What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-04-17 09:58:54 | MBRLocker ransomware campaign trolls SentinelOne (lien direct) | SentinelOne has spoken out after an “attention-seeking prankster” trolled one of the firm’s security researchers with the release of a new ransomware strain. On Wednesday, the cybersecurity firm said that new MBRLocker malware variants have been released in a consistent wave over April, and while many of them appear to be little more than “pranks” […] | Ransomware Malware | ||
|
2020-04-17 09:55:50 | Visser targeted by DoppelPaymer ransomware (lien direct) | Confidential documents belonging to some of the largest aerospace companies in the world were stolen and updated on the internet by the hackers after Visser denied to pay the ransom. The company manufactures precision parts for major industry players and these include CNC Machining, Injection Molds & Tooling, Metal Additive Manufacturing & 3D Plastic Printing. […] | Ransomware | ||
|
2020-04-16 09:36:03 | Nemty shuts down public RaaS (lien direct) | The operators of the Nemty ransomware have announced this week they were shutting down their public Ransomware-as-a-Service operation and opting to go private in order to focus and put more resources on targeted attacks. For those unfamiliar with this malware operation, Nemty is a classic RaaS (Ransomware-as-a-Service). It launched in the summer of 2019 and […] | Ransomware Malware | ||
|
2020-04-16 09:35:13 | EDP hit by ransomware (lien direct) | The Portugese multinational energy giant Energias de Portugal (EDP) is the latest company to fall victim to the RagnarLocker ransomware and the attackers are now asking for a $10.9m ransom to unlock its files. According to BleepingComputer and MalwareHunterTeam, the attackers claim to have stolen over 10TB of sensitive company files which they are threatening […] | Ransomware | ||
|
2020-04-14 10:07:24 | Secret Industrial Documents released by Ransomware Gang (lien direct) | DoppelPaymer ransomware developers release files stolen from contractors to SpaceX, Tesla, Boeing, Lockheed-Martin and US Navy. Security researchers have warned of a new ransomware campaign that targets companies handling sensitive data – and then publishes their internal files online if they do not pay. DoppelPaymer emerged in mid-2019, but in recent weeks has published data […] | Ransomware | ||
|
2020-04-06 10:11:36 | More ransomware attacks against healthcare sector, warns Interpol (lien direct) | The Interpol has warned of a significant increase in the number of attempted ransomware attacks against hospitals and other healthcare institutions on the front lines of the fight against the Covid-19 pandemic. At this point, the ransomware appears to be spreading primarily via emails – often falsely claiming to contain information or advice regarding the […] | Ransomware | ||
|
2020-04-03 08:59:40 | Hospitals warned by Microsoft on ransomware attacks (lien direct) | Microsoft has started notifying hospitals vulnerable to known threats, the company announced in a blog post earlier this week. Hospitals and other healthcare institutions around the world are being pushed to their limits thanks to the coronavirus outbreak, and hackers are using it as an opportunity to compromise their networks, steal money and data, and […] | Ransomware | ||
|
2020-04-02 08:55:01 | VelvetSweatshop Excel encryption spreads LimeRAT malware (lien direct) | A new campaign is spreading the LimeRAT Remote Access Trojan by harnessing an old encryption technique in Excel files. LimeRAT is a simple Trojan designed for Windows machines. The malware is able to install backdoors on infected machines and encrypt files in the same way as typical ransomware strains, add PCs to botnets, and […] | Ransomware Malware | ||
|
2020-04-01 13:57:01 | Securing Your Remote Workforce (lien direct) | As mentioned in previous articles, Securonix, has devoted an entire taskforce to outlining key threats that are appearing under the guise of COVID-19 themed domain names or emails. The threat research team has been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors such as: Ransomware using weaponized COVID-19/coronavirus-related documents disrupting critical healthcare and […] | Ransomware Threat | ||
|
2020-03-31 09:40:00 | Dharma ransomware for sale (lien direct) | An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market. And while cybercriminals have met the offer with some healthy skepticism, the bargain-basement selling price of $2,000 may be alluring enough for […] | Ransomware | ||
|
2020-03-27 14:10:31 | The Great Security Survivor: Experts on Ransomware (lien direct) | If a layman pictures a cyberattack, the likelihood is they picture a ransomware attack: The screens overcome by a malicious message, locking up systems and demanding payment to a shadowy organisation or individual. This cultural ubiquity does not exist in a vacuum: Where other forms of cybercrime have gone in and out of fashion based […] | Ransomware | ||
|
2020-03-27 11:01:19 | Chubb data stolen by Maze ransomware (lien direct) | Chubb, a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach. The insurance giant told TechCrunch it was investigating a “security incident” involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had “no evidence” the incident […] | Ransomware | ||
|
2020-03-27 10:58:58 | (Déjà vu) Hospitals still targeted by ransomware during Coronavirus pandemic (lien direct) | The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Last week BleepingComputer contacted various ransomware groups and asked if they would target hospitals and other healthcare organizations during the pandemic. Source: Bleeping Computer | Ransomware | ||
|
2020-03-26 10:49:35 | Ransomware Gangs Join group to Leak Data (lien direct) | In recent days, Nefilim, CLOP and Sekhmet have become the latest ransomware operations to launch data-leaking sites, as Bleeping Computer first reported on Tuesday. CLOP has been tied to an attack against Maastricht University in the Netherlands that resulted in the institution paying attackers a ransom of 30 bitcoins (now worth about $200,000). Nefilim […] | Ransomware | ||
|
2020-03-25 11:13:17 | Hospitals in Spain targeted by Netwalker ransomware (lien direct) | Hospitals in Spain have been targeted with coronavirus-themed phishing lures by attackers looking to lock-down their systems with Netwalker ransomware. Local reports indicate that medical centres have been receiving emails purporting to offer “information on COVID-19”, but with PDF attachments that activate the ransomware, commonly associated with computer crime groups in Eastern Europe. Source: Computing.com | Ransomware | ||
|
2020-03-24 09:52:01 | Ransomware attack at Finastra (lien direct) | Finastra, a bank technology company in London that has more than 9,000 customers, including 90 of the top 100 global banks, was working Monday to bring servers back online that were hit by a ransomware attack late last week. Some U.S. bank customers are affected by the incident, which occurred Friday. The company says it […] | Ransomware | ||
|
2020-03-23 09:50:44 | Maze ransomware attack on British medical firm (lien direct) | The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm’s computer systems. Cyber gangsters have attacked the computer systems of a medical research company on standby to carry out trials of a possible future vaccine for […] | Ransomware | ||
|
2020-03-20 11:05:30 | Bitcoin Ransomware Attacks at Record High (lien direct) | Bitcoin and crypto-related ransomware attacks hit a record high in the United Kingdom last year. According to a report by Bitcoinist and records obtained under the Freedom of Information Act (FOI), UK authorities received 562 reports from victims of devices that were hijacked by crypto-related ransomware. Source: CryptoGlobe | Ransomware | ||
|
2020-03-20 11:04:23 | Ransomware gang will stop hospital attacks (lien direct) | The notorious Maze ransomware gang announced Wednesday that it will not attack any healthcare organizations during the COVID-19 pandemic. The pandemic has put a strain hospitals and public health agencies in recent weeks as governments across the globe struggle to contain the spread of COVID-19, also known as the new coronavirus. Some security vendors have […] | Ransomware | ||
|
2020-03-19 11:13:31 | France warns of ransomware gang (lien direct) | France’s cyber-security agency issued an alert this week warning about a new ransomware gang that’s been recently seen targeting the networks of local government authorities. The alert, issued by France’s CERT team, points to a rising number of attacks carried out with a new version of the Mespinoza ransomware strain, also known as the […] | Ransomware | ||
|
2020-03-16 10:47:43 | Ransomware infects through Coronavirus tracker (lien direct) | A coronavirus tracking application is actually infecting Android devices with ransomware, with owners then asked to pay a $100 ransom to have their smartphones unlocked. Coronavirus trackers are particularly popular these days, as many users look for such apps to keep an eye on the virus outbreak, so it's not necessarily a surprise that malicious […] | Ransomware | ||
|
2020-03-13 10:26:43 | DoppelPaymer Ransomware Ups Threat Level (lien direct) | While ransomware is a serious problem, it is also one that can be handled with proper preparation. An organization that fully backs up its systems at regular intervals can usually avoid a payment simply by restoring files. Cyber crime is a world of constant adaptation and escalation, however, and there has been a dangerous mutation. […] | Ransomware Threat | ||
|
2020-03-10 10:16:43 | North Carolina governments hit by Ransomware (lien direct) | Hackers of “Russian” origin targeted the city and county governments of Durham, N.C., over the weekend, hampering computer and communications networks with ransomware, according to local officials. The attack, which used the infamous Ryuk malware strain typically spread through malicious attachments in phishing emails, was carried out late Friday by a Russian hacking group, […] | Ransomware Malware | ||
|
2020-03-10 10:12:27 | Massive rise in ransomware attacks in healthcare (lien direct) | Ransomware attacks against healthcare providers increased a whopping 350 percent during the last quarter of 2019 with the rapid pace of attacks already continuing throughout 2020, according to a new report from Corvus. Ransomware attacks dominated healthcare headlines during the later part of 2019 with attacks on IT vendors disrupting services on hundreds of dental […] | Ransomware | ||
|
2020-03-09 10:36:12 | 5.5 million 2019 malware attacks in GCC (lien direct) | Trend Micro Incorporated, a global cybersecurity solutions firm, today released its 2019 security roundup report. Ransomware continued to be a mainstay cyber threat last year. Overall, Trend Micro discovered a 10% increase in ransomware detections, despite a 57% decrease in the number of new ransomware families. The healthcare sector remained the most targeted industry, […] | Ransomware Malware Threat | ||
|
2020-03-05 10:12:37 | EMCOR hit by Ryuk ransomware (lien direct) | EMCOR Group (NYSE: EME), a US-based Fortune 500 company specialized in engineering and industrial construction services, disclosed last month a ransomware incident that took down some of its IT systems. The incident took place on February 15 and was identified as an infection with the Ryuk ransomware strain. Details of the attack and the aftermath […] | Ransomware | ||
|
2020-03-02 11:18:48 | Railworks employee data stolen (lien direct) | Railroad construction and maintenance firm Railworks Corp. has disclosed a ransomware attack that may have also resulted in the breach of personally identifiable information. The attack took place on Jan. 27 and email notifications were sent to those affected by the attack between Jan. 30 and Feb. 7. Data potentially stolen in the attack […] | Ransomware | ||
|
2020-02-28 12:40:50 | Ransomware encrypting critical systems (lien direct) | Unfortunately, ransomware is impacting businesses of all sizes across the globe. This means that critical systems and applications are encrypted by malicious actors and will only be decrypted if a ransom is paid. This will effect all but the most prepared enterprises, and as recent reports show, even prepared businesses can suffer. Offline backups of […] | Ransomware | ||
|
2020-02-28 10:31:53 | Ransomware victims backups unsafe (lien direct) | The UK’s cybersecurity agency has updated its guidance on what to do after a ransomware attack, following a series of incidents where organisations were hit with ransomware, but also had their backups encrypted because they had left them connected to their networks. Keeping a backup copy of vital data is a good way of reducing […] | Ransomware | ★★★★ | |
|
2020-02-28 10:31:02 | New figures show government unprepared for Ransomware (lien direct) | Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks. RSA CONFERENCE2020 – San Francisco – Nearly 75% of government employees are concerned about the potential for ransomware attacks against cities across the United States, but only 38% of state and local government workers are trained in […] | Ransomware | ||
|
2020-02-27 10:26:31 | (Déjà vu) Bretagne Télécom hacked using Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. Bretagne Télécom is a privately held French cloud hosting and enterprise telecommunications company that provides telephony, Internet and networking, hosting, and cloud computing services to roughly 3,000 customers, operating […] | Ransomware Threat | ★★★★★ | |
|
2020-02-27 10:25:01 | Ransomware attack on Redcar council (lien direct) | A council has admitted its IT service was targeted by hackers, who scrambled files and made a demand for money. Systems at Redcar and Cleveland Council have been down for almost three weeks after the ransomware attack. It said it had been prioritising frontline services and has now built a new server and website, as […] | Ransomware | ||
|
2020-02-26 10:17:24 | Ergo foil ransomware attack (lien direct) | Irish IT services group Ergo is forecasting further growth as it reported revenues of €85.2 million last year as the company said it recently foiled a major ransomware attack. Ergo said it immediately moved to lock down servers late last Wednesday after becoming aware of a serious security incident. It was able to recover most […] | Ransomware | ||
|
2020-02-25 10:32:33 | (Déjà vu) Victim\'s Data could be exposed on DoppelPaymer Ransomware site (lien direct) | The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted. A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them […] | Ransomware | ||
|
2020-02-21 11:09:27 | ISS World hit by ransomware attack (lien direct) | With 500,000 staff, making it one of the world's largest private sector employers, ISS has operations in over 60 countries around the world. It provides building maintenance, janitorial services, office supplies, physical building security, catering and facilities management services to a large roster of enterprise clients. It makes revenues of approximately DKK75bn (£8.4bn) per annum. […] | Ransomware | ||
|
2020-02-19 16:01:06 | Ransomware attack hits American energy plant (lien direct) | The American Cybersecurity and Infrastructure Security Agency (CISA) has announced that an American critical infrastructure operation has been affected by ransomware attacks. The attack was caused by a Spearphishing technique that targeted workers of a natural gas compression facility. The ransomware encrypted the plant's IT and OT networks causing a partial loss of view for […] | Ransomware | ||
|
2020-02-19 11:34:01 | Google Adsense Hit by Bitcoin Ransomware (lien direct) | A new email-based form of crypto ransomware is targeting website owners using banners from Google's AdSense program. According to the report by KrebsonSecurity, the scam involves criminals threatening site owners with a flood of bot and junk traffic to trigger Google's automated anti-fraud system, leading the suspension of their AdSense account for suspicious traffic. In […] | Ransomware Guideline | ||
|
2020-02-19 11:30:27 | (Déjà vu) Italian Windows Users Hit by Dharma Ransomware Spam (lien direct) | Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to see this ransomware family distributed through malspam as it is more commonly installed via […] | Ransomware Spam | ||
|
2020-02-19 11:29:46 | Two Day Ransomware Attack on Gas Compressor (lien direct) | A recent ransomware attack caused a U.S. natural gas compressor facility to shut for two days, the latest in a string of attacks targeting the country's energy infrastructure over the past few years. Hackers sent emails with a malicious link to gain control of the facility's information technology system, the Department of Homeland Security […] | Ransomware | ||
|
2020-02-12 10:19:37 | Ransomware set to target cloud services (lien direct) | As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud. Ransomware is now a billion-dollar enterprise for cybercriminals, and - as in any industry - it has evolved over time to become […] | Ransomware | ||
|
2020-02-07 10:40:04 | (Déjà vu) GIGABYTE Driver exploited by ransomware to kill AV Processes (lien direct) | The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows that is used to terminate antivirus and security software. When performing a network-wide compromise, ransomware attackers need to push out a ransomware executable as quickly as possible and to as many systems as they can […] | Ransomware | ||
|
2020-02-05 10:55:45 | Stolen Health Data exposed by Maze ransomware (lien direct) | Recent reports have shown the hacking group behind Maze ransomware has been steadily posting the data of its victims online after the organizations fail to pay the ransom demand. A compiled list of victims shows the data of several healthcare organizations are included in those postings, despite a lack of public reporting of those incidents. […] | Ransomware | ||
|
2020-02-04 10:30:04 | (Déjà vu) Victims\' Data sold on Darknet by DoppelPaymer Ransomware (lien direct) | The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim’s stolen files if they do not pay a ransom demand. A new tactic being used by ransomware operators that perform network-wide encryption is to steal a victim’s files before encrypting any devices. They then threaten to publish or sell this data if the […] | Ransomware | ||
|
2020-02-04 10:27:38 | City of Racine offline due to Ransomware knock (lien direct) | The city of Racine, Wis., was hit with a ransomware attack January 31 that knocked most of its non-emergency computer services offline. The Wisconsin-city's website, email system and online payment collection systems were still down as of February 3 and the city police are unable to processes fee payments or provide copies of police and […] | Ransomware | ||
|
2020-02-03 10:19:02 | Ransomware attacks three law firms over the weekend (lien direct) | Three US law firms were hit with ransomware over the weekend and researchers estimate 50% of US organisations were attacked in the past year. The astonishing growth in cybercrime was revealed in the 'State of the Phish' report from cybersecurity firm Proofpoint. The researchers analysed more than 9 million malicious email, spoke with 600 industry […] | Ransomware | ||
|
2020-01-31 10:47:11 | Ryuk ransomware impacts websites of DOD contractor (lien direct) | A Ryuk ransomware attack against U.S. Department of Defense contractor Electronic Warfare Associates (EWA) has reportedly affected the electronics company's web server, making several of its websites in accessible. The attack took place last week and impacted the websites for the EWA Government Systems Inc., a subsidiary that sells electronic warfare products; EWA Technologies Inc, […] | Ransomware | ||
|
2020-01-30 10:44:43 | (Déjà vu) New Phishing Service Alerts Companies of Phished Employees (lien direct) | A new service called ‘I Got Phished’ has launched that will alert domain and security administrators when an employee in their organization falls for a phishing attack. Phishing attacks are a common vector for a variety of other attacks such as BEC scams, network intrusions, and even ransomware attacks. Source: Bleeping Computer | Ransomware | ||
|
2020-01-29 10:10:43 | Ransomware attacks Canadian Military Contractor (lien direct) | Ransomware attackers claimed to stolen 60GB of data from Canadian defence contractor after ransomware attack in December 2018. The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction. The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers […] | Ransomware Threat | ||
|
2020-01-28 09:53:47 | Ragnarok Ransomware Targets Citrix ADC, Disables Windows Defender (lien direct) | A new ransomware called Ragnarok has been detected being used in targeted attacks against unpatched Citrix ADC servers vulnerable to the CVE-2019-19781 exploit. Last week, FireEye released a report about new attacks exploiting the now patched Citrix ADC vulnerability to install the new Raganarok Ransomware on vulnerable networks. Source: Bleeping Computer | Ransomware | ||
|
2020-01-23 12:27:30 | BitPyLock Ransomware Evolves Its Tactics (lien direct) | The new BitPyLock ransomware seems to have stepped up its game, going from targeting individual workstations to spreading to the network in a file-stealing spree. Discovered at the beginning of the month by MalwareHunterTeam, the bug has claimed new victims almost daily. Interestingly, the ransom notes have already evolved to reflect the progressively ambitious aims […] | Ransomware |
To see everything:
Our RSS (filtrered)
