What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-25 12:00:05 | Ransomware Attack Cripples Power Company\'s Entire Network (lien direct) | A ransomware attack that hit the South African electric utility City Power from Johannesburg this morning encrypted all its systems, including databases and applications. [...] | Ransomware | ||
|
2019-07-24 13:55:00 | Sodinokibi Ransomware Distributed by Hackers Posing as German BSI (lien direct) | BSI, the German national cybersecurity authority, has issued a warning about a malspam campaign that distributes the Sodinokibi ransomware via emails designed to look like official BSI messages. [...] | Ransomware | ||
|
2019-07-22 17:50:02 | (Déjà vu) LooCipher Ransomware Decryptor Gets Your Files Back for Free (lien direct) | A decryptor for the LooCipher Ransomware has been released by Emsisoft that allows victims to decrypt their files for free. If you were infected with LooCipher, do not pay the ransom and instead follow the instructions below. [...] | Ransomware | ★★★★ | |
|
2019-07-19 18:59:02 | The Week in Ransomware - July 19th 2019 - Targeted Attacks (lien direct) | What a week. Every day we see a new city, police station, college, government agency, or company being affected by a ransomware attack. To make matters worse, they are getting hit with targeted ransomware that asks for a hefty price to get a decryptor. [...] | Ransomware | ||
|
2019-07-19 16:46:01 | iNSYNQ Cloud Hosting Provider Hit by Ransomware Attack (lien direct) | Cloud computing provider iNSYNQ experienced a ransomware attack which forced the company to shut down some of its servers to contain the malware infection from spreading and affecting more customer data. [...] | Ransomware Malware | ||
|
2019-07-19 07:34:03 | Ransomware Attacks Grow Rampant, Paying Still Not a Good Option (lien direct) | A flurry of ransomware attacks has been reported this week affecting entities in US states of Georgia, New York, Tennessee, and Florida. [...] | Ransomware | ||
|
2019-07-19 03:00:05 | Elusive MegaCortex Ransomware Found - Here is What We Know (lien direct) | A sample of the ransomware called MegaCortex that is known to target the enterprise in targeted attacks has been found and analyzed. In this article, we will provide a brief look at the MegaCortex Ransomware and how it encrypts a computer. [...] | Ransomware | ||
|
2019-07-16 12:49:00 | Ryuk, Sodinokibi Ransomware Responsible for Higher Average Ransoms (lien direct) | The average payment demand following a ransomware attack has almost doubled in the second quarter of the year and victims have Ryuk and Sodinokiby to blame. [...] | Ransomware | ||
|
2019-07-16 06:35:00 | FBI Releases Master Decryption Keys for GandCrab Ransomware (lien direct) | In an FBI Flash Alert, the FBI has released the master decryption keys for the Gandcrab Ransomware versions 4, 5, 5.0.4, 5.1, and 5.2. Using these keys, any individual or organization can create and release their very own GandCrab decryptor. [...] | Ransomware | ||
|
2019-07-15 13:36:01 | New DoppelPaymer Ransomware Emerges from BitPaymer\'s Code (lien direct) | Malware researchers have discovered a new file-encrypting malware they dubbed DoppelPaymer that has been making victims since at least mid-June, asking hundreds of thousands of US dollars in ransom. [...] | Ransomware Malware | ||
|
2019-07-14 14:05:01 | La Porte County Pays $130,000 Ransom To Ryuk Ransomware (lien direct) | Another public administration in the U.S. surrenders cybercriminal demands as La Porte County, Indiana, pays $130,000 to recover data on computer systems impacted by ransomware. [...] | Ransomware | ||
|
2019-07-12 17:00:00 | The Week in Ransomware - July 12th 2019 - Under Siege (lien direct) | If you read the news, it's hard not to see that ransomware is far from dead and may be worse then ever. Emboldened by large government payouts, ransomware developers are increasingly targeting cities, the enterprise, and charities where they can create large scale damage and thus potentially large-scale ransom payments. [...] | Ransomware | ||
|
2019-07-12 07:45:03 | Monroe College Hit With Ransomware, $2 Million Demanded (lien direct) | A ransomware attack at New York City's Monroe College has shutdown the college's computer systems at campuses located in Manhattan, New Rochelle and St. Lucia. [...] | Ransomware | ||
|
2019-07-10 10:00:03 | New eCh0raix Ransomware Brute-Forces QNAP NAS Devices (lien direct) | A new ransomware strain written in Go and dubbed eCh0raix by the Anomali Threat Research Team is being used in the wild to infect and encrypt documents on consumer and enterprise QNAP Network Attached Storage (NAS) devices used for backups and file storage. [...] | Ransomware Threat | ||
|
2019-07-09 13:11:02 | Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads (lien direct) | The RIG exploit kit has been spotted distributing the new ERIS Ransomware as its payload. Using the RIG exploit kit, vulnerable victims will find that the ransomware is installed on their computer without their knowledge simply by visiting a web site. [...] | Ransomware | ||
|
2019-07-05 15:00:05 | The Week in Ransomware - July 5th 2019 - Shadiness in the Sunshine State (lien direct) | This week is a double edition covering the ransomware news between June 22nd and July 5th. The biggest news is Florida getting beat up by ransomware, the increasing usage of exploit kits, and a strong push by Sodinokibi. [...] | Ransomware | ||
|
2019-07-04 03:04:00 | Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges (lien direct) | Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions. [...] | Ransomware Vulnerability | ||
|
2019-06-26 11:52:03 | Attackers Earn Over $1 Million in Florida Ransomware Attacks (lien direct) | Hackers launching ransomware attacks against municipalities in Florida locked earnings in excess of $1 million this month as administrators of two cities found no other way to recover files on affected systems. [...] | Ransomware | ||
|
2019-06-24 15:15:00 | Sodinokibi Ransomware Now Pushed by Exploit Kits and Malvertising (lien direct) | The Sodinokibi Ransomware has been spotted being distributed through malvertising that redirects to the RIG exploit kit. With the use of exploit kits, Sodinokibi is now using a wide stream of vectors to infect victims with the ransomware. [...] | Ransomware | ||
|
2019-06-21 17:14:04 | The Week in Ransomware - June 21st 2019 - Backup, Backup, Backup! (lien direct) | This week's ransomware news was dominated by the release of the GandCrab 5.2 decryptor, the Sodinokibi Ransomware taking off, and a new ransomware called LooCipher spreading via spam. [...] | Ransomware | ||
|
2019-06-21 14:11:03 | New LooCipher Ransomware Spreads Its Evil Through Spam (lien direct) | A new ransomware called LooCipher has been discovered that is actively being used in the wild to infect users. While it is not known exactly how this ransomware is being distributed, based on some of the files that were found, we believe it is through a spam campaign. [...] | Ransomware Spam | ||
|
2019-06-21 10:31:00 | Sodinokibi Ransomware Spreads Wide via Hacked MSPs, Sites, and Spam (lien direct) | With the GandCrab Ransomware having been shut down, other actors are looking to fill the hole left behind with their own ransomware. Such is the case with the Sodinokibi Ransomware, whose affiliates are using a wide range of tactics to distribute the ransomware and earn in a commission. [...] | Ransomware Spam | ||
|
2019-06-20 13:31:01 | DanaBot Banking Trojan Upgraded with \'Non Ransomware\' Module (lien direct) | A new malicious campaign is distributing an upgraded variant of DanaBot that comes with a new ransomware module used to target potential victims from Italy and Poland via phishing emails which deliver malware droppers. [...] | Ransomware Malware | ||
|
2019-06-19 03:30:00 | Ryuk Ransomware Adds IP and Computer Name Blacklisting (lien direct) | A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted. [...] | Ransomware | ||
|
2019-06-17 09:43:02 | Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story (lien direct) | In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2. [...] | Ransomware | ||
|
2019-06-14 17:07:03 | The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up (lien direct) | This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...] | Ransomware | ||
|
2019-06-11 03:09:00 | Food Bank Hit By Ransomware, Needs Your Charity to Rebuild (lien direct) | Ransomware attacks hit indiscriminately and sometimes they may affect charitable organizations that can't afford to surrender to the demand. Auburn Food Bank in King County, Washington, fell victim to a ransomware strain known as GlobeImposter 2.0, which encrypted all computers on their network. [...] | Ransomware | ||
|
2019-06-07 18:10:05 | The Week in Ransomware - June 7th 2019 - GandCrab Retires (lien direct) | While there have been quite a few variants of existing ransomwar released this week, by far the biggest news is the retirement of the GandCrab ransomware and the continuing struggles of Baltimore and their RobbinHood infection. [...] | Ransomware | ||
|
2019-06-06 03:45:00 | The RIG Exploit Kit is Now Pushing the Buran Ransomware (lien direct) | The RIG exploit kit is now infecting victim's computers with a new ransomware variant called Buran. This ransomware is a variant of the Vega ransomware that was previously being distributed through Russian malvertising campaigns. [...] | Ransomware | ||
|
2019-06-01 11:56:03 | GandCrab Ransomware Shutting Down After Claiming to Earn $2.5 Billion (lien direct) | After almost a year and a half, the operators behind the GandCrab Ransomware are shutting down their operation and affiliates are being told to stop distributing the ransomware. [...] | Ransomware | ||
|
2019-05-31 18:05:00 | The Week in Ransomware - May 31st 2019 - Maze, Sodinokibi, and More (lien direct) | In addition to new variants of existing ransomware, we also had the Fallout exploit kit distributing a new ransomware payload and a spam campaign pushing ransomware in Germany. [...] | Ransomware Spam | ||
|
2019-05-31 17:51:01 | Maze Ransomware Says Computer Type Determines Ransom Amount (lien direct) | A variant of the Maze Ransomware, otherwise known as the ChaCha Ransomware, has been spotted being distributed by the Fallout exploit kit. An interesting feature of this ransomware is that it says the ransom amount will be different depending on whether the victim is a home computer, server, or workstation. [...] | Ransomware | ||
|
2019-05-31 14:54:01 | Sodinokibi Ransomware Pushed via Foreclosure Warning Spam (lien direct) | A malspam campaign targeting potential German victims is actively distributing Sodinokibi ransomware via spam emails disguised as foreclosure notifications with malicious attachments which pose as foreclosure notifications. [...] | Ransomware Spam | ||
|
2019-05-26 13:40:00 | New Bitcoin Scam Leads to Ransomware and Info-Stealing Trojans (lien direct) | A series of web sites are pushing a scam promising $5-30 worth of free bitcoins a day simply by running their Bitcoin Collector program. In reality, this program does nothing but install ransomware or password-stealing Trojans onto a victim's computer. [...] | Ransomware | ||
|
2019-05-25 10:15:01 | The Week in Ransomware - May 24th 2019 - Smacking \'Em Down With Decryptors (lien direct) | We had lots of new variants of existing ransomware and new ransomware found being distributed via malvertising campaigns and RIG exploit kit. The good news is that some of them were smacked down with decryptors! [...] | Ransomware | ||
|
2019-05-22 15:24:03 | GetCrypt Ransomware Brute Forces Credentials, Decryptor Released (lien direct) | A new ransomware called GetCrypt is being installed via the RIG exploit kit. While encrypting a computer it will try to brute force the network credentials of unmapped network shares. [...] | Ransomware | ||
|
2019-05-21 17:01:01 | JSWorm 2.0 Ransomware Decryptor Gets Your Files Back For Free (lien direct) | A decryptor for the JSWorm 2.0 Ransomware has been released by Emsisoft this week that allows victims to decrypt their files for free. If you become infected with JSWorm 2.0, do not pay the ransom and instead follow the instructions below. [...] | Ransomware | ||
|
2019-05-17 17:22:00 | The Week in Ransomware - May 17th 2019 - BTW, It\'s NOT Dead (lien direct) | This week we saw mostly new variant of existing ransomware being released and nothing particular ground breaking released. Of particular interest was a story released by ProPublica about how ransomware recovery companies just pay the ransomware developers rather than actually decrypting your files using their own in-house technology. [...] | Ransomware | ||
|
2019-05-10 17:15:02 | The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More (lien direct) | This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...] | Ransomware Tool | ||
|
2019-05-09 14:24:02 | Jokeroo Ransomware as a Service Pulls an Exit Scam (lien direct) | Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that this notice is fake and the RaaS is performing an exit scam. [...] | Ransomware | ||
|
2019-05-08 10:16:01 | Dharma Ransomware Uses Legit Antivirus Tool To Distract Victims (lien direct) | A new Dharma ransomware strain is using ESET AV Remover installations as a "smoke screen" technique designed to distract victims while their files are encrypted in the background as detailed by Trend Micro. [...] | Ransomware Tool | ||
|
2019-05-07 18:45:01 | Local Authorities in Texas and Maryland Hit by Ransomware (lien direct) | The servers of Baltimore City Hall and Amarillo, TX, Potter County were hit by ransomware attacks, with the former having shut down most servers while the latter already got some of its computing systems back online. [...] | Ransomware | ||
|
2019-05-07 11:29:04 | Confluence Servers Hacked to Install Miners and Rootkits (lien direct) | After getting pounded with ransomware and malware for deploying distributed denial-of-service (DDoS) attacks, unpatched Confluence servers are now compromised to mine for cryptocurrency. [...] | Ransomware Malware | ★★★★ | |
|
2019-04-29 09:06:00 | Breaches, ID Theft & Malware: Schools At Risk From Vulnerabilities (lien direct) | K-12 educational institutions aren't fairing well either, as a U.S. school district becomes the victim of a cyberattack approximately every three days. The cyber incidents range from data breaches to phishing scams to ransomware attacks. Many of the incidents are hugely consequential, resulting in the theft of millions of taxpayer do [...] | Ransomware | ||
|
2019-04-26 18:07:04 | The Week in Ransomware - April 26th 2019 - Targeting the Enterprise (lien direct) | This week the biggest news is that MalwareHunterTeam was able to get a sample of the RobbinHood ransomware that targets the enterprise so that it could be analyzed. The other big news is that attackers are hacking into Confluence servers using a recently released vulnerability to install the GandCrab ransomware, miners, and Trojans. [...] | Ransomware Vulnerability | ||
|
2019-04-26 13:45:02 | A Closer Look at the RobbinHood Ransomware (lien direct) | The RobbinHood Ransomware is the latest player in the ransomware scene that is targeting companies and the computers on their network. This ransomware is not being distributed through spam but rather through other methods, which could include hacked remote desktop services or other Trojans that provide access to the attackers. [...] | Ransomware Spam | ||
|
2019-04-19 11:00:05 | The Week in Ransomware - April 19th 2019 - RobbinHood, Samba, and More (lien direct) | This week introduced a new ransomware player that is targeting companies called RobbinHood. This ransomware recently took down the City of Greenville's computer systems and offers two different ransom payments; a price per computer or one for the entire network. [...] | Ransomware | ||
|
2019-04-18 05:25:02 | DLL Cryptomix Ransomware Variant Installed Via Remote Desktop (lien direct) | The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services. [...] | Ransomware | ||
|
2019-04-04 03:34:00 | New Xwo Web Scanner Helps MongoLock Ransomware Find Victims (lien direct) | Code and infrastructure from two known malware families have been observed with a new threat named Xwo, which helps operators of the MongoLock ransomware discover unprotected web services reachable over the internet. [...] | Ransomware Malware Threat | ||
|
2019-03-28 05:30:00 | UNNAM3D Ransomware Locks Files in Protected Archives, Demands Gift Cards (lien direct) | A new ransomware called Unnam3d R@nsomware is being distributed via email that will move a victim's files into password protected RAR archives. The ransomware then demands a $50 Amazon gift card code in order to get the archive password. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
