What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-10 15:45:12 | Crytek confirms Egregor ransomware attack, customer data theft (lien direct) | Game developer and publisher Crytek has confirmed that the Egregor ransomware gang breached its network in October 2020, encrypting systems and stealing files containing customers' personal info later leaked on the gang's dark web leak site. [...] | Ransomware | ||
|
2021-08-10 08:10:35 | eCh0raix ransomware now targets both QNAP and Synology NAS devices (lien direct) | A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices. [...] | Ransomware | ||
|
2021-08-09 17:22:46 | Microsoft adds Fusion ransomware attack detection to Azure Sentinel (lien direct) | Microsoft says that the Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform is now able to detect potential ransomware activity using the Fusion machine learning model. [...] | Ransomware | ||
|
2021-08-09 09:12:17 | Synology warns of malware infecting NAS devices with ransomware (lien direct) | Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks. [...] | Ransomware Malware | ||
|
2021-08-08 10:00:00 | Australian govt warns of escalating LockBit ransomware attacks (lien direct) | The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. [...] | Ransomware | ||
|
2021-08-06 17:16:56 | The Week in Ransomware - August 6th 2021 - Insider threat edition (lien direct) | If there is one thing we learned this week, it's that not only are corporations vulnerable to insider threats but so are ransomware operations. [...] | Ransomware Threat | ||
|
2021-08-06 12:09:58 | Computer hardware giant GIGABYTE hit by RansomEXX ransomware (lien direct) | Taiwanese motherboard maker Gigabyte has suffered a RansomEXX ransomware attack where threat actors threaten to release 112 GB of data if a ransom is not paid. [...] | Ransomware Threat | ||
|
2021-08-05 17:32:11 | Linux version of BlackMatter ransomware targets VMware ESXi servers (lien direct) | The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. [...] | Ransomware | ||
|
2021-08-05 17:05:27 | CISA teams up with Microsoft, Google, Amazon to fight ransomware (lien direct) | CISA has announced the launch of Joint Cyber Defense Collaborative (JCDC), a partnership across public and private sectors focused on defending US critical infrastructure from ransomware and other cyber threats. [...] | Ransomware | ||
|
2021-08-05 14:29:44 | Angry Conti ransomware affiliate leaks gang\'s attack playbook (lien direct) | A disgruntled Conti affiliate has leaked the gang's training material when conducting attacks, including information about one of the ransomware's operators. [...] | Ransomware | ||
|
2021-08-05 09:57:04 | (Déjà vu) Prometheus TDS: The $250 service behind recent malware attacks (lien direct) | Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] | Ransomware Malware Guideline | ||
|
2021-08-05 09:57:04 | Prometheus: The $250 service behind recent malware attacks (lien direct) | Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] | Ransomware Malware Guideline | ||
|
2021-08-04 17:34:44 | Energy group ERG reports minor disruptions after ransomware attack (lien direct) | Italian energy company ERG reports "only a few minor disruptions" affecting its information and communications technology (ICT) infrastructure following a ransomware attack on its systems. [...] | Ransomware | ||
|
2021-08-04 12:19:27 | LockBit ransomware recruiting insiders to breach corporate networks (lien direct) | The LockBit 2.0 ransomware gang is actively recruiting corporate insiders to help them breach and encrypt networks. In return, the insider is promised million-dollar payouts. [...] | Ransomware | ||
|
2021-08-03 14:13:49 | RansomEXX ransomware hits Italy\'s Lazio region, affects COVID-19 site (lien direct) | The Lazio region in Italy has suffered a RansomEXX ransomware attack that has disabled the region's IT systems, including the COVID-19 vaccination registration portal. [...] | Ransomware | ||
|
2021-07-31 15:13:53 | DarkSide ransomware gang returns as new BlackMatter operation (lien direct) | Encryption algorithms found in a decryptor show that the notorious DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation and is actively performing attacks on corporate entities. [...] | Ransomware | ||
|
2021-07-31 11:12:41 | BlackMatter ransomware gang rises from the ashes of DarkSide, REvil (lien direct) | A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations. [...] | Ransomware | ||
|
2021-07-30 19:43:44 | The Week in Ransomware - July 30th 2021 - €1 billion saved (lien direct) | Ransomware continues to be active this week, with new threat actors releasing new features, No More Ransom turning five, and a veteran group rebrands. [...] | Ransomware Threat | ||
|
2021-07-29 02:20:00 | (Déjà vu) DoppelPaymer ransomware gang rebrands as the Grief group (lien direct) | After a period of little to no activity, the DoppelPaymer ransomware operation has made a rebranding move, now going by the name Grief (a.k.a. Pay or Grief). [...] | Ransomware | ||
|
2021-07-29 02:20:00 | Grief ransomware operation is DoppelPaymer rebranded (lien direct) | After a period of little to no activity, the DoppelPaymer ransomware operation has made a rebranding move, now going by the name Grief (a.k.a. Pay or Grief). [...] | Ransomware | ||
|
2021-07-27 17:10:43 | (Déjà vu) LockBit ransomware now encrypts Windows domains using group policies (lien direct) | An new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. [...] | Ransomware | ||
|
2021-07-27 17:10:43 | LockBit ransomware automates Windows domain encryption via group policies (lien direct) | An new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. [...] | Ransomware | ||
|
2021-07-26 09:24:59 | No More Ransom saves almost €1 billion in ransomware payments in 5 years (lien direct) | The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments. [...] | Ransomware | ||
|
2021-07-23 14:33:18 | The Week in Ransomware - July 23rd 2021 - Kaseya decrypted (lien direct) | This week has quite a bit of news ranging from the USA formally accusing China of the recent ProxyLogon vulnerability and Kaseya mysteriously obtaining the universal decryption key. [...] | Ransomware Vulnerability | ||
|
2021-07-22 13:46:59 | Kaseya obtains universal decryptor for REvil ransomware victims (lien direct) | Kaseya received a universal decryptor that allows victims of the July 2nd REvil ransomware attack to recover their files for free. [...] | Ransomware | ||
|
2021-07-22 11:25:39 | Ransomware gang breached CNA\'s network via fake browser update (lien direct) | Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data, and deployed ransomware payloads in a ransomware attack that hit its network in March 2021. [...] | Ransomware Guideline | ||
|
2021-07-18 11:22:44 | Ransomware hits law firm counseling Fortune 500, Global 500 companies (lien direct) | Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. [...] | Ransomware Data Breach | ||
|
2021-07-18 10:16:32 | Comparis customers targeted by scammers after ransomware attack (lien direct) | Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. [...] | Ransomware Data Breach Guideline | ||
|
2021-07-17 11:44:22 | HelloKitty ransomware is targeting vulnerable SonicWall devices (lien direct) | CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [...] | Ransomware Threat | ||
|
2021-07-17 09:53:43 | Ecuador\'s state-run CNT telco hit by RansomEXX ransomware (lien direct) | Ecuador's state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support. [...] | Ransomware | ||
|
2021-07-16 15:42:25 | The Week in Ransomware - July 16th 2021 - REvil disappears (lien direct) | Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia. [...] | Ransomware | ||
|
2021-07-15 11:13:34 | Linux version of HelloKitty ransomware targets VMware ESXi servers (lien direct) | The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage. [...] | Ransomware | ||
|
2021-07-14 11:39:24 | (Déjà vu) SonicWall warns of \'critical\' ransomware risk to EOL SMA 100 VPN appliances (lien direct) | SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...] | Ransomware | ||
|
2021-07-14 11:39:24 | SonicWall warns of \'critical\' ransomware risk to SMA 100 VPN appliances (lien direct) | SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...] | Ransomware | ||
|
2021-07-14 10:00:01 | Detonating Ransomware on My Own Computer (Don\'t Try This at Home) (lien direct) | Ransomware attacks are a daily occurrence, announcing new levels of danger and confusion to an already complicated business of protecting data. How it behaves can tell us lot about a ransomware attack - so I recently detonated Conti ransomware in a controlled environment to demonstrate the importance of proper cyber protection. [...] | Ransomware | ||
|
2021-07-14 03:32:00 | Trickbot updates its VNC module for high-value targets (lien direct) | The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...] | Ransomware Malware Threat | ||
|
2021-07-13 10:49:54 | REvil ransomware gang\'s web sites mysteriously shut down (lien direct) | The infrastructure and websites for the REvil ransomware operation have mysteriously gone offline as of last night. [...] | Ransomware | ||
|
2021-07-12 16:33:25 | Interpol urges police to unite against \'potential ransomware pandemic\' (lien direct) | Interpol (International Criminal Police Organisation) Secretary General Jürgen Stock urged police agencies and industry partners to work together to prevent what looks like a future ransomware pandemic. [...] | Ransomware | ||
|
2021-07-12 12:33:40 | Fashion retailer Guess discloses data breach after ransomware attack (lien direct) | American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. [...] | Ransomware Data Breach | ||
|
2021-07-11 16:50:25 | Kaseya patches VSA vulnerabilities used in REvil ransomware attack (lien direct) | Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers. [...] | Ransomware | ||
|
2021-07-10 10:00:00 | Biden asks Putin to crack down on Russian-based ransomware gangs (lien direct) | President Biden asked Russian President Putin during a phone call today to take action against ransomware groups operating within Russia's borders behind the ongoing wave of attacks impacting the United States and other countries worldwide. [...] | Ransomware | ||
|
2021-07-09 15:46:51 | The Week in Ransomware - July 9th 2021 - A flawed attack (lien direct) | This week's news focuses on the aftermath of REvil's ransomware attack on MSPs and customers using zero-day vulnerabilities in Kaseya VSA. The good news is that it has not been as disruptive as we initially feared. [...] | Ransomware | ||
|
2021-07-09 07:29:40 | Insurance giant CNA reports data breach after ransomware attack (lien direct) | CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. [...] | Ransomware Data Breach Guideline | ||
|
2021-07-08 16:33:56 | REvil victims are refusing to pay after flawed Kaseya ransomware attack (lien direct) | The REvil ransomware gang's attack on MSPs and their customers last week outwardly should have been successful, yet changes in their typical tactics and procedures have led to few ransom payments. [...] | Ransomware | ||
|
2021-07-07 14:31:10 | White House urges mayors to review local govts\' cybersecurity posture (lien direct) | Following recent ransomware attacks, Deputy National Security Advisor Anne Neuberger asked US mayors to immediately hold a meeting with the heads of state agencies to evaluate their cybersecurity posture. [...] | Ransomware | Uber | |
|
2021-07-07 08:50:19 | Fake Kaseya VSA security update backdoors networks with Cobalt Strike (lien direct) | Threat actors are trying to capitalize on the ongoing Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security updates. [...] | Ransomware Spam Threat | ||
|
2021-07-06 17:09:27 | US warns of action against ransomware gangs if Russia refuses (lien direct) | White House Press Secretary Jen Psaki says that the US will take action against cybercriminal groups from Russia if the Russian government refuses to do so. [...] | Ransomware | ||
|
2021-07-06 07:59:59 | Kaseya: Roughly 1,500 businesses hit by REvil ransomware attack (lien direct) | Kaseya says the REvil supply-chain ransomware attack breached the systems of roughly 60 of its direct customers using the company's VSA on-premises product. [...] | Ransomware | ||
|
2021-07-05 10:35:57 | CISA, FBI share guidance for victims of Kaseya ransomware attack (lien direct) | CISA and the Federal Bureau of Investigation (FBI) have shared guidance for managed service providers (MSPs) and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform. [...] | Ransomware | ||
|
2021-07-05 04:59:25 | REvil ransomware asks $70 million to decrypt all Kaseya attack victims (lien direct) | REvil ransomware has set a price for decrypting all systems locked during the Kaseya supply-chain attack. The gang wants $70 million in Bitcoin for the tool that allows all affected businesses to recover their files. [...] | Ransomware Tool |
To see everything:
Our RSS (filtrered)
