What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-23 10:38:04 | (Déjà vu) Maze Ransomware Going Unpaid, Leaking Data Left and Right (lien direct) | Maze ransomware operators have infected computers from Medical Diagnostic Laboratories (MDLab) and are releasing close to 9.5GB of data stolen from infected machines. The actor also followed through with leaking another cache of files belonging to another of its victims that did not pay the ransom, Southwire wire and cable manufacturer from Carrollton, Georgia. This action […] | Ransomware | ||
|
2020-01-23 10:36:15 | (Déjà vu) Sodinokibi Ransomware Threatens to Publish Data Belonging to an Automotive Group (lien direct) | The attackers behind the Sodinokibi Ransomware are now threatening to publish data stolen from another victim after they failed to get in touch and pay the ransom to have the data decrypted. Sodinokibi claims that this data was stolen from GEDIA Automotive Group, a German automotive supplier with production plants in Germany, China, Hungary, India, Mexico, Poland, Hungary, Spain, and the […] | Ransomware | ||
|
2020-01-22 11:43:01 | FTCODE Ransomware Now Capable of Compromising Chrome and Firefox Credentials (lien direct) | New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook. FTCODE, a PowerShell-based ransomware that targets Italian-language users, has added new capabilities, including the ability to swipe saved web browser and email client credentials from victims. Source: ThreatPost | Ransomware | ||
|
2020-01-20 10:04:07 | (Déjà vu) Synagogue in New Jersey Suffers Sodinokibi Ransomware Attack (lien direct) | Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network. In an email seen by BleepingComputer, Temple Har Shalom informed their congregation that they discovered the ransomware attack on January 9th after staff had trouble connecting to the Internet. Source: Bleeping […] | Ransomware | ||
|
2020-01-17 09:56:35 | Clop Ransomware is also a CryptoMix Variant (lien direct) | When Clop was discovered by Jakub Kroustek in February 2019, all indicators showed that it was a new CryptoMix with the .CLOP, or in some circumstances .CIOP, extension tagged onto encrypted files. Since this discovery, the ransomware operators behind Clop have steadily been developing it to move beyond the shadow of merely being a variant of CryptoMix. […] | Ransomware | ||
|
2020-01-16 10:07:15 | Victims infected by Ako Ransomware spam (lien direct) | It has been discovered that the network-targeting Ako ransomware is being distributed through malicious spam attachments that pretend to be a requested agreement. Last week we reported on the Ako Ransomware and how it was targeting companies with the intent to encrypt their entire network. At the time, it was not known how it was being distributed and […] | Ransomware Spam | ||
|
2020-01-10 10:01:19 | 300 without jobs because Company shuts down of ransomware (lien direct) | An Arkansas-based telemarketing firm sent home more than 300 employees and told them to find new jobs after IT recovery efforts didn’t go according to plan following a ransomware incident that took place at the start of October 2019. Employees of Sherwood-based telemarketing firm The Heritage Company were notified of the decision just days before […] | Ransomware | Heritage | |
|
2020-01-09 10:05:31 | Ransomware manages to find its way into enterprise networks (lien direct) | Add yet another malicious encryption program to the expanding ranks of ransomware programs that target large enterprise networks in hopes of scoring big financial payoffs. The latest such threat is called Snake, a ransomware program written in the Go programming language, with an unusually high level of obfuscation. It was discovered by researchers at MalwareHunterTeam; analyzed […] | Ransomware Threat | ||
|
2020-01-08 10:07:46 | Travelex suffers ransomware attack and results to pen and paper (lien direct) | Police are investigating hackers holding Travelex’s computers for ransom, forcing the company’s staff to resort to using pen and paper to record transactions. The firm initially said it had discovered the attack on New Year’s Day and immediately took its systems down, with its early investigations suggesting that no personal or customer data has been compromised. Source: […] | Ransomware | ||
|
2020-01-03 10:30:36 | Ransomware Attack on Maritime Facility Results in Coast Guard Warning (lien direct) | The U.S. Coast Guard last month issued a safety bulletin following a ransomware attack that impaired both the IT systems and industrial control systems of a facility regulated by the Maritime Transportation Security Act (MTSA), and prompted a 30-hour operational shutdown. The ransomware program, identified as Ryuk, was delivered via a phishing email containing a malicious link […] | Ransomware | ||
|
2019-12-20 10:36:36 | Fileless Malware Attacks used to Breach Windows Remote Desktop Service (lien direct) | Threat actors breaching company networks are deploying a cornucopia of malware over the remote desktop protocol (RDP), without leaving a trace on target hosts. Cryptocurrency miners, info-stealers, and ransomware are executed in RAM using a remote connection, which also serves for exfiltrating useful information from compromised machines. Source: Bleeping Computer | Ransomware Malware | ||
|
2019-12-19 09:51:45 | Maze Ransomware hits Canadian Insurance Firm (lien direct) | An insurance and financial services company based out of Manitoba, Canada is the latest victim of the Maze Ransomware with allegedly 245 computers encrypted during a cyberattack in October. The victim, Andrew Agencies. is a full-service insurance company with 125 employees and 18 locations based out of Manitoba, Saskatchewan, and Alberta, Canada. Source: Bleeping Computer | Ransomware | ||
|
2019-12-18 10:16:17 | (Déjà vu) Over 1,000 U.S. Schools in 2019 hit by Ransomware attack (lien direct) | Since January, 1,039 schools across the U.S. have been potentially hit by a ransomware attack after 72 school districts and/or educational institutions have publicly reported being a ransomware victim according to a report from security solutions provider Armor. Source: Bleeping Computer | Ransomware | ||
|
2019-12-17 10:22:50 | New Jersey\'s largest hospital pays to resolve ransomware attack (lien direct) | New Jersey's largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes, and outpatient centers, as well as psychiatric facility Carrier Clinic. The hospital system […] | Ransomware | ||
|
2019-12-16 11:10:32 | New Orleans Cyberattack occurred due to Ryuk Ransomware (lien direct) | Based on files uploaded to the VirusTotal scanning service, the ransomware attack on the City of New Orleans was likely done by the Ryuk Ransomware threat actors.On December 14th, 2019, one day after the City of New Orleans ransomware attack, what appear to be memory dumps of suspicious executables were uploaded from an IP address from the […] | Ransomware Threat | ||
|
2019-12-06 09:48:32 | (Déjà vu) Ransomware attack at Shakespeare Theatre (lien direct) | A ransomware attack over the weekend has taken down the ticketing system and patron database for the New Jersey Shakespeare Theatre and has also affected at least one other organization in the Madison area. This could not come at a worse time for the Theatre as they were getting ready to begin their first scheduled performance of Charles […] | Ransomware | ||
|
2019-12-06 09:45:45 | CyrusOne attacked by evil ransomware (lien direct) | Data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware. Details are scarce, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note indicated all the files were locked and that the threat actors would allow one file to be decrypted for free […] | Ransomware Threat | ||
|
2019-11-28 10:00:05 | (Déjà vu) Medical records locked by ransomware at Great Plains Health (lien direct) | Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity. The attack was detected on Monday around 7 p.m. and the IT department worked through the night to reduce the impact on local […] | Ransomware | ||
|
2019-11-28 09:51:46 | (Déjà vu) Prosegur Security Firm Shut Down Network due to Ryuk Ransomware (lien direct) | In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. The company restricted communications with its customers to avoid malware propagation. Although there is no official confirmation, BleepingComputer has learned that the attack affects all Prosegur locations in Europe. […] | Ransomware Malware | ||
|
2019-11-27 10:17:21 | (Déjà vu) New Ransomware Has Made a Name for Itself (lien direct) | A new ransomware called DeathRansom began with a rocky start, but has now resolved it’s issues and has begun to infect victims and encrypt their data. When DeathRansom was first being distributed, it pretended to encrypt files, but researchers and users found that they could just remove the appended .wctc extension and the files would become usable again. Starting […] | Ransomware | ||
|
2019-11-26 09:53:14 | Ransomware attacks NYPD fingerprint database (lien direct) | The New York City Police Department's fingerprint database was hit with ransomware in October 2018, a local newspaper learned. The attack was brought in by a third-party vendor who was installing video equipment at the NYPD's police academy when it connected its infected computer to the police network, according to the New York Post. Source: SC […] | Ransomware | ||
|
2019-11-26 09:51:16 | Nursing homes\' services provider ransomware attack (lien direct) | Cybercriminals are reportedly demanding a $14 million extortion payment after using Ryuk ransomware to infect Virtual Care Provider Inc. (VCPI), a company that provides IT consulting and cloud-based data hosting and security services to roughly 110 nursing homes around the U.S. Source: SC Magazine | Ransomware | ||
|
2019-11-22 09:59:37 | (Déjà vu) Stolen Data Leaked by Maze Ransomware (lien direct) | After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from security staffing firm Allied Universal. We are told this is only 10% of the total files stolen and the rest will be released if a payment is not […] | Ransomware | ||
|
2019-11-22 09:57:46 | Cyber-attack causes Rouen hospital to turn to pen and paper (lien direct) | Cyber-attack on a hospital in Rouen last week caused “very long delays in care”, reports the AFP news agency. Medical staff at the French city’s University Hospital Centre (CHU) were forced to abandon PCs as ransomware had made them unusable, a spokesman said. Instead, staff returned to the “old-fashioned method of paper and pencil”, said […] | Ransomware | ||
|
2019-11-21 09:44:51 | (Déjà vu) DoppelPaymer Ransomware Threat warning from Microsoft (lien direct) | The Microsoft Security Response Center (MSRC) warned customers of the threat behind ongoing DoppelPaymer ransomware attacks and reminded them about misleading info on how it spreads. “There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads,” MSRC Director of Incident Response Simon Pope says. Source: Bleeping Computer | Ransomware Malware Threat Guideline | ||
|
2019-11-20 09:55:56 | Ransomware Campaign Botches Mistake Cyborg Attacker (lien direct) | Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update. Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update! These are the two subject lines of fraudulent emails disguised to appear as Windows Update notifications while containing malicious attachments to infect targets with Cyborg ransomware. While the […] | Ransomware | ||
|
2019-11-20 09:48:12 | (Déjà vu) Ransomware Fails Delivering Critical Windows Update (lien direct) | A new spam campaign pretending to be a ‘Critical Microsoft Windows Update’ has been discovered that attempts to deliver the Cyborg Ransomware, but turns out to be an utter failure. Source: Bleeping Computer | Ransomware Spam | ||
|
2019-11-19 09:51:33 | New NextCry ransomware attacks NextCloud sync and share solution (lien direct) | Attackers are reportedly targeting an NGINX/php-fpm vulnerability to infect users of the NextCloud file sync and share service with a recently discovered ransomware called NextCry. Infecting a NextCloud instance is doubly damaging to victims because the affected service begins replacing files stored on their synced-up machines with the newly encrypted versions. Source: SC Magazine | Ransomware Vulnerability | ||
|
2019-11-19 09:46:50 | (Déjà vu) Ransomware Attack on Louisiana Government Suffers Outage (lien direct) | The state government of Louisiana was hit by a ransomware attack today that impacted numerous state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. The attack was first reported at 11am, after there was a forced shutdown of numerous web sites operated by the state […] | Ransomware | ||
|
2019-11-15 09:59:04 | Malware Spread by Actor Impersonating Government Officials (lien direct) | Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Source: SC Magazine | Ransomware Malware Threat | ||
|
2019-11-14 09:56:17 | (Déjà vu) AnteFrigus Ransomware Only Targets Specific Drives (lien direct) | A new and strange ransomware called AnteFrigus is now being distributed through malvertising that redirects users to the the RIG exploit kit. Unlike other ransomware, AnteFrigus does not target the C: drive, but only other drives commonly associated with removable devices and mapped network drives. The RIG exploit kit uses malicious scripts hosted on attacker-owned […] | Ransomware | ||
|
2019-11-13 09:54:29 | (Déjà vu) Ransomware Attack on Mexico\'s Pemex Oil Suffers $4.9 Million (lien direct) | Mexico’s state-owned oil company, Pemex, has suffered a DoppelPaymer ransomware attack that demanded $4.9 million USD in order to decrypt their files. On Sunday, November 10th, Pemex was hit with a ransomware attack that the company states affected less than 5% of their computers. Workers reported, though, that internal memos told them not to initially turn on their […] | Ransomware | ||
|
2019-11-12 09:15:50 | SmarterASP.net customers knocked offline due to Ransomware attack (lien direct) | SmartASP.net reported it was hit with a ransomware attack over the weekend that encrypted and knocked offline many of the hosting services customer accounts. For many SmarterASP.net's customers their first indication something was wrong was when they were presented with a note from the company stating an attack was taking place and efforts were being […] | Ransomware | ||
|
2019-11-11 09:24:19 | (Déjà vu) Heart Attack Mortality increased due to Hospital Cyberattacks (lien direct) | Breach remediation processes adversely impact timeliness in patient care and outcomes, a new study finds. Ransomware attacks and data breaches targeting hospitals may cause a higher mortality rate among heart patients in the months and years after an incident, Vanderbilt University researchers report, as breach remediation time interferes with patient care and outcomes. Source: Dark […] | Ransomware | ||
|
2019-11-11 09:24:04 | (Déjà vu) Ransomware Attack hits QuikSilver and Billabong (lien direct) | Action sports giant Boardriders was hit by a ransomware attack that affected some of its subsidiaries, including QuikSilver and Billabong, and forced the company to shut down computing systems all over the world. Source: Bleeping Computer | Ransomware | ||
|
2019-11-07 09:47:32 | Industrial sector targeted by Adversary harboring DopplePaymer ransomware (lien direct) | A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Source: SC Magazine | Ransomware Malware | ★★★★ | |
|
2019-11-07 09:47:14 | Bilk Businesses attacked by accounting Scams (lien direct) | Yes, ransomware is plaguing businesses and government organizations, but impersonators inserting themselves into financial workflows – most often via e-mail – continue to enable big paydays. Source: Dark Reading | Ransomware | ★★★ | |
|
2019-11-05 13:04:14 | Spanish companies hit by ransomware (lien direct) | Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. Spain was one of the first countries alongside the UK, where the WannaCry ransomware infections were spotted for the first time back on May 12, 2017. Affected at the time were Spanish newspaper […] | Ransomware | Wannacry | ★★★ |
|
2019-11-05 13:02:33 | (Déjà vu) Trik botnet now spreads Nemty ransomware (lien direct) | The operators of Nemty ransomware have found a new distributor for their file-encrypting malware, which now spreads via Trik, a botnet that pushes all sorts of threats. The malware is spread to systems that have the Server Message Block (SMB) network communication protocol exposed on the web and protected by weak credentials. Source: Bleeping Computer | Ransomware Malware | ||
|
2019-10-31 10:07:09 | (Déjà vu) New Mexico Public Schools Attacked by Ransomware (lien direct) | The attack early in the morning of October 29 has taken all of the school district’s systems offline. A ransomware attack against Las Cruces, New Mexico’s public school system has shut down computers and networks across the district. School district IT teams reportedly reacted quickly, shutting down all computers immediately after detecting the attack at […] | Ransomware | ★★★ | |
|
2019-10-30 09:53:01 | (Déjà vu) New Email Campaign Attacks Italy in Maze Ransomware (lien direct) | The Maze Ransomware is conducting a new spam campaign that targets Italian users by pretending to be the country’s Tax and Revenue Agency. The Maze Ransomware is not a new infection, but within the past month it has been picking up steam with new campaigns, partnering with exploit kits, and inserting playful comments targeting researchers in their […] | Ransomware Spam | ||
|
2019-10-30 09:52:29 | (Déjà vu) School \'District-Wide Shutdown\' Ransomware Attack (lien direct) | A ransomware attack hitting Las Cruces Public Schools forced the district to shut down the entire computer system to contain the infection. Exchanging information with schools is impaired as email and other forms of computer-based communication is no longer possible at this moment. Source: Bleeping Computer | Ransomware | ||
|
2019-10-21 09:35:39 | San Bernardino school district hit by ransomware attack (lien direct) | Hackers infected servers used by the San Bernardino City Unified School District with ransomware, locking faculty and staff out of their e-mails over the weekend and forcing classes to proceed without Wi-Fi and other tech-based tools beginning Monday, Oct. 21. The district's information technology staff alerted administrators and law enforcement to the attack early Saturday, […] | Ransomware | ||
|
2019-10-15 10:32:53 | Pitney Bowes system taken down by malware (lien direct) | Pitney Bowes reported today that it was hit with malware that has made some files inaccessible, but stopped short of calling it a ransomware attack. Pitney Bowes said the attack has encrypted some corporate information and disrupted customer access to certain services, but at this time the company does not believe any customer or employee […] | Ransomware Malware | ||
|
2019-10-11 09:37:18 | 15 New Ransomware Victims Hit Since the Start of October! (lien direct) | Since October 1, Armor, a global cloud security solutions provider, has identified 15 new organizations which have been hit by ransomware in the U.S. including 5 healthcare networks and/or organizations, 2 municipalities (one of which has suffered 3 ransomware attacks this year), 3 school districts, a police department, the North Carolina State Bar, 2 Florida employment […] | Ransomware | ||
|
2019-10-11 09:23:01 | Ransomware attacks targeting flaw in iTunes for Windows (lien direct) | Ransomware attackers have been abusing a vulnerability in the Windows version of Apple iTunes to avoid detection from antivirus software, according to security researchers. The problem deals with the Apple-created Bonjour updater that comes with iTunes for Windows, which is used to deliver software updates to the app. Security firm Morphisec has discovered it also suffers from […] | Ransomware Vulnerability | ||
|
2019-10-08 09:07:04 | (Déjà vu) RobbinHood Ransomware is now using street cred to force victims to pay (lien direct) | The operators behind the RobbinHood ransomware have changed their language in the ransom note, at least in one variant of the malware, to take from victims all hope of decrypting the files for free and to make them pay for the recovery. Boastful and arrogant in their message, the cybercriminals point to past incidents involving their […] | Ransomware | ||
|
2019-10-07 09:15:51 | DCH Health System pays ransom after attack (lien direct) | Alabama-based DCH Health System said it has paid off the hackers behind a ransomware attack that severely disrupted operations at three hospitals beginning on Tuesday morning, according to a Saturday report by Tuscaloosa News. The news closely follows an FBI warning that the number of sophisticated attacks on businesses and state and local governments is continuing to climb. […] | Ransomware | ||
|
2019-10-04 10:27:37 | Ransomware attacks on the rise as FBI send out an alert (lien direct) | The FBI yesterday issued a new public service announcement regarding the ongoing ransomware epidemic, emphasizing that attacks are becoming more targeted since early 2018, with losses increasingly significantly in that time. The alert is intended to update and supplement a previous ransomware warning that the FBI issued back in September 2016, and specifically identifies state and local […] | Ransomware | ||
|
2019-10-03 09:05:20 | Sodinokibi Ransomware building an all-star team of affiliates (lien direct) | Stalkware is being installed on more and more victims’ devices, and the trend is only accelerating, according to a new report. When spouses, colleagues, domestic partners, and random strangers install software to spy on a victim, the “stalkerware” can be a disturbing tool of abuse. And it’s a tool that’s part of a problem that […] | Ransomware Tool | ★★★ |
To see everything:
Our RSS (filtrered)
