leverage Zooms popularity in Coronavirus outbreak to serve […] | Ransomware | ||
|
2020-04-02 07:39:08 | Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks (lien direct) | Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that targeted organizations in various industries. […] | Ransomware | ||
|
2020-03-29 19:16:15 | (Déjà vu) Source code of Dharma ransomware now surfacing on public hacking forums (lien direct) | The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware, is up for sale on two Russian-language hacking forums. The Dharma ransomware first appeared on the threat landscape in February 2016, at the […] | Ransomware Threat | ||
|
2020-03-27 08:42:37 | (Déjà vu) Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak (lien direct) | Operators behind the Ryuk Ransomware continue to target hospitals even as these organizations are involved in the fight against the Coronavirus pandemic. The threat actors behind the infamous Ryuk Ransomware continue to target hospitals, even as they are involved in containing the Coronavirus outbreak. The decision of the operators is not aligned with principal ransomware […] | Ransomware Threat | ||
|
2020-03-23 14:10:51 | Coronavirus-themed campaign delivers a new variant of Netwalker Ransomware (lien direct) | MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware. The number of coronavirus-themed cyberattacks continues to increase, MalwareHunterTeam researchers uncovered a new campaign that is delivering the Netwalker Ransomware, aka Mailto. The researchers have analyzed an attachment, named “CORONAVIRUS_COVID-19.vbs,” used in a new Coronavirus phishing campaign that was designed to […] | Ransomware | ||
|
2020-03-21 19:20:27 | UK Fintech company Finastra hit by a cyber attack (lien direct) | The financial technology firm Finastra announced it has suffered a ransomware attack that took down its some of its systems. Finastra, the UK leading financial technology provider, announced that some of its servers were shut down in response to a ransomware attack that the company detected. Finastra provides financial software and services to more than 9,000 customers […] | Ransomware Guideline | ||
|
2020-03-19 14:51:33 | CERT France – Pysa ransomware is targeting local governments (lien direct) | CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. Operators behind this campaign are spreading a new version of the Mespinoza ransomware (aka […] | Ransomware | ||
|
2020-03-17 21:56:52 | Operators behind Nefilim Ransomware threaten to release stolen data (lien direct) | Operators behind a new piece of ransomware dubbed Nefilim have started threatening victims to release stolen data like other cybercrime gangs. A new ransomware dubbed Nefilim appeared in the threat landscape at the end of February, it borrows its code from other malware, the Nemty ransomware. The main difference between the two threats is that […] | Ransomware Threat | ||
|
2020-03-17 19:26:38 | Most ransomware attacks take place outside the working hours (lien direct) | Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours. FireEye compiled the report using data from […] | Ransomware | ||
|
2020-03-17 10:13:52 | (Déjà vu) Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections (lien direct) | Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. In this campaign, crooks are exploiting the interest […] | Ransomware | ||
|
2020-03-16 08:40:59 | Experts warn of a new strain of ransomware, the PXJ Ransomware (lien direct) | Experts warn of a new malware strain, dubbed PXJ Ransomware, that does share the same underlying code with existing ransomware families. Security experts from IBM X-Force have spotted a new strain of ransomware, dubbed PXJ Ransomware, that does share the same code with other known ransomware families. While PXJ performs typical ransomware functions, it does […] | Ransomware Malware | ||
|
2020-03-10 10:13:14 | Microsoft warns of Human-Operated Ransomware as a growing threat to businesses (lien direct) | Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. In human-operated ransomware attack scenario, attackers use stolen credentials, exploit misconfiguration and vulnerabilities to access target networks, […] | Ransomware Threat | ||
|
2020-03-09 08:00:18 | (Déjà vu) Sodinokibi Ransomware operators threaten to leak \'dirty\' financial data of a company (lien direct) | Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous Sodinokibi Ransomware are threatening to publicly release the “dirty” financial secrets of a company that refused to pay the ransom. In December, for the first time, the crime gang behind the Maze […] | Ransomware | ||
|
2020-03-08 20:38:02 | The City of Durham shut down its network after Ryuk Ransomware attack (lien direct) | The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend. According to the local media, the City […] | Ransomware | ||
|
2020-03-07 15:47:13 | EVRAZ operations in North America disrupted by Ryuk ransomware (lien direct) | Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, […] | Ransomware | ||
|
2020-03-04 15:12:44 | Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware (lien direct) | Data-stealing ransomware infected systems at Visser Precision, a parts maker for many enterprises, including Tesla, Boeing, and Lockheed Martin. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. The company disclosed a ransomware attack that might have exposed data related to multiple business partners, including Tesla, […] | Ransomware | ||
|
2020-03-03 15:38:10 | Nemty ransomware operators launch their data leak site (lien direct) | The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files […] | Ransomware Malware Threat | ||
|
2020-03-02 08:04:23 | Nemty ransomware “LOVE_YOU” malspam campaign (lien direct) | Security experts uncovered an ongoing campaign delivering Nemty Ransomware via emails disguised as messages from secret lovers. Researchers from Malwarebytes and X-Force IRIS have uncovered an ongoing spam campaign distributing the Nemty Ransomware via messages disguised as messages from secret lovers. The attackers employed messages with several subject lines and attachment filenames composed to appear […] | Ransomware Spam | ||
|
2020-02-29 22:44:11 | Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm (lien direct) | Not only Maze ransomware gang, the operators behind Sodinokibi Ransomware allegedly leaked the data of Kenneth Cole Productions. The operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions. The news was first reported by the Under the Breach research group. Sodinokibi (aka REvil) is […] | Ransomware | ||
|
2020-02-29 13:53:34 | US Railroad firm RailWorks discloses a data breach after a ransomware attack (lien direct) | RailWorks Corporation, one of the leading railroad track and transit system providers in North America, disclosed a ransomware attack. RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, disclosed a ransomware attack. The security breach may have also exposed personally identifiable information (i.e. Government-issued IDs, Social Security numbers, dates of birth, dates of hire/termination […] | Ransomware Data Breach Guideline | ||
|
2020-02-28 08:40:51 | NRC Health health care company hit with ransomware (lien direct) | A Lincoln health care company has been targeted by crooks, no patient data has been compromised during the cyber attack. NRC Health recently disclosed that it was hit by a ransomware attack that took place on February 11. The company provides analytics that help health care providers measure and improve quality and services. The Lincoln […] | Ransomware | ||
|
2020-02-26 15:16:54 | Reading Municipal Light Department, an electric utility in Massachusetts, hit by ransomware (lien direct) | The Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. This week, the Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. Reading Municipal Light Department provides electricity to over 68,000 citizens that live in the towns […] | Ransomware | ||
|
2020-02-20 22:06:58 | Croatia\'s largest petrol station chain INA group hit by ransomware attack (lien direct) | Some operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. INA, d.d. is a stock company with the Hungarian MOL Group and the Croatian Government as its biggest shareholders, […] | Ransomware | ||
|
2020-02-19 06:09:47 | (Déjà vu) US CISA warns of Ransomware attacks impacting pipeline operations (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about a recent infection at a natural gas compression facility. “The Cybersecurity and Infrastructure Security Agency (CISA) […] | Ransomware | ||
|
2020-02-09 09:42:27 | Maastricht University finally paid a 30 bitcoin ransom to crooks (lien direct) | In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Maastricht University is an excellent university attended by over 18,000 students, roughly 4,400 employees, and 70,000 alumni. “Maastricht […] | Ransomware | ||
|
2020-02-08 00:17:52 | (Déjà vu) RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software (lien direct) | The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling security products. Ransomware operators leverage a custom antivirus killing package that is delivered to workstations […] | Ransomware | ||
|
2020-02-04 13:49:25 | The city of Racine was offline following a ransomware attack (lien direct) | The city of Racine joins to the long string of US municipalities that were hit with ransomware attack, it was forced offline following the infection. The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on January 31, 2020. Most of non-emergency computer services of the city went offline following the […] | Ransomware | ||
|
2020-02-04 12:19:34 | Toll Group shuts down some online systems after ransomware attack (lien direct) | The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to the incident the company has shut down some of its online services. The Toll Group is an […] | Ransomware | ||
|
2020-02-03 11:37:23 | Ransomware brought down services of popular TV search engine TVEyes (lien direct) | TVEyes was brought down after its core server and engineering workstations were infected with a ransomware attack, company CEO confirmed. TVEyes is a company that manages a popular platform for monitoring TV and radio news broadcasts, it is used worldwide by PR agencies and newsrooms. On Thursday night, a ransomware attack hit the company network causing […] | Ransomware | ||
|
2020-01-31 08:17:43 | Report: Threat of Emotet and Ryuk (lien direct) | Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a […] | Ransomware Malware Threat | ||
|
2020-01-30 11:14:02 | US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware (lien direct) | The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack, the news was reported by ZDNet. Last week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. Electronic Warfare Associates provides electronic equipment to the US government, the list of customers […] | Ransomware | ||
|
2020-01-28 21:39:38 | A new piece of Snake Ransomware targets ICS processes (lien direct) | The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). The Snake ransomware is written in the Golang programming language and has been used in […] | Ransomware | ||
|
2020-01-16 07:05:50 | 5ss5c Ransomware emerges after Satan went down in the hell (lien direct) | The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan, DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’. The Bart Blaze believes that the threat actors have […] | Ransomware Malware Threat | ||
|
2020-01-10 20:42:58 | Albany County Airport authority hit by a ransomware attack (lien direct) | Officials at the Albany County Airport Authority revealed that New York airport servers were infected with ransomware on Christmas. Officials at the Albany County Airport Authority announced this week that a ransomware attack hit the New York airport and its computer management provider LogicalNet over Christmas. The news of the attack was disclosed after LogicalNet reported its own management […] | Ransomware | ||
|
2020-01-08 11:16:44 | SNAKE Ransomware is targeting business networks (lien direct) | A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. The SNAKE is a new ransomware that is threatening enterprises worldwide along with most popular ransomware families such as Ryuk, Maze, Sodinokibi, LockerGoga, BitPaymer, DoppelPaymer, MegaCortex, LockerGoga. The scary trend sees criminal organizations targeting enterprises, instead of […] | Ransomware Malware Threat | ||
|
2020-01-05 20:25:57 | California IT service provider Synoptek pays ransom after Sodinokibi attack (lien direct) | Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files following a Sodinokibi ransomware attack. The gang behind the Sodinokibi ransomware has been very active […] | Ransomware | ||
|
2020-01-05 15:15:10 | DeathRansom ransomware evolves encrypting files, but experts identified its author (lien direct) | DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Researchers at Fortinet published an analysis that shows the threat evolving, […] | Ransomware Threat | ||
|
2019-12-16 07:00:54 | Ryuk Ransomware is suspected to be involved in the New Orleans cyberattack (lien direct) | New evidence suggests that in the recent attack against the systems at the City of New Orleans was used the Ryuk ransomware. Over the weekend, New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019. The IT […] | Ransomware | ||
|
2019-12-05 07:34:30 | CyrusOne, one of the major US data center provider, hit by ransomware attack (lien direct) | Ransomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection. A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware. The company reported the incident to law […] | Ransomware | ||
|
2019-11-29 07:09:17 | (Déjà vu) Dutch National Cyber Security Centre warns ransomware infected thousands of businesses (lien direct) | According to a confidential report from the Dutch National Cyber Security Centre (NCSC), at least 1,800 companies were infected with 3 ransomware. A confidential report published by the Dutch National Cyber Security Centre (NCSC) revealed that at least 1,800 companies are affected by three strains of ransomware across the world. According to the report, the […] | Ransomware | ||
|
2019-11-28 13:58:40 | (Déjà vu) A Ransomware infected the network of the cybersecurity firm Prosegur (lien direct) | A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. The network of the Prosegur firm was infected with a piece of the Ryuk […] | Ransomware | ★★★★ | |
|
2019-11-25 14:53:02 | Livingston School District hit by a ransomware attack (lien direct) | Livingston School District in New Jersey is the last victim of a ransomware attack that caused a two hour delayed opening. Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. A new ransomware attack hit a school district in the US, the malware has […] | Ransomware Malware | ||
|
2019-11-22 15:03:07 | French Rouen hospital hit by a ransomware attack (lien direct) | The University Hospital Center (CHU) of Rouen was hit by the malware last week, the ransomware had a severe impact on the operations during the weekend. The AFP news agency reported that a ransomware attack on a hospital in Rouen last week caused “very long delays in care.” Medical staff at the hospital were not […] | Ransomware Malware | ||
|
2019-11-21 12:29:03 | Microsoft warns of growing DoppelPaymer Ransomware threat (lien direct) | The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware and provided useful information on the threat. The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware, the tech giant provided useful information on the threat and how it spreads. “Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information […] | Ransomware Threat Guideline | ||
|
2019-11-20 06:35:59 | Ransomware Revival: Troldesh becomes a leader by the number of attacks (lien direct) | Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. Group-IB, a Singapore-based cybersecurity company: ransomware accounted for over half of all malicious mailings in H1 2019, detected and analyzed by Group-IB's Computer Emergency Response Team (CERT-GIB), with Troldesh aka Shade being the most popular tool […] | Ransomware Tool | ||
|
2019-11-19 08:50:42 | (Déjà vu) Ransomware infected systems at state government of Louisiana (lien direct) | Another ransomware attack made the headlines, the victim is the state government of Louisiana, numerous services have been impacted. The state government of Louisiana was hit by a ransomware attack that affected multiple state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. The incident forced […] | Ransomware | ||
|
2019-11-18 08:02:41 | New NextCry Ransomware targets Nextcloud instances on Linux servers (lien direct) | NextCry is a new ransomware that was spotted by researchers while encrypting data on Linux servers in the wild. Security experts spotted new ransomware dubbed NextCry that targets the clients of the NextCloud file sync and share service. The name comes from the extensions the ransomware appends to the filenames of encrypted files. The malicious code targets Nextcloud […] | Ransomware | ||
|
2019-11-17 18:31:41 | Security Affairs newsletter Round 240 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware Major ASP.NET hosting provider SmarterASP hit by ransomware attack Apple Mail stores parts of encrypted emails in […] | Ransomware | ||
|
2019-11-12 21:38:37 | Mexican state-owned oil company Pemex hit by ransomware (lien direct) | On Sunday, the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos (Pemex) taking down part of its network. According to the company, less than 5% of the computers in its network were […] | Ransomware |
To see everything:
Our RSS (filtrered)
