What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-05-08 10:00:40 | État des ransomwares en 2024 State of ransomware in 2024 (lien direct) |
À l'approche de la journée anti-ransomware, Kaspersky partage des informations sur le paysage et les tendances des menaces de ransomware en 2023, et les activités anti-ransomwares récentes par les gouvernements et les forces de l'ordre.
As Anti-Ransomware Day approaches, Kaspersky shares insights into the ransomware threat landscape and trends in 2023, and recent anti-ransomware activities by governments and law enforcement. |
Ransomware Threat Legislation | ★★★ | |
|
2024-04-15 10:00:28 | Utilisation du constructeur de verrouillage pour générer des ransomwares ciblés Using the LockBit builder to generate targeted ransomware (lien direct) |
Les chercheurs de Kaspersky revisitent le constructeur Lockbit 3.0 divulgué et partagent des informations sur un incident réel impliquant une variante de ransomware ciblée personnalisée créée avec ce constructeur.
Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder. |
Ransomware | ★★ | |
|
2024-01-31 10:00:45 | ICS et prédictions de menace OT pour 2024 ICS and OT threat predictions for 2024 (lien direct) |
Les experts de Kaspersky font leurs prédictions sur les CI et les menaces OT: en particulier, les ransomwares et les attaques hacktivistes, les menaces pour la logistique et le transport, etc.
Kaspersky experts make their predictions about ICS and OT threats: specifically, ransomware and hacktivist attacks, threats to logistics and transportation, etc. |
Ransomware Threat Industrial Prediction | ★★★★ | |
|
2023-12-21 10:00:59 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 4 & # 8211; CVE-2023-23376) Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376) (lien direct) |
Ceci est la cinquième partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:56 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 3 & # 8211; octobre 2022) Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022) (lien direct) |
Ceci est la quatrième partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:53 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 2 & # 8211; septembre 2022) Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022) (lien direct) |
Il s'agit de la troisième partie de notre étude sur le système de fichiers journaux commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:50 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares Windows CLFS and five exploits used by ransomware operators (lien direct) |
Nous n'avions jamais vu autant d'exploits de pilotes CLFS utilisés auparavant dans des attaques actives, puis soudain, il y en a tellement capturés en seulement un an.Y a-t-il quelque chose qui ne va pas avec le pilote CLFS?Toutes ces vulnérabilités sont-elles similaires?Ces questions m'ont encouragé à examiner de plus près le conducteur CLFS et ses vulnérabilités.
We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. |
Ransomware Vulnerability | ★★ | |
|
2023-12-21 10:00:47 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 1 & # 8211; CVE-2022-24521) Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521) (lien direct) |
Il s'agit de la deuxième partie de notre étude sur le système de fichiers journaux commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisées dans les attaques de ransomwares tout au long de l'année.
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:01 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 5 & # 8211; CVE-2023-28252) Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252) (lien direct) |
Il s'agit de la six partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-13 10:00:25 | Campagne Fakesg, Akira Ransomware et Amos MacOS Stealer FakeSG campaign, Akira ransomware and AMOS macOS stealer (lien direct) |
Dans ce rapport, nous partageons nos dernières conclusions CrimeWare: Campagne de distribution de logiciels malveillants Fakesg livrant Netsupport Rat, nouveau Ransomware Akira de type Conti et Sceller Amos pour MacOS.
In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. |
Ransomware Malware | ★★ | |
|
2023-12-04 11:00:17 | Kaspersky Security Bulletin 2023. Statistiques Kaspersky Security Bulletin 2023. Statistics (lien direct) |
Statistiques clés pour 2023: ransomware, banquiers de Troie, mineurs et autres logiciels malveillants financiers, vulnérabilités et exploits zéro jour, attaques Web, menaces pour MacOS et IoT.
Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. |
Ransomware Malware Vulnerability Threat Studies | ★★ | |
|
2023-12-01 10:00:31 | IT Menace l'évolution au troisième trimestre 2023. Statistiques mobiles IT threat evolution in Q3 2023. Mobile statistics (lien direct) |
Les statistiques sur les menaces mobiles pour le troisième trimestre 2023 incluent des données sur les logiciels malveillants, les logiciels publicitaires, les chevaux de Troie bancaires et les ransomwares pour les appareils Android.
Mobile threat statistics for Q3 2023 include data on malware, adware, banking Trojans and ransomware for Android devices. |
Ransomware Malware Threat Mobile Mobile | ★★★ | |
|
2023-12-01 10:00:03 | Il menace l'évolution au troisième trimestre 2023. Statistiques non mobiles IT threat evolution in Q3 2023. Non-mobile statistics (lien direct) |
Les statistiques des logiciels malveillants PC pour le troisième troque incluent des données sur les mineurs, les ransomwares, les chevaux de Troie bancaires et d'autres menaces pour Windows, MacOS et l'équipement IoT.
PC malware statistics for Q3 2023 include data on miners, ransomware, banking Trojans and other threats to Windows, macOS and IoT equipment. |
Ransomware Malware Threat Studies | ★★★ | |
|
2023-10-24 10:00:01 | Stealer pour le système de paiement PIX, New Lumar Stealer et Rhysida Ransomware Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware (lien direct) |
Dans ce rapport, nous partageons nos dernières conclusions Crimeware: GOPIX Cibler le système de paiement PIX;Lumar volant des fichiers et des mots de passe;Ransomware Rhysida prenant en charge les anciennes fenêtres.
In this report, we share our latest crimeware findings: GoPIX targeting PIX payment system; Lumar stealing files and passwords; Rhysida ransomware supporting old Windows. |
Ransomware | ★★ | |
|
2023-09-11 10:00:26 | Des rives des Caraïbes à vos appareils: analyse des ransomwares de Cuba From Caribbean shores to your devices: analyzing Cuba ransomware (lien direct) |
L'article analyse les tactiques, techniques et procédures malveillantes (TTP) utilisées par l'opérateur des ransomwares de Cuba, et détaille un incident d'attaque de Cuba.
The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident. |
Ransomware | ★★ | |
|
2023-08-10 10:00:22 | Concentrez-vous sur Droxidat / SystemBC Focus on DroxiDat/SystemBC (lien direct) |
Un acteur inconnu a ciblé un utilitaire électrique en Afrique australe avec des balises de frappe Cobalt et Droxidat, une nouvelle variante de la charge utile SystemBC.Nous supposons que cet incident était dans les étapes initiales d'une attaque de ransomware.
An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack. |
Ransomware | ★★★ | |
|
2023-08-03 10:00:32 | Ce qui se passe dans le monde de Crimeware: Emotet, Darkgate et Lokibot What\\'s happening in the world of crimeware: Emotet, DarkGate and LokiBot (lien direct) |
Dans ce rapport, nous partageons nos récentes conclusions CrimeWare: le nouveau chargeur de Darkgate, la nouvelle campagne Lokibot et la nouvelle version Emotet livrée via OneNote.
In this report, we share our recent crimeware findings: the new DarkGate loader, new LokiBot campaign and new Emotet version delivered via OneNote. |
Ransomware Studies | ★★★ | |
|
2023-06-22 10:00:01 | Lockbit Green et Phishing qui cible les organisations LockBit Green and phishing that targets organizations (lien direct) |
Dans ce rapport Crimeware, les chercheurs de Kaspersky fournissent un aperçu de la variante Lockbit Green basée sur Conti, des échantillons de ransomware pour les campagnes MacOS, FreeBSD, etc. et les campagnes de phishing ciblant les organisations.
In this crimeware report, Kaspersky researchers provide insights into the Conti-based LockBit Green variant, ransomware samples for macOS, FreeBSD, etc. and phishing campaigns targeting organizations. |
Ransomware | ★★ | |
|
2023-05-11 08:00:13 | Nouvelles tendances des ransomwares en 2023 New ransomware trends in 2023 (lien direct) |
À la veille de la Journée mondiale anti-ransomware, les chercheurs de Kaspersky partagent un aperçu des tendances clés observées parmi les groupes de ransomwares.
On the eve of the global Anti-Ransomware Day, Kaspersky researchers share an overview of the key trends observed among ransomware groups. |
Ransomware | ★★ | |
|
2023-04-11 17:36:20 | Nokoyawa Ransomware Attaque avec Windows Zero-Day Nokoyawa ransomware attacks with Windows zero-day (lien direct) |
En février 2023, nous avons trouvé un exploit zero-day, prenant en charge différentes versions et versions de fenêtres, y compris Windows 11. Cette journée zéro particulière a été utilisée par un groupe de cybercrimes sophistiqué qui effectue des attaques de ransomware.
In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks. |
Ransomware | ★★ | |
|
2022-12-22 08:00:32 | Ransomware and wiper signed with stolen certificates (lien direct) | In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations. | Ransomware | ★★★ | |
|
2022-12-05 10:00:58 | If one sheep leaps over the ditch… (lien direct) | In this report, Kaspersky researchers discuss propagation methods of several ransomware families, and a vulnerable driver abuse case that may become a trend. | Ransomware | ★★★ | |
|
2022-11-18 08:00:32 | IT threat evolution Q3 2022 (lien direct) | Recent APT campaigns, a sophisticated UEFI rootkit, new ransomware for Windows, Linux and ESXi, attacks on foreign and crypto-currency exchanges, and malicious packages in online code repositories. | Ransomware Threat | ||
|
2022-08-24 10:00:13 | Ransomware updates & 1-day exploits (lien direct) | In this report, we discuss the new multi-platform ransomware RedAlert (aka N13V) and Monster, as well as private 1-day exploits for the CVE-2022-24521 vulnerability. | Ransomware | ||
|
2022-08-15 12:00:45 | (Déjà vu) IT threat evolution in Q2 2022. Mobile statistics (lien direct) | In Q2 2022, we detected 405,684 mobile malware installation packages, of which 55,614 packages were related to mobile banking trojans, and 3,821 packages were mobile ransomware trojans. | Ransomware Malware Threat | ||
|
2022-08-15 12:00:34 | IT threat evolution Q2 2022 (lien direct) | ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families. | Ransomware Threat | ||
|
2022-08-09 10:00:46 | Andariel deploys DTrack and Maui ransomware (lien direct) | Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly. | Ransomware | ||
|
2022-07-20 08:00:31 | Luna and Black Basta - new ransomware for Windows, Linux and ESXi (lien direct) | This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta. | Ransomware | ||
|
2022-06-23 10:00:21 | The hateful eight: Kaspersky\'s guide to modern ransomware groups\' TTPs (lien direct) | We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks. | Ransomware | ||
|
2022-05-27 08:00:46 | IT threat evolution in Q1 2022. Mobile statistics (lien direct) | According to Kaspersky Security Network, in Q1 2022 516,617 mobile malware installation packages were detected, of which 53,947 packages were related to mobile banking trojans, and 1,942 packages were mobile ransomware trojans. | Ransomware Malware Threat | ★★★★★ | |
|
2022-05-11 12:00:23 | New ransomware trends in 2022 (lien direct) | This year, ransomware is no less active than before: cybercriminals continue to threaten nationwide retailers and enterprises, old variants of malware return while the new ones develop. | Ransomware Malware | ★★★★ | |
|
2022-04-18 10:00:19 | (Déjà vu) How to recover files encrypted by Yanluowang (lien direct) | Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. | Ransomware Vulnerability | ||
|
2022-04-18 10:00:19 | How to recover files encrypted by Yanlouwang (lien direct) | Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. | Ransomware Vulnerability | ||
|
2022-04-07 10:00:19 | A Bad Luck BlackCat (lien direct) | A new ransomware actor started advertising its services on a Russian underground forum. They presented themselves as ALPHV, but the group is also known as BlackCat. Two recent BlackCat incidents stand out as particularly interesting. | Ransomware | ||
|
2022-03-01 13:30:06 | Elections GoRansom – a smoke screen for the HermeticWiper attack (lien direct) | We present our analysis of HermeticRansom (aka Elections GoRansom) ransomware that was likely used as a smokescreen for the HermeticWiper attack. | Ransomware | ||
|
2021-12-07 10:00:19 | The story of the year: ransomware in the headlines (lien direct) | In the past twelve months, the word “ransomware” has popped up in countless headlines worldwide across both print and digital publications. But how did we get here and what has changed about the ransomware landscape since it was first our story of the year in 2019? | Ransomware | ||
|
2021-10-07 10:00:04 | Ransomware in the CIS (lien direct) | Statistics on ransomware attacks in the CIS and technical descriptions of Trojans, including BigBobRoss/TheDMR, Crysis/Dharma, Phobos/Eking, Cryakl/CryLock, CryptConsole, Fonix/XINOF, Limbozar/VoidCrypt, Thanos/Hakbit and XMRLocker. | Ransomware | ||
|
2021-08-12 10:00:37 | IT threat evolution Q2 2021 (lien direct) | Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans - check out our review of Q2 2021. | Ransomware Threat | ||
|
2021-08-12 10:00:19 | IT threat evolution in Q2 2021. Mobile statistics (lien direct) | In Q2 2021, we prevented 14,465,672 mobile malware, adware and riskware attacks; 886,105 malicious installation packages were detected, of which 24,604 packages were mobile banking Trojans and 3,623 packages were mobile ransomware Trojans. | Ransomware Threat | ||
|
2021-07-05 13:00:05 | REvil ransomware attack against MSPs and its clients around the world (lien direct) | An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers. | Ransomware | ★★★★ | |
|
2021-06-17 10:00:41 | Black Kingdom ransomware (lien direct) | Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). | Ransomware Vulnerability | ||
|
2021-06-15 12:40:11 | Andariel evolves to target South Korea with ransomware (lien direct) | In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks. | Ransomware | ||
|
2021-05-31 10:00:35 | IT threat evolution Q1 2021. Mobile statistics (lien direct) | In the first quarter of 2021 we detected 1.45M mobile installation packages, of which 25K packages were related to mobile banking Trojans and 3.6K packages were mobile ransomware Trojans. | Ransomware Threat | ||
|
2021-05-25 07:00:20 | Evolution of JSWorm ransomware (lien direct) | There are times when a single ransomware family has evolved from a mass-scale operation to a highly targeted threat – all in the span of two years. In this post we want to talk about one of those families, named JSWorm. | Ransomware Threat | ||
|
2021-05-12 10:00:58 | Ransomware world in 2021: who, how and why (lien direct) | In this report, we take a step back from the day-to-day ransomware news cycle and follow the ripples back into the heart of the ecosystem to understand how it is organized. | Ransomware | ||
|
2021-04-23 10:19:30 | Ransomware by the numbers: Reassessing the threat\'s global impact (lien direct) | In this report, we'll take a look at the numbers behind the ransomware threat from 2019 to 2020, what they mean - and what they foretell about ransomware's future. | Ransomware Threat | ||
|
2021-03-01 14:00:29 | Mobile malware evolution 2020 (lien direct) | In 2020, Kaspersky mobile products and technologies detected 156,710 new mobile banking Trojans and 20,708 new mobile ransomware Trojans. | Ransomware Malware | ||
|
2020-11-20 10:10:15 | IT threat evolution Q3 2020. Non-mobile statistics (lien direct) | Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. Ransomware attacks were defeated on the computers of 121,579 unique users. | Ransomware Threat | ||
|
2020-10-21 10:00:11 | Life of Maze ransomware (lien direct) | In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. | Ransomware Malware | ||
|
2020-08-24 10:00:19 | Lifting the veil on DeathStalker, a mercenary triumvirate (lien direct) | DeathStalker is a unique threat group that appears to target law firms and companies in the financial sector. They don't deploy ransomware or steal payment information to resell it, their interest in gathering sensitive business information. | Ransomware Threat |
To see everything:
Our RSS (filtrered)
