What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-24 17:10:17 | United Health Centers ransomware attack claimed by Vice Society (lien direct) | California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. [...] | Ransomware | ||
|
2021-09-23 02:26:00 | REVil ransomware devs added a backdoor to cheat affiliates (lien direct) | Cybercriminals are slowly realizing that the REvil ransomware operators have been hijacking ransom negotiations, to cut affiliates out of payments. [...] | Ransomware | ||
|
2021-09-22 13:24:43 | FBI, CISA, and NSA warn of escalating Conti ransomware attacks (lien direct) | CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations. [...] | Ransomware | ||
|
2021-09-22 12:09:02 | Second farming cooperative shut down by ransomware this week (lien direct) | Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend. [...] | Ransomware | ||
|
2021-09-21 12:35:14 | US sanctions cryptocurrency exchange used by ransomware gangs (lien direct) | The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions. [...] | Ransomware | ||
|
2021-09-21 03:25:06 | Marketron marketing services hit by Blackmatter ransomware (lien direct) | BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry. [...] | Ransomware | ||
|
2021-09-20 14:07:54 | US farmer cooperative hit by $5.9M BlackMatter ransomware attack (lien direct) | U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. [...] | Ransomware | ||
|
2021-09-18 10:00:00 | Researchers compile list of vulnerabilities abused by ransomware gangs (lien direct) | Security researchers are working on compiling an easy to follow list of initial access attack vectors ransomware gangs and their affiliates are using to breach victims' networks. [...] | Ransomware | ||
|
2021-09-17 18:16:43 | The Week in Ransomware - September 17th 2021 - REvil decrypted (lien direct) | It has been an interesting week with decryptors released, ransomware gangs continuing to rail against negotiators, and the US government expected to sanction crypto exchanges next week. [...] | Ransomware | ||
|
2021-09-17 17:49:30 | U.S. to sanction crypto exchanges, wallets used by ransomware (lien direct) | The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. [...] | Ransomware | ||
|
2021-09-16 11:16:15 | Microsoft: Windows MSHTML bug now exploited by ransomware gangs (lien direct) | Microsoft says multiple threat actors, including ransomware affiliates, are targeting the recently patched Windows MSHTML remote code execution security flaw. [...] | Ransomware Threat | ||
|
2021-09-16 09:00:00 | Free REvil ransomware master decrypter released for past victims (lien direct) | A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. [...] | Ransomware | ||
|
2021-09-15 15:35:17 | Ransomware encrypts South Africa\'s entire Dept of Justice network (lien direct) | The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public. [...] | Ransomware | ||
|
2021-09-15 14:22:16 | Ransomware gang threatens to wipe decryption key if negotiator hired (lien direct) | The Grief ransomware gang is threatening to delete victim's decryption keys if they hire a negotiation firm, making it impossible to recover encrypted files. [...] | Ransomware | ||
|
2021-09-13 07:49:27 | BlackMatter ransomware hits medical technology giant Olympus (lien direct) | Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. [...] | Ransomware Guideline | ||
|
2021-09-11 13:15:28 | REvil ransomware is back in full attack mode and leaking data (lien direct) | The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...] | Ransomware | ||
|
2021-09-10 16:34:32 | The Week in Ransomware - September 10th 2021 - REvil returns (lien direct) | This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...] | Ransomware | ||
|
2021-09-08 10:26:56 | Howard University shuts down network after ransomware attack (lien direct) | The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems. [...] | Ransomware | ||
|
2021-09-07 14:19:11 | REvil ransomware\'s servers mysteriously come back online (lien direct) | The dark web servers for the REvil ransomware operation have suddenly turned back on after an almost two-month absence. It is unclear if this marks their ransomware gang's return or the servers being turned on by law enforcement. [...] | Ransomware | ||
|
2021-09-07 02:28:34 | Ransomware gang threatens to leak data if victim contacts FBI, police (lien direct) | The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments. [...] | Ransomware | ||
|
2021-09-06 06:00:00 | Ransomware gangs target companies using these criteria (lien direct) | Ransomware gangs increasingly purchase access to a victim's network on dark web marketplaces and from other threat actors. Analyzing their want ads makes it possible to get an inside look at the types of companies ransomware operations are targeting for attacks. [...] | Ransomware Threat | ||
|
2021-09-03 16:17:10 | The Week in Ransomware - September 3rd 2021 - Targeting Exchange (lien direct) | Over the past two weeks, it has been busy with ransomware news ranging from a gang shutting down and releasing a master decryption key to threat actors turning to Microsoft Exchange exploits to breach networks. [...] | Ransomware Threat | ||
|
2021-09-03 11:22:01 | Babuk ransomware\'s full source code leaked on hacker forum (lien direct) | A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. [...] | Ransomware Threat | ||
|
2021-09-03 09:21:32 | Conti ransomware now hacking Exchange servers with ProxyShell exploits (lien direct) | The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. [...] | Ransomware Vulnerability | ||
|
2021-09-02 17:10:45 | Translated Conti ransomware playbook gives insight into attacks (lien direct) | Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation. [...] | Ransomware | ★★ | |
|
2021-09-02 13:52:55 | FBI warns of ransomware gangs targeting food, agriculture orgs (lien direct) | The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. [...] | Ransomware | ||
|
2021-08-31 13:52:41 | FBI, CISA: Ransomware attack risk increases on holidays, weekends (lien direct) | The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays to released a joint cybersecurity advisory issued earlier today. [...] | Ransomware | ||
|
2021-08-26 18:36:35 | Ragnarok ransomware releases master decryptor after shutdown (lien direct) | Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware. [...] | Ransomware | ||
|
2021-08-26 14:28:38 | FBI shares technical details for Hive ransomware (lien direct) | The Federal Bureau of Investigation (FBI) has released some technical details and indicators of compromise associated with Hive ransomware attacks. [...] | Ransomware | ||
|
2021-08-24 14:16:16 | Ransomware gang\'s script shows exactly the files they\'re after (lien direct) | A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. [...] | Ransomware | ||
|
2021-08-23 18:17:49 | FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020 (lien direct) | The Federal Bureau of Investigation (FBI) has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. [...] | Ransomware Threat | ||
|
2021-08-23 12:16:54 | Nokia subsidiary discloses data breach after Conti ransomware attack (lien direct) | SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems. [...] | Ransomware Data Breach | ||
|
2021-08-21 11:05:27 | (Déjà vu) Microsoft Exchange servers being hacked by new LockFile ransomware (lien direct) | A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. [...] | Ransomware | ||
|
2021-08-21 11:05:27 | LockFile ransomware attacks Microsoft Exchange with ProxyShell exploits (lien direct) | A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. [...] | Ransomware | ||
|
2021-08-20 18:42:24 | The Week in Ransomware - August 20th 2021 - Exploiting Windows (lien direct) | Ransomware gangs continue to attack schools, companies, and even hospitals worldwide with little sign of letting up. Below we have tracked some of the ransomware stories that we are following this week. [...] | Ransomware | ||
|
2021-08-20 15:07:51 | LockFile ransomware uses PetitPotam attack to hijack Windows domains (lien direct) | At least one ransomware threat actor has started to leverage the recently discovered PetitPotam NTLM relay attack method to take over the Windows domain on various networks worldwide. [...] | Ransomware Threat | ||
|
2021-08-20 14:02:45 | SynAck ransomware decryptor lets victims recover files for free (lien direct) | Emsisoft has released a decryptor for the SynAck Ransomware, allowing victims to decrypt their encrypted files for free. [...] | Ransomware | ||
|
2021-08-19 15:32:48 | CEO tried funding his startup by asking insiders to deploy ransomware (lien direct) | Likely inspired by the LockBit ransomware gang, a Nigerian threat actor tried their luck with a $1 million payment lure to recruit an insider to detonate a ransomware payload on the company servers. [...] | Ransomware Threat | ||
|
2021-08-19 08:00:00 | CISA shares guidance on how to prevent ransomware data breaches (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches resulting from ransomware double extortion schemes. [...] | Ransomware | ||
|
2021-08-18 09:55:32 | Japanese insurer Tokio Marine discloses ransomware attack (lien direct) | Tokio Marine Holdings, a multinational insurance holding company in Japan, announced this week that its Singapore branch, Tokio Marine Insurance Singapore (TMiS), suffered a ransomware attack. [...] | Ransomware | ||
|
2021-08-18 07:52:00 | Diavol ransomware sample shows stronger connection to TrickBot gang (lien direct) | A new analysis of a Diavol ransomware sample shows a more clear connection with the gang behind the TrickBot botnet and the evolution of the malware. [...] | Ransomware | ||
|
2021-08-17 15:27:54 | Conti ransomware prioritizes revenue and cyberinsurance data theft (lien direct) | Training material used by Conti ransomware affiliates was leaked online this month, allowing an inside look at how attackers abuse legitimate software seek out cyber insurance policies. [...] | Ransomware | ||
|
2021-08-17 09:36:53 | Brazilian government discloses National Treasury ransomware attack (lien direct) | The Brazilian Ministry of Economy has disclosed a ransomware attack that hit some of its computing systems on Friday night, right before the start of the weekend. [...] | Ransomware | ||
|
2021-08-16 19:06:36 | Hive ransomware attacks Memorial Health System, steals patient data (lien direct) | In what appears to be an attack from the Hive ransomware gang, computers of the non-profit Memorial Health System have been encrypted, forcing staff to work with paper charts. [...] | Ransomware | ||
|
2021-08-16 07:23:27 | Colonial Pipeline reports data breach after May ransomware attack (lien direct) | Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [...] | Ransomware Data Breach | ||
|
2021-08-13 16:00:51 | The Week in Ransomware - August 13th 2021 - The rise of LockBit (lien direct) | This week we saw an existing operation rise in attacks while existing ransomware operations turn to Windows vulnerabilities to elevate their privileges. [...] | Ransomware | ||
|
2021-08-13 11:20:23 | SynAck ransomware releases decryption keys after El_Cometa rebrand (lien direct) | The SynAck ransomware gang released the master decryption keys for their operation after rebranding as the new El_Cometa group. [...] | Ransomware | ||
|
2021-08-13 05:42:22 | Vice Society ransomware joins ongoing PrintNightmare attacks (lien direct) | The Vice Society ransomware gang is now also actively exploiting Windows print spooler PrintNightmare vulnerability for lateral movement through their victims' networks. [...] | Ransomware Vulnerability | ||
|
2021-08-12 05:03:11 | Ransomware gang uses PrintNightmare to breach Windows servers (lien direct) | Ransomware operators have added PrintNightmare exploits to their arsenal and are targeting Windows servers to deploy Magniber ransomware payloads. [...] | Ransomware | ||
|
2021-08-11 12:22:06 | Accenture confirms hack after LockBit ransomware data leak threats (lien direct) | Accenture, a global IT consultancy giant has likely been hit by a ransomware cyberattack. The ransomware group LockBit is threatening to publish data on its leak site within hours, as seen by BleepingComputer. [...] | Ransomware Hack |
To see everything:
Our RSS (filtrered)
