What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-14 09:01:23 | Alleged ransomware attack disrupted operations at Slovenia\'s Pop TV station (lien direct) | Last week, a cyberattack hit Pop TV, Slovenia's most popular TV channel, disrupting the operations. Last week, a cyber-attack has disrupted the operations of Pop TV, the Slovenian most popular TV channel. The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening […] | Ransomware | ||
|
2022-02-13 19:34:40 | Organizations paid at least $602 million to ransomware gangs in 2021 (lien direct) | Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. Last week, cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. According to a report published by the blockchain analysis firm […] | Ransomware Threat | ||
|
2022-02-13 14:01:55 | San Francisco 49ers NFL team discloses BlackByte ransomware attack (lien direct) | A ransomware attack hit the corporate IT network of the San Francisco 49ers NFL team, The Record reported. The San Francisco 49ers NFL team has fallen victim to a ransomware attack, the news was reported by The Record. The team disclosed the attack after that the BlackByte ransomware added the team to the list of […] | Ransomware | ||
|
2022-02-12 18:32:09 | CISA, FBI, NSA warn of the increased globalized threat of ransomware (lien direct) | CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. Cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Almost any sector was hit by sophisticated, high-impact ransomware attacks, including the Defense Industrial […] | Ransomware Threat | ||
|
2022-02-10 11:55:48 | Spyware, ransomware and Nation-state hacking: Q&A from a recent interview (lien direct) | I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet? In the last decade, we have observed a progressive weaponization […] | Ransomware | ||
|
2022-02-09 16:51:32 | (Déjà vu) Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online (lien direct) | The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums. The master decryption keys for the Maze, Egregor, and Sekhmet ransomware families were released on the BleepingComputer forums by the alleged malware developer. The Maze group was considered one of the most prominent ransomware operations […] | Ransomware Malware | ||
|
2022-02-08 14:40:04 | (Déjà vu) Data of +6K Puma employees stolen in December Kronos Ransomware attack (lien direct) | Data belonging to 6,632 Puma employees was stolen in a December 2021 ransomware attack that hit Ultimate Kronos Group (UKG). Data of 6,632 Puma employees was stolen in a ransomware attack that hit HR management platform Ultimate Kronos Group (UKG) in December. Potentially exposed data includes names, Social Security numbers, and other personal information. The […] | Ransomware | ||
|
2022-02-06 10:07:44 | Security Affairs newsletter Round 352 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued […] | Ransomware | ||
|
2022-02-05 20:30:51 | LockBit ransomware gang claims to have stolen data from PayBito crypto exchange (lien direct) | LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The exchange is operated by global blockchain and IT services company HashCash. LockBit ransomware operators claim to have stolen customers’ data from the PayBito crypto exchange, […] | Ransomware | ||
|
2022-02-05 18:16:37 | FBI issued a flash alert on Lockbit ransomware operation (lien direct) | The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. The LockBit ransomware gang has been active since September 2019, in June 2021 the group announced the LockBit 2.0 RaaS. Like […] | Ransomware | ||
|
2022-02-04 21:46:06 | Over 500,000 people were impacted by a ransomware attack that hit Morley (lien direct) | Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact […] | Ransomware Data Breach | ||
|
2022-02-04 19:28:24 | Ransomware attack hit Swissport International causing delays in flights (lien direct) | Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an aviation services company providing airport ground,lounge hospitality and cargo handling services owned by an international group of investors. The company handles around 282 million passengers and 4.8 million tonnes of cargo annually, on behalf of […] | Ransomware | ||
|
2022-02-02 18:30:49 | (Déjà vu) Sugar Ransomware, a new RaaS in the threat landscape (lien direct) | Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model. Unlike other ransomware operations, Sugar ransomware appears to primarily focus on individual […] | Ransomware Threat | ||
|
2022-02-02 11:55:18 | Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op (lien direct) | The Cybereason Nocturnus Team reported a spike in the activity of the Iran-linked APT group APT35 (aka Phosphorus or Charming Kitten). The Cybereason Nocturnus Team observed a spike in the activity of the Iran-linked APT group APT35 (aka 'Charming Kitten', 'Phosphorus', Newscaster, and Ajax Security Team) The Phosphorus group made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized […] | Ransomware Conference | APT 35 APT 35 | |
|
2022-01-30 14:28:03 | Security Affairs newsletter Round 351 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. QNAP force-installs update against the recent wave of DeadBolt ransomware infections US FCC bans […] | Ransomware | ||
|
2022-01-29 15:45:29 | QNAP force-installs update against the recent wave of DeadBolt ransomware infections (lien direct) | QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of […] | Ransomware | ||
|
2022-01-28 11:56:26 | Delta Electronics, a tech giants\' contractor, hit by Conti ransomware (lien direct) | Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. Delta Electronics operates as a contractor for major tech giants such as Apple, Tesla, HP, and Dell. […] | Ransomware | ||
|
2022-01-27 15:07:53 | Lockbit ransomware gang claims to have hacked Ministry of Justice of France (lien direct) | A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry of Justice of France is a body of the French government, which is responsible for: supervision of the judiciary, its maintenance and administration; participation as Vice President of the Judicial Council; supervision of the prosecutor’s […] | Ransomware | ||
|
2022-01-27 09:48:16 | Experts analyze first LockBit ransomware for Linux and VMware ESXi (lien direct) | LockBit expands its operations by implementing a Linux version of LockBit ransomware that targets VMware ESXi servers. LockBit is the latest ransomware operation to add the support for Linux systems, experts spotted a new version that targets VMware ESXi virtual machines. The move aims at expanding the audience of potential targets, including all the organizations […] | Ransomware | ||
|
2022-01-26 15:42:10 | New DeadBolt ransomware targets QNAP NAS devices (lien direct) | New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems. Once encrypted the content of the device, […] | Ransomware Malware | ||
|
2022-01-21 06:22:42 | Conti ransomware gang started leaking files stolen from Bank Indonesia (lien direct) | The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach. A […] | Ransomware | ||
|
2022-01-20 22:45:55 | FBI links the Diavol ransomware to the TrickBot gang (lien direct) | The Federal Bureau of Investigation (FBI) officially linked the Diavol ransomware operation to the infamous TrickBot gang. The FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang, the group that is behind the TrickBot banking trojan. “The FBI first learned of Diavol ransomware in October 2021. Diavol is associated with developers from […] | Ransomware | ||
|
2022-01-19 06:05:49 | Is White Rabbit ransomware linked to FIN8 financially motivated group? (lien direct) | A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group. In December the popular malware researcher Michael Gillespie, […] | Ransomware Malware Threat | ||
|
2022-01-18 21:58:59 | AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler (lien direct) | Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data breach after an attack that took place in December. The luxury fashion giant was hit by AlphV/BlackCat ransomware that today published the stolen data on its leak site in the Tor network. In December, malware […] | Ransomware Data Breach Malware | ||
|
2022-01-17 10:13:30 | Experts warn of attacks using a new Linux variant of SFile ransomware (lien direct) | The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. […] | Ransomware Malware | ||
|
2022-01-16 13:31:13 | A new wave of Qlocker ransomware attacks targets QNAP NAS devices (lien direct) | QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt on infected devices. In May, the Taiwanese vendor QNAP warned its […] | Ransomware | ||
|
2022-01-15 11:39:45 | One of the REvil members arrested by FSB was behind Colonial Pipeline attack (lien direct) | A senior Biden administration official said that the one of the Russian hacker arrested by FSB was behind the Colonial Pipeline attack. Yesterday, the Russian Federal Security Service (FSB) announced to have dismantled the REvil ransomware operation and arrested 14 alleged members of the gang. The group that is behind a long string of attacks […] | Ransomware | ||
|
2022-01-14 20:51:12 | Lorenz ransomware gang stolen files from defense contractor Hensoldt (lien direct) | German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by Lorenz ransomware. Hensoldt, a multinational defense contractor, confirmed that some of its UK subsidiary’s systems were infected with Lorenz ransomware. This week a Hensholdt spokesperson confirmed the security breach to BleepingComputer explaining that a small number of mobile devices in its […] | Ransomware | ||
|
2022-01-14 19:03:42 | Russian government claims to have dismantled REvil ransomware gang (lien direct) | Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string of attacks against large organizations, such as Kaseya and JBS USA. The FSB claims to have […] | Ransomware | ||
|
2022-01-14 11:04:46 | Ukrainian police arrested Ransomware gang behind attacks on 50 companies (lien direct) | Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. and Europe. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. and Europe. The operation was conducted by the SBU Cyber Department together with the Cyber […] | Ransomware | ||
|
2022-01-11 14:52:46 | Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers (lien direct) | Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. The ransomware gang started its operations on December 27, 2021, and […] | Ransomware Hack Vulnerability | ||
|
2022-01-11 09:46:37 | AvosLocker ransomware now targets Linux systems, including ESXi servers (lien direct) | AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. “While we couldn’t find what targets were attacked using this AvosLocker ransomware Linux variant, BleepingComputer knows of at least one […] | Ransomware | ||
|
2022-01-07 20:37:42 | How to secure QNAP NAS devices? The vendor\'s instructions (lien direct) | QNAP is warning customers of ransomware attacks targeting network-attached storage (NAS) devices exposed online. Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the […] | Ransomware | ||
|
2022-01-07 05:41:23 | Night Sky, a new ransomware operation in the threat landscape (lien direct) | Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers from MalwareHunterteam first spotted a new ransomware family dubbed Night Sky that implements a double extortion model in attacks aimed at businesses. Once encrypted a file, the ransomware appends the ‘.nightsky‘ extension to encrypted file names. The […] | Ransomware Threat | ||
|
2022-01-04 09:07:38 | Hospitality Chain McMenamins discloses data breach after ransomware attack (lien direct) | Hospitality chain McMenamins disclosed a data breach after a recent ransomware attack. Hospitality chain McMenamins discloses a data breach after a ransomware attack that took place on December 12. McMenamins is a family-owned chain of brewpubs, breweries, music venues, historic hotels, and theater pubs in Oregon and Washington. According to the company, threat actors have stolen data of individuals […] | Ransomware Data Breach Threat | ||
|
2022-01-03 11:03:55 | The worst cyber attacks of 2021 (lien direct) | Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? CNA Financial (March 2021) – CNA Financial, one of the largest insurance companies in the US, reportedly paid a $40 ransom to restore access to its files following a ransomware […] | Ransomware | ||
|
2022-01-02 19:24:33 | Lapsus$ ransomware gang hits Impresa, Portugal\'s largest media conglomerate (lien direct) | The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. Impresa owns SIC TV channel, and Expresso newspaper, among other leading media, like several magazine publications. The attack took place during the New Year […] | Ransomware Guideline | ||
|
2021-12-30 11:28:19 | (Déjà vu) AvosLocker ransomware gang releases a free decryptor after an affiliate hit US gov agency (lien direct) | The AvosLocker ransomware operators released a free decryptor after they accidentally encrypted the system of US Government entity. The AvosLocker ransomware operation provided a free decryptor after they encrypted the systems of a US government agency. According to BleepingComputer, the gang hit a police department but fearing the reaction of US law enforcement opted to […] | Ransomware | ||
|
2021-12-28 15:13:46 | Shutterfly hit by a Conti ransomware attack (lien direct) | Shutterfly, an online platform for photography and personalized products, has been affected by a ransomware attack. Shutterfly, is American photography, photography products, and image sharing company that owns multiple brands such as BorrowLenses, GrooveBook, Lifetouch, Shutterfly, Snapfish, Spoonflower, and Tiny Prints. The service allows users to create personalized photo gifts such as smartphone cases, photo books, wall art, and […] | Ransomware | ||
|
2021-12-27 19:08:50 | A new wave of ech0raix ransomware attacks targets QNAP NAS devices (lien direct) | A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. Users reported numerous compromises of their devices a few days before Christmas. According to BleepingComputer, forum users reported an intensification of the attacks since December 20, the […] | Ransomware Threat | ||
|
2021-12-26 20:36:19 | French IT services provider Inetum hit by BlackCat ransomware attack (lien direct) | The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday, but according to the company the security breach had a limited impact on its operations. Inetum is […] | Ransomware | ||
|
2021-12-26 14:17:13 | Security Affairs newsletter Round 346 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. New Rook Ransomware borrows code from Babuk Omicron-themed phishing attacks spread Dridex and taunt […] | Ransomware | ||
|
2021-12-25 19:11:34 | New Rook Ransomware borrows code from Babuk (lien direct) | Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. A new ransomware operation named Rook appeared in the threat landscape, it was first reported by researcher Zach Allen and caught the attention of the experts for its blatant announcement that claims a desperate need to […] | Ransomware Threat | ★★★★★ | |
|
2021-12-23 19:31:01 | AvosLocker ransomware reboots in Safe Mode and installs tools for remote access (lien direct) | In a recent wave of attacks, AvosLocker ransomware is rebooting systems into Windows Safe Mode to disable endpoint security solutions. Sophos experts monitoring AvosLocker ransomware attacks, noticed that the malware is rebooting compromised systems into Windows Safe Mode to disable endpoint security solutions. Running the systems into safe mode will allow the malware to encrypt […] | Ransomware Malware | ||
|
2021-12-22 15:50:25 | PYSA ransomware gang is the most active group in November (lien direct) | PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs. Experts observed a 400% […] | Ransomware Threat | ||
|
2021-12-21 08:04:29 | Log4j Vulnerability Aftermath (lien direct) | Uptycs researchers have observed attacks related to miners, DDOS malware and some variants of ransomware actively leveraging LogforShell flaw in log4j. Last week the Log4j vulnerability turned the internet upside down. The impact of the vulnerability is massive and attackers have started taking advantage of the flaw. So far we have observed attacks related to […] | Ransomware Malware Vulnerability | ||
|
2021-12-19 19:07:55 | Clop ransomware gang is leaking confidential data from the UK police (lien direct) | Clop ransomware gang stolen confidential data from the UK police and leaked it in the dark web because the victim refused to pay the ransom Clop ransomware operators have stolen confidential information held by some British police, according to the media the cybercriminal gang targeted the IT firm Dacoll. According to the media, the cybercriminals […] | Ransomware | ||
|
2021-12-19 15:13:00 | Security Affairs newsletter Round 345 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. TellYouThePass ransomware resurges and exploits Log4Shell in recent attacks Western Digital customers have to […] | Ransomware | ||
|
2021-12-17 21:44:50 | Conti ransomware gang exploits Log4Shell bug in its operations (lien direct) | The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected. Conti operators run a private Ransomware-as-a-Service (RaaS), […] | Ransomware | ||
|
2021-12-15 20:16:53 | FBI\'s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine (lien direct) | While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware gang operates out of Ukraine. The investigation conducted by FBI on a recent data breach suffered by an Oregon healthcare organization lead to the accidental revelation that the FBI believes that the HelloKitty ransomware gang […] | Ransomware Data Breach Guideline |
To see everything:
Our RSS (filtrered)
