What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-19 05:18:38 | (Déjà vu) Trustwave released a free decryptor for the BlackByte ransomware (lien direct) | Trustwave's SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files. Researchers from Trustwave's SpiderLabs have released a decryptor that can allow victims of the BlackByte ransomware to restore their files for free. The experts spotted the BlackByte ransomware while investigating a recent malware incident. The […] | Ransomware Malware | ||
|
2021-10-18 11:43:00 | Sinclair TV stations downtime allegedly caused by a ransomware attack (lien direct) | A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group broadcast television company. TV stations owned by the Sinclair Broadcast Group went down over the weekend officially due to technical issues, but some media [1,2] reported that it was a victim of a ransomware attack. […] | Ransomware | ||
|
2021-10-18 07:27:01 | REvil ransomware operation shuts down once again (lien direct) | It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor hidden service. The REvil ransomware gang has shut down its operation once again after a threat actor has hijacked their Tor leak site and payment portal. The news of the hack was shared by the […] | Ransomware Hack Threat | ||
|
2021-10-16 09:03:58 | (Déjà vu) US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments (lien direct) | The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) linked roughly $5.2 billion worth of Bitcoin transactions to ransomware. The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has identified approximately $5.2 billion worth of Bitcoin transactions likely associated with operations of top 10 most commonly reported ransomware variants FinCEN analyzed a data set composed […] | Ransomware | ||
|
2021-10-15 20:17:29 | Accenture discloses data breach after LockBit ransomware attack (lien direct) | IT and consulting giant Accenture confirmed a data breach after the ransomware attack conducted by LockBit operators in August 2021. Global IT consultancy giant Accenture discloses a data breach after the LockBit ransomware attack that hit the company in August 2021. News about the attack was included in the company’s financial report for the fourth quarter […] | Ransomware Data Breach | ||
|
2021-10-15 10:04:36 | Three more ransomware attacks hit Water and Wastewater systems in 2021 (lien direct) | A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year. This is the first time that these attacks […] | Ransomware | ||
|
2021-10-14 21:17:25 | Since 2020, at least 130 different ransomware families have been active (lien direct) | The popular Google's VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has published its first ransomware activity report based on the analysis of more than 80 million samples that have been uploaded from 140 countries worldwide. Since 2020, at least 130 different ransomware families have been active. […] | Ransomware | ||
|
2021-10-14 15:19:54 | For the first time, an Israeli hospital was hit by a major ransomware attack (lien direct) | The Hillel Yaffe Medical Center in Hadera, Israel, was hit by a ransomware attack that was defined by Israel’s National Cyber Directorate as a “major” attack. The Hillel Yaffe Medical Center in Hadera, Israel was hit by a ransomware attack that impacted the system of the hospital. Local media outlets reported that the hospital has […] | Ransomware | ||
|
2021-10-14 11:15:27 | New Yanluowang ransomware used in highly targeted attacks on large orgs (lien direct) | Researchers spotted a new strain of ransomware, dubbed Yanluowang, that was used in highly targeted attacks against enterprises. Researchers from Symantec Threat Hunter Team discovered a ransomware family, tracked as Yanluowang ransomware that was used in highly targeted attacks against large enterprises. The discovery is part of an investigation into a recent attempted ransomware attack […] | Ransomware Threat | ||
|
2021-10-09 07:52:18 | (Déjà vu) Cox Media Group took down broadcasts after a ransomware attack (lien direct) | American media conglomerate Cox Media Group (CMG) was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The American media conglomerate Cox Media Group (CMG) announced it was hit by a ransomware attack that caused the interruption of the live TV and radio broadcast streams in June […] | Ransomware | ||
|
2021-10-08 11:36:12 | The Netherlands declares war on ransomware operations (lien direct) | The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them. Cyberespionage and sabotage attacks, […] | Ransomware | ||
|
2021-10-07 21:38:17 | FIN12 ransomware gang don\'t implement double extortion to prioritize speed (lien direct) | Researchers detailed the activities of the FIN12 ransomware group that earned million of dollars over the past years. Researchers from Mandiant published a detailed report on the activities of a financially motivated ransomware group tracked as FIN12 that has been active since at least October 2018. The vast majority of FIN12 victims have more than […] | Ransomware | ||
|
2021-10-05 16:13:36 | Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers (lien direct) | An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware attack when discovered that the attackers employed a Python script to encrypt virtual machines hosted on VMware ESXi servers. In the attack investigated by the […] | Ransomware | ||
|
2021-10-04 13:48:04 | Pottawatomie County paid the ransom to recover its systems (lien direct) | Pottawatomie County restored operations that were suspended after a ransomware attack hit its systems on September 17, 2021. Officials at Pottawatomie County announced to have fully recovered their IT infrastructure that was hit by a ransomware attack on September 17, 2021. County Administrator Chad Kinsley announced that the county opted to pay the ransomware, they […] | Ransomware | ||
|
2021-10-04 13:13:08 | Two ransomware operators were arrested in Kyiv with EUROPOL\'s support (lien direct) | Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than $150M in damages. A joint international law enforcement operation led to the arrest of the ransomware operators in Kyiv, Ukraine on September 28. The operation was conducted by the Ukrainian National Police, with the support […] | Ransomware | ||
|
2021-10-04 07:28:59 | LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting (lien direct) | Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on 07 Oct, 2021. LockBit 2.0 ransomware operators hit the Israeli aerospace and defense firm E.M.I.T. Aviation Consulting Ltd, threat actors claim to have stolen data from the company and are threatening to leak them on […] | Ransomware Threat | ||
|
2021-10-03 08:41:34 | The Biden administration will work with 30 countries to curb global cybercrime (lien direct) | The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. U.S. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. “This month, the United States will bring together 30 countries […] | Ransomware | ||
|
2021-10-01 21:34:11 | Baby died at Alabama Springhill Medical Center due to cyber attack (lien direct) | A baby allegedly received inadequate childbirth health care, and later died, at an Alabama Springhill Medical Center due to a ransomware attack. An Alabama woman named Teiranni Kidd has filed suit after the death of her baby, she claims that the Springhill Medical Center was not able to respond to a cyberattack that crippled its […] | Ransomware | ||
|
2021-09-26 08:26:12 | Security Affairs newsletter Round 333 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. GSS, one of the major European call center providers, suffered a ransomware attack Threat actors are attempting […] | Ransomware Threat | ★★ | |
|
2021-09-25 16:58:57 | GSS, one of the major European call center providers, suffered a ransomware attack (lien direct) | The customer care and call center provider GSS has suffered a ransomware attack that crippled its systems and impacted its Spanish-speaking customers. GSS customer care and call center provider has suffered a ransomware attack that crippled its system and paralyzed call centers serving its Spanish-speaking customers. GSS is the Spanish and Latin America division of […] | Ransomware | ||
|
2021-09-23 08:31:19 | (Déjà vu) Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a week (lien direct) | Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, this is the second farming cooperative that was hit by ransomware operators in a few days. At this time, […] | Ransomware | ||
|
2021-09-22 21:42:16 | (Déjà vu) US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks (lien direct) | CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. The advisory urges organizations to take supplementary measures […] | Ransomware | ||
|
2021-09-21 05:45:40 | Black Matter gang demanded a $5.9M ransom to NEW Cooperative (lien direct) | U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for […] | Ransomware | ||
|
2021-09-19 08:14:09 | Security Affairs newsletter Round 332 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The Biden administration plans to target exchanges supporting ransomware operations with sanctions Threat actor has been targeting the aviation industry since at least 2018 Expert discloses details and PoC […] | Ransomware Threat | ||
|
2021-09-18 17:46:15 | (Déjà vu) The Biden administration plans to target exchanges supporting ransomware operations with sanctions (lien direct) | US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware gangs, and according to the Wall Street Journal, it is now planning to target the digital […] | Ransomware | ||
|
2021-09-16 17:23:47 | (Déjà vu) Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug (lien direct) | Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors, including ransomware operators, that are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444) in attacks against organizations. The IT giant says that threat actors started targeting […] | Ransomware Threat | ||
|
2021-09-16 14:57:43 | Bitdefender released free REvil ransomware decryptor that works for past victims (lien direct) | Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. Good news for the victims of REvil ransomware gangs that were infected before the operations were temporarily halted on July 13th, Bitdefender released a free master decryptor that allows them to recover […] | Ransomware | ||
|
2021-09-13 09:03:02 | BlackMatter ransomware gang hit Technology giant Olympus (lien direct) | Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including […] | Ransomware | ||
|
2021-09-13 05:19:46 | Department of Justice and Constitutional Development of South Africa hit by a ransomware attack (lien direct) | The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services. A ransomware attack hit the Department of Justice and Constitutional Development of South Africa, multiple services, including email and bail services have been impacted. The incident did not affect child maintenance payments for the month […] | Ransomware | ||
|
2021-09-12 05:29:57 | Revil ransomware operators are targeting new victims (lien direct) | Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […] | Ransomware | ||
|
2021-09-08 19:48:21 | Groove gang leaks list of 500k credentials of compromised Fortinet appliances (lien direct) | Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially motivated threat actor Groove has leaked online compromised credentials belonging to many organizations. The ransomware group has been active since August 2021 and implement a double extortion model like other gangs. The threat actor leaked a […] | Ransomware Threat | ||
|
2021-09-07 21:55:57 | REvil ransomware gang\'s servers are mysteriously online again (lien direct) | The leak site of the popular REvil ransomware gang is it is not clear if the group resumed operations or the FBI turned on its servers. Today the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […] | Ransomware | ||
|
2021-09-07 09:13:41 | Ragnar Locker gang threatens to leak data if victim contacts law enforcement (lien direct) | The Ragnar Locker ransomware operators threaten to leak stolen data if the victims attempt to contact law enforcement agencies. The Ragnar Locker ransomware gang is adopting a new technique to force victims to pay the ransom, the operators threaten to leak stolen data if the victims contact law enforcement agencies. The group announced its new […] | Ransomware | ||
|
2021-09-05 20:13:29 | Pacific City Bank hit by AVOS Locker Ransomware (lien direct) | Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services The bank was hit by AVOS Locker […] | Ransomware | ||
|
2021-09-04 11:26:46 | (Déjà vu) Source code for the Babuk is available on a hacking forum (lien direct) | The complete source code for the Babuk ransomware is available for sale on a Russian-speaking hacking forum. A threat actor has leaked the source code for the Babuk ransomware on a Russian-speaking hacking forum. The Babuk Locker operators halted their operations at the end of April after the attack against the Washington, DC police department. Experts believe that […] | Ransomware Threat | ||
|
2021-09-03 10:29:17 | FBI warns of ransomware attacks targeting the food and agriculture sector (lien direct) | FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. The FBI Cyber Division issued a Private Industry Notification (PIN) to warn of ransomware attacks targeting the Food and Agriculture sector disrupting its operations, causing financial loss and negatively impacting the overall food supply chain. Small farms, large producers, processors and […] | Ransomware | ||
|
2021-09-01 13:27:30 | Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA (lien direct) | The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends or holidays. The FBI and CISA warn organizations to keep high their defenses against ransomware attacks during weekends or holidays. The government agencies have observed an increase in ransomware attacks occurring on holidays and weekends, […] | Ransomware | ||
|
2021-08-31 22:31:44 | LockFile Ransomware uses a new intermittent encryption technique (lien direct) | Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the […] | Ransomware | ||
|
2021-08-27 15:23:36 | (Déjà vu) The FBI issued a flash alert for Hive ransomware operations (lien direct) | The Federal Bureau of Investigation (FBI) published a flash alert related to the operations of the Hive ransomware gang. The Federal Bureau of Investigation (FBI) has released a flaw alert on the Hive ransomware attacks that includes technical details and indicators of compromise associated with the operations of the gang. Recently the group hit the […] | Ransomware | ||
|
2021-08-27 08:21:48 | Victims of Ragnarok ransomware can decrypt their files for free (lien direct) | Ragnarok ransomware operators are ceasing their operations and released the master key that can allow their victims to decrypt files for free. The Ragnarok ransomware group has been active since at least January 2020 and hit dozens of organizations worldwide. The news was reported by Bleeping Computer that also noticed that ransomware operators have replaced […] | Ransomware | ||
|
2021-08-26 08:16:19 | Personal Data and docs of Swiss town Rolle available on the dark web (lien direct) | Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors. The threat actors compromised some administrative servers […] | Ransomware Data Breach Threat | ||
|
2021-08-24 08:24:57 | (Déjà vu) FBI flash alert warns on OnePercent Group Ransomware attacks (lien direct) | The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. The Federal Bureau of Investigation (FBI) has published a flash alert about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. […] | Ransomware Threat | ||
|
2021-08-23 06:51:51 | Memorial Health System forced to cancel surgeries after ransomware attack (lien direct) | Health organization Memorial Health System was hit by a disruptive cyber attack that forced it to cancel surgeries and divert patients last week. The Memorial Health System announced that was hit by a disruptive cyber attack that forced it to suspend some of its operations. The organization operates the Marietta Memorial Hospital, the Selby General […] | Ransomware | ||
|
2021-08-22 08:24:48 | Security Affairs newsletter Round 328 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. U.S. State Department was recently hit by a cyber attack New LockFile ransomware gang uses ProxyShell and […] | Ransomware | ||
|
2021-08-21 18:03:39 | New LockFile ransomware gang uses ProxyShell and PetitPotam exploits (lien direct) | A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows […] | Ransomware | ||
|
2021-08-21 08:10:42 | US CISA releases guidance on how to prevent ransomware data breaches (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented a double-extortion schema threatening the victims to data stolen before encrypting them on compromised systems. Over the past several […] | Ransomware Threat | ||
|
2021-08-21 06:56:08 | Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware (lien direct) | Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure. According to Brazilian news outlets, the company was forced to shut down all its physical stores […] | Ransomware | ||
|
2021-08-20 22:07:18 | (Déjà vu) Emsisoft releases free SynAck ransomware decryptor (lien direct) | Emsisoft researchers have released a decryptor for the SynAck Ransomware that could allow victims of the gang to decrypt their files for free Emsisoft has released a free decryptor for SynAck Ransomware that can allow victims of the gang to decrypt their encrypted files.<gwmw style=”display:none;”> Last week, the SynAck ransomware gang released the master decryption […] | Ransomware | ||
|
2021-08-18 17:15:34 | New analysis of Diavol ransomware reinforces the link to TrickBot gang (lien direct) | Researchers conducted a new analysis of the Diavol ransomware and found new evidence of the link with the gang behind the TrickBot botnet. In July, researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider, the cybercrime gang behind the TrickBot botnet. The Trickbot botnet was used by […] | Ransomware | ||
|
2021-08-17 07:04:00 | Colonial Pipeline discloses data breach after May ransomware attack (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Ransomware Data Breach |
To see everything:
Our RSS (filtrered)
