www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T13:46:11+00:00 www.secnews.physaphae.fr Recorded Future - FLux Recorded Future Capita dit que répondre aux attaques de ransomwares coûtera jusqu'à & plate; 20 millions Capita says responding to ransomware attack will cost up to £20 million

Capita, la société d'externalisation britannique frappée par une attaque de ransomware en mars, a déclaré mercredi que l'incident coûtera jusqu'à & Pound; 20 millions (25 millions de dollars) pour répondre.Les dépenses ont été attribuées à «les frais professionnels spécialisés, les frais de recouvrement et d'assainissement et d'investissement pour renforcer l'environnement de cybersécurité de Capita \\», selon un communiqué envoyé à

Capita, the British outsourcing company hit by a ransomware attack in March, said on Wednesday the incident will cost up to £20 million ($25 million) to respond to. The expenses have been attributed to “specialist professional fees, recovery and remediation costs and investment to reinforce Capita\'s cyber security environment,” according to a statement sent to]]> 2023-05-10T11:45:00+00:00 https://therecord.media/capita-ransomware-incident-response-cost www.secnews.physaphae.fr/article.php?IdArticle=8335197 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les courts de Dallas, les incendies et les réseaux de police sont encore paralysés par l'incident des ransomwares Dallas courts, fire and police networks still crippled from ransomware incident

Tous les tribunaux municipaux de Dallas seront fermés lundi en raison d'une attaque de ransomware annoncée la semaine dernière.Malgré les déclarations des responsables de la ville affirmant que l'effort de rétablissement progressait lentement, les services d'incendie et de police ont déclaré à des médias locaux qu'ils étaient confrontés à des problèmes massifs à la suite de [l'attaque] (https://therecord.media/dallas-confirms-ransomware--Affectif-affectation de la politique-Web).Dans un rapport

All municipal courts in Dallas will be closed on Monday due to a ransomware attack that was announced last week. Despite statements from city officials claiming the recovery effort was slowly progressing, the fire and police departments told local news outlets they are facing massive issues as a result of [the attack](https://therecord.media/dallas-confirms-ransomware-attack-affecting-police-website). In a statement]]> 2023-05-08T14:15:00+00:00 https://therecord.media/dallas-ransomware-attack-courts-fire-police www.secnews.physaphae.fr/article.php?IdArticle=8334295 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Alors que les données de ransomware restent \\ 'floues, \\' les cyber-chefs américains voient les raisons de l'optimisme As ransomware data remains \\'fuzzy,\\' US cyber leaders see reasons for optimism

NASHVILLE - Deux principaux dirigeants fédéraux de la cybersécurité ont décrit vendredi le ransomware comme une menace persistante, mais offraient un optimisme selon lequel les efforts existants et récemment lancés aideraient à lutter contre la pandémie numérique."Je ne sais pas quand ça va à Crest", a déclaré aux journalistes le général de commandement et le chef de la NSA, le général Paul Nakasone

NASHVILLE - Two top federal cybersecurity leaders on Friday described ransomware as a persistent threat but offered optimism that existing and recently launched efforts would help combat the digital pandemic. “I\'m not sure when it\'s going to crest,” U.S. Cyber Command and NSA chief Gen. Paul Nakasone told reporters after his keynote address at the]]> 2023-05-08T12:00:00+00:00 https://therecord.media/ransomware-optimism-nakasone-easterly-vanderbilt www.secnews.physaphae.fr/article.php?IdArticle=8334252 False Ransomware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Neuberger: l'initiative de contre-ransomware axée sur \\ 'élargir la tente, \\' avec Jordan, Costa Rica, Columbia Neuberger: Counter Ransomware Initiative focused on \\'expanding the tent,\\' with Jordan, Costa Rica, Columbia joining

Le gouvernement américain et plusieurs autres pays ont été confrontés à une question clé au cours de la dernière année: les paiements de ransomware devraient-ils être interdits, avec des dérogations sélectionnées disponibles pour des situations spéciales?S'exprimant lors d'un événement du Ransomware Task Force vendredi, la conseillère adjointe de la sécurité nationale de la Maison Blanche Anne Neuberger a déclaré que les interdictions de paiement des ransomwares avaient été un sujet

The U.S. government and several other countries have been grappling with a key question over the last year: Should ransomware payments be banned, with select waivers available for special situations? Speaking at a Ransomware Task Force event on Friday, White House Deputy National Security Adviser Anne Neuberger said ransomware payment bans have been a topic]]> 2023-05-08T00:50:00+00:00 https://therecord.media/counter-ransomware-initiative-expands-neuberger www.secnews.physaphae.fr/article.php?IdArticle=8334180 False Ransomware Uber 2.0000000000000000 Recorded Future - FLux Recorded Future Les organisations lents pour patcher Goanywhere MFT vulnérabilité même après les attaques de ransomwares de Clop Organizations slow to patch GoAnywhere MFT vulnerability even after Clop ransomware attacks

Des dizaines d'organisations sont toujours exposées à des cyberattaques grâce à une vulnérabilité largement abusée dans Goanywhere MFT - un outil Web qui aide les organisations à transférer des fichiers - selon de nouvelles recherches.Depuis février, le groupe Ransomware Clop a exploité des dizaines de plus grandes entreprises et gouvernements du monde \\ à travers une vulnérabilité zéro-jour que Goanywhere a suivi comme CVE-2023-0669.Les gouvernements

Dozens of organizations are still exposed to cyberattacks through a widely-abused vulnerability in GoAnywhere MFT - a web-based tool that helps organizations transfer files - according to new research. Since February, the Clop ransomware group has exploited dozens of the world\'s largest companies and governments through a zero-day vulnerability GoAnywhere tracked as CVE-2023-0669. The governments]]> 2023-05-05T15:53:00+00:00 https://therecord.media/organizations-slow-to-patch-goanywhere-vulnerability-after-clop-attacks www.secnews.physaphae.fr/article.php?IdArticle=8333810 False Ransomware,Tool,Vulnerability None 2.0000000000000000 Recorded Future - FLux Recorded Future Groupe de ransomwares derrière Oakland Attack Targets City dans le Massachusetts Ransomware group behind Oakland attack targets city in Massachusetts

Le groupe de cybercriminalité qui a lancé une attaque dévastatrice contre la ville d'Oakland a pris le crédit pour une autre violation d'un gouvernement local - cette fois en nommant la ville de Massachusetts de Lowell comme la dernière victime.La ville - abrite plus de 111 000 personnes et environ une demi-heure de route de Boston -

The cybercrime group that launched a devastating attack on the city of Oakland has taken credit for yet another breach of a local government - this time naming the Massachusetts city of Lowell as its latest victim. The city - home to more than 111,000 people and about a half hour drive from Boston -]]> 2023-05-04T19:19:00+00:00 https://therecord.media/lowell-massachusetts-city-ransomware-attack-play-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8333556 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Université piratée avertit des alertes textuelles du campus envoyées par Ransomware Group Hacked university warns of campus text alerts sent by ransomware group

Une université de Virginie avertit les étudiants à se méfier des textes envoyés par le système d'alerte de masse de l'école après qu'un groupe de ransomware a envoyé un message sur l'ensemble du campus sur une cyberattaque en cours.Bluefield University & # 8211;Une école baptiste privée à Bluefield, en Virginie, desservant environ 1 000 élèves & # 8211;[Publié] (https://twitter.com/blfduniversity/status/1652643506823782401) Une déclaration dimanche annonçant que leur

A university in Virginia is warning students to be wary of texts being sent through the school\'s mass alert system after a ransomware group messaged the entire campus about an ongoing cyberattack. Bluefield University – a private Baptist school in Bluefield, Virginia serving about 1,000 students – [published](https://twitter.com/blfduniversity/status/1652643506823782401) a statement on Sunday announcing that their]]> 2023-05-04T14:46:00+00:00 https://therecord.media/bluefield-university-virginia-hacked-warns-students-ramalert www.secnews.physaphae.fr/article.php?IdArticle=8333471 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Le gouvernement de la ville de Dallas confirme les attaques de ransomwares affectant la police et d'autres services Dallas city government confirms ransomware attack affecting police and other services

La ville de Dallas a confirmé mercredi qu'elle faisait face à une attaque de ransomware qui a affecté de nombreux systèmes informatiques et a fermé le site Web du service de police.Dans un communiqué, la ville a déclaré à Future News que les outils de surveillance de la sécurité de la ville \\ ont informé leur centre d'opérations de sécurité mercredi matin que "

The city of Dallas confirmed on Wednesday that it is dealing with a ransomware attack that has affected numerous IT systems and shut down the website of the police department. In a statement, the city told Recorded Future News that the city\'s security monitoring tools notified their security operations center Wednesday morning that “a likely]]> 2023-05-03T20:19:00+00:00 https://therecord.media/dallas-confirms-ransomware-attack-affecting-police-website www.secnews.physaphae.fr/article.php?IdArticle=8333258 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Les collèges et les écoles aux États-Unis traitant des incidents de ransomware, des cyberattaques Colleges and schools across US dealing with ransomware incidents, cyberattacks

Des milliers d'élèves de plusieurs écoles américaines ont commencé la semaine à ressentir l'impact des attaques de ransomwares et d'autres incidents de cybersécurité.Bluefield University - Une école baptiste privée de Bluefield, en Virginie, desservant environ 1 000 étudiants & # 8211;[Publié] (https://twitter.com/blfduniversity/status/1652643506823782401) Une déclaration dimanche annonçant dimanche que leurs systèmes «ont été fermés pendant une période inconnue due à échéance due à échéance

Thousands of students at several U.S. schools started the week feeling the impact of ransomware attacks and other cybersecurity incidents. Bluefield University - a private Baptist school in Bluefield, Virginia serving about 1,000 students – [published](https://twitter.com/blfduniversity/status/1652643506823782401) a statement on Sunday announcing that their systems “have been shut down for an unknown period of time due]]> 2023-05-01T20:37:00+00:00 https://therecord.media/colleges-schools-suffer-from-ransomware-and-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8332622 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le gouvernement du comté de Caroline du Sud n'a pas frappé d'attaque par ransomware South Carolina county gov\\'t hit with ransomware attack

Le comté de Caroline du Sud de Spartanburg fait face à une attaque de ransomware qui a limité ses systèmes informatiques et téléphoniques.Dans une déclaration à Recred Future News, le porte-parole du comté de Spartanburg, Kay Blackwell, a déclaré que les responsables avaient récemment découvert le ransomware et étaient en train de répondre à l'incident.Une entreprise de cybersécurité a été embauchée et

The South Carolina county of Spartanburg is dealing with a ransomware attack that has limited its IT and phone systems. In a statement to Recorded Future News, Spartanburg County spokesperson Kay Blackwell said officials recently discovered the ransomware and are in the process of responding to the incident. A cybersecurity firm has been hired and]]> 2023-04-28T23:44:00+00:00 https://therecord.media/south-carolina-spartanburg-county-dealing-with-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8332062 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les pirates utilisent la vulnérabilité de l'imprimante Papercut pour répandre les ransomwares de CloP Hackers use PaperCut printer vulnerability to spread Clop ransomware

Les pirates liés à l'opération de ransomware de CloP exploitent deux vulnérabilités récemment divulguées dans le logiciel de gestion de l'impression Papercut pour voler les données de l'entreprise des victimes.Dans une série de tweets publiés mercredi, Microsoft a déclaré qu'ils attribuaient les attaques à un acteur de menace qu'ils suivent en dentelle Tempest - un groupe dont les activités se chevauchent avec FIN11 et TA505.

Hackers linked to the Clop ransomware operation are exploiting two recently-disclosed vulnerabilities in print management software PaperCut to steal corporate data from victims. In a series of tweets posted Wednesday, Microsoft said they attributed the attacks to a threat actor they track as Lace Tempest - a group whose activities overlap with FIN11 and TA505.]]> 2023-04-27T15:49:00+00:00 https://therecord.media/hackers-use-papercut-vulnerabilities-to-deploy-clop-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8331599 False Ransomware,Vulnerability,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future NSA Cyber Director avertit les attaques de ransomwares contre l'Ukraine, les chaînes d'approvisionnement occidentales NSA cyber director warns of ransomware attacks on Ukraine, Western supply chains

** San Francisco - ** Les pirates russes tentent d'injecter des ransomwares dans la chaîne d'approvisionnement logistique de l'Ukraine et celles des pays occidentaux qui soutiennent Kiev dans sa lutte contre Moscou, a déclaré un responsable de l'agence de sécurité nationale sur leMercredi.«Les guerres sont gagnées et perdues par la logistique.Et la Russie apprécie douloureusement cela parce qu'ils le font

**SAN FRANCISCO -** Russian hackers are attempting to inject ransomware into Ukraine\'s logistics supply chain and those of the Western countries that back Kyiv in its fight against Moscow, a senior National Security Agency official said on Wednesday. “Wars are won and lost by logistics. And Russia painfully appreciates that because they are doing so]]> 2023-04-26T20:06:00+00:00 https://therecord.media/russia-ransomware-attacks-logistics-supply-chain-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8331363 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Fournisseur d'infrastructure réseau Commscope étudiant la fuite de données après une attaque de ransomware Network infrastructure provider CommScope investigating data leak following ransomware attack

Le fournisseur d'infrastructures de réseau basé en Caroline du Nord, Commscope, a confirmé qu'il avait subi une attaque de ransomware à la fin du mois dernier et enquête maintenant sur les allégations d'informations volées divulguées sur le Dark Web.Un porte-parole de l'entreprise - qui fabrique des produits pour les réseaux domestiques, les réseaux à large bande, les réseaux de lieux et de campus, et les réseaux sans fil en plein air - ont déclaré avoir découvert

North Carolina-based network infrastructure provider CommScope confirmed that it suffered a ransomware attack late last month and is now investigating claims of stolen information leaked on the dark web. A spokesperson for the company - which makes products for home networks, broadband networks, venue and campus networks, and outdoor wireless networks - said it discovered]]> 2023-04-17T23:45:00+00:00 https://therecord.media/commscope-network-infrastructure-cyberattack-vice-society www.secnews.physaphae.fr/article.php?IdArticle=8328731 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Le géant des paiements dit qu'il enquête sur l'incident des ransomwares qui a provoqué une panne de point de vente Payments giant says it is investigating ransomware incident that caused POS outage

Le géant du traitement des paiements NCR a révélé une attaque de ransomware ce week-end qui a provoqué une panne sur sa technologie de point de vente largement utilisée par les restaurants.La société a déclaré à Future News avait découvert l'attaque des ransomwares le 13 avril, lorsqu'une panne de centre de données a eu un impact sur certains de leurs clients.L'incident a affecté l'aloha de la société \\

Payment processing giant NCR disclosed a ransomware attack this weekend that caused an outage on its point of sale technology used widely by restaurants. The company told Recorded Future News that it discovered the ransomware attack on April 13, when a data center outage impacted some of their customers. The incident affected the company\'s Aloha]]> 2023-04-17T18:24:00+00:00 https://therecord.media/payments-giant-ncr-investigating-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8328679 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Capita enquête sur l'authenticité des fuites de gangs de ransomware Capita investigates authenticity of ransomware gang leaks

Capita, la plus grande entreprise d'externalisation du Royaume-Uni, a déclaré lundi qu'elle n'avait pas encore été en mesure de confirmer si les données publiées par un groupe de ransomwares avaient en fait été volées à la société.L'entreprise lourde de la bourse de Londres [a annoncé il y a deux semaines] (https://therecord.media/capita-cyber-incident-uk-defense-contracteur) qu'une panne informatique "impactant principalement l'accès aux applications internes de Microsoft Office 365"

Capita, the United Kingdom\'s largest outsourcing company, said on Monday that it has not yet been able to confirm whether data released by a ransomware group was in fact stolen from the company. The London Stock Exchange-listed business [announced two weeks ago](https://therecord.media/capita-cyber-incident-uk-defense-contractor) that an IT outage “primarily impacting access to internal Microsoft Office 365 applications”]]> 2023-04-17T12:06:00+00:00 https://therecord.media/capita-investigates-authenticity-data-leak www.secnews.physaphae.fr/article.php?IdArticle=8328590 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Tasmanie: 150 000 personnes et entreprises touchées par le groupe de ransomwares CLOP Tasmania: 150,000 individuals and businesses affected by Clop ransomware group

Le gouvernement de l'État australien de Tasmanie a confirmé vendredi «environ 150 000 personnes et entreprises» dans l'État insulaire ont été directement affectées par le piratage du produit de transfert de fichiers Goanywhere de Fortra \\.Dans [une mise à jour] (https://www.premier.tas.gov.au/site_resources_2015/additional_releases/update-on-cyber-investigation3) du ministre de la Science et de la technologie de l'État, Madeleine Ogilvie, The Tasmanian \'s Science, Madeleine Ogilvie, TasmanianLe gouvernement a déclaré qu'il continuait à enquêter sur le

The government of the Australian state of Tasmania confirmed on Friday “approximately 150,000 individuals and businesses” in the island state were directly affected by the hack of Fortra\'s GoAnywhere file transfer product. In [an update](https://www.premier.tas.gov.au/site_resources_2015/additional_releases/update-on-cyber-investigation3) from the state\'s minister for science and technology, Madeleine Ogilvie, the Tasmanian government said it is continuing to investigate the]]> 2023-04-14T12:17:00+00:00 https://therecord.media/tasmania-data-breach-clop-150000-affected www.secnews.physaphae.fr/article.php?IdArticle=8327763 False Ransomware,Hack None 2.0000000000000000 Recorded Future - FLux Recorded Future Une attaque de ransomwares qui a forcé un comté de New York à retour à la plume et au papier a commencé en 2021, dit officiel Ransomware attack that forced a New York county back to pen and paper began in 2021, official says

Le comté de Suffolk de New York a conclu une enquête sur une attaque de ransomware déstabilisatrice qui a forcé les travailleurs du gouvernement à s'appuyer sur des télécopies et des archives papier, découvrant des déficiences marquantes dans les pratiques de cybersécurité du greffier du comté.Steven Bellone du comté de Suffolk [a tenu une conférence de presse] (https://www.facebook.com/stevebellone/videos/550329996987344/) mercredi pour dévoiler les résultats de l'enquête médico-légale sur le septembre

New York\'s Suffolk County has concluded an investigation into a destabilizing ransomware attack that forced government workers to rely on fax machines and paper records, discovering stark deficiencies in the county clerk\'s cybersecurity practices. Suffolk County Executive Steven Bellone [held a press conference](https://www.facebook.com/SteveBellone/videos/550329996987344/) Wednesday to unveil the findings of the forensic investigation into the September]]> 2023-04-12T23:37:00+00:00 https://therecord.media/suffolk-county-new-york-ransomware-investigation www.secnews.physaphae.fr/article.php?IdArticle=8327274 False Ransomware APT 15 2.0000000000000000 Recorded Future - FLux Recorded Future Officiels de Tasmanie: 16 000 documents étudiants divulgués par le groupe de ransomwares CLOP Tasmania officials: 16,000 student documents leaked by Clop ransomware group

Les représentants du gouvernement en Tasmanie ont confirmé vendredi que plus de 16 000 documents sensibles avaient été divulgués par le groupe de ransomware CLOP à la suite d'un incident de vol de données il y a deux semaines.Vendredi, lors d'une conférence de presse, le ministre des Sciences et de la Technologie Madeleine Ogilvie [a déclaré aux journalistes] (https://pulsehobart.com.au/news/hackers-release-personal-data-from-tasmanian-government-data-breach/)que les informations publiées comprennent des factures financières, des déclarations et des informations relatives à

Government officials in Tasmania confirmed on Friday that more than 16,000 sensitive documents were leaked by the Clop ransomware group following a data theft incident two weeks ago. During a press conference on Friday, Minister for Science and Technology Madeleine Ogilvie [told reporters](https://pulsehobart.com.au/news/hackers-release-personal-data-from-tasmanian-government-data-breach/) that the information released includes financial invoices, statements and information relating to]]> 2023-04-07T19:32:00+00:00 https://therecord.media/tasmania-government-ransomware-clop-student-documents www.secnews.physaphae.fr/article.php?IdArticle=8325898 False Ransomware,Conference None 3.0000000000000000 Recorded Future - FLux Recorded Future Le géant du matériel MSI confirme la cyberattaque après la demande du groupe de nouveaux ransomwares Hardware giant MSI confirms cyberattack after new ransomware group issues demand

Micro-Star International (MSI), fabricant de quincailleurs taïwanais, a confirmé vendredi qu'il était victime d'une cyberattaque à la suite de rapports selon lesquels un nouveau groupe de ransomware avait ciblé la société.Dans sa déclaration, MSI n'a pas précisé quand l'attaque s'est produite, mais a déclaré que l'incident avait été signalé aux organismes d'application de la loi «rapidement» et que des mesures de récupération avaient été prises.

Taiwanese hardware maker Micro-Star International (MSI) confirmed Friday that it was the victim of a cyberattack following reports that said a new ransomware group targeted the company. In its statement, MSI did not specify when the attack occurred but said the incident was reported to law enforcement agencies “promptly” and recovery measures have been initiated.]]> 2023-04-07T17:59:00+00:00 https://therecord.media/msi-micro-star-international-ransomware-money-message www.secnews.physaphae.fr/article.php?IdArticle=8325890 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future New Jersey county police department confirms ransomware attack

The police department in Camden County, New Jersey confirmed that it was hit with a ransomware attack last month and is still investigating the incident. A spokesperson for the department - which serves the county\'s 523,000 residents - told Recorded Future News that the ransomware attack took place on March 13. Camden County borders Philadelphia]]> 2023-04-07T16:54:00+00:00 https://therecord.media/camden-county-police-ransomware-new-jersey-philadelphia www.secnews.physaphae.fr/article.php?IdArticle=8325880 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les experts mettent en garde contre le ransomware \\ 'Rorschach \\' Experts warn of fast-encrypting \\'Rorschach\\' ransomware

Une nouvelle souche de ransomware a alarmé des chercheurs en cybersécurité, qui le décrivent comme un mélange des Ransomwares les plus efficaces actuellement utilisés.Les chercheurs de la société israélienne de cybersécurité Check Point ont qualifié le nouveau ransomware de «Rorschach» et a déclaré que leur équipe de réponse aux incidents l'avait découvert tout en enquêtant sur une attaque impliquant une entreprise basée aux États-Unis.Sergey Shykevich, Group de renseignement sur les menaces

A new ransomware strain has alarmed cybersecurity researchers, who describe it as a mash-up of the most effective ransomwares currently in use. Researchers at Israeli cybersecurity firm Check Point called the new ransomware “Rorschach” and said their incident response team discovered it while investigating an attack involving a U.S.-based company. Sergey Shykevich, threat intelligence group]]> 2023-04-04T18:09:00+00:00 https://therecord.media/new-fast-encrypting-rorschach-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8324840 False Ransomware,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Lewis & Clark College Cyberattack revendiqué par un gang ransomware notoire [Lewis & Clark College cyberattack claimed by notorious ransomware gang]

Une cyberattaque sur Lewis & Clark College annoncée plus tôt ce mois-ci a été revendiquée par un gang de ransomware impliqué dans plusieurs attaques contre les écoles et collèges de la maternelle à la 12e année au cours de la dernière année.Vendredi, le groupe de cybercrimes vice de la Société a pris le crédit de l'attaque, affichant des échantillons de passeports ainsi que des documents qui comprenaient la sécurité sociale

A cyberattack on Lewis & Clark College announced earlier this month has been claimed by a ransomware gang implicated in several attacks on K-12 schools and colleges over the last year. The Vice Society cybercrime group took credit for the attack on Friday, posting samples of passports as well as documents that included Social Security]]> 2023-03-31T17:50:00+00:00 https://therecord.media/lewis-clark-college-ransomware-attack-vice-society www.secnews.physaphae.fr/article.php?IdArticle=8323826 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis engagent 25 millions de dollars au Costa Rica pour une récupération des ransomwares continues [US commits $25 million to Costa Rica for Conti ransomware recovery]

Le gouvernement américain envoie 25 millions de dollars au gouvernement du Costa Rica pour aider le pays à se remettre d'une attaque de ransomware dévastatrice l'année dernière qui a paralysé plusieurs agences clés.En mai 2022, le président nouvellement élu du Costa Rica \\, Rodrigo Chaves, a déclaré [État d'urgence] (https://therecord.media/costa-ricas-new-president-declares-state-of-egency-fter-conti-Ransomware-Attack) après le [groupe de ransomwares continut] (https://therecord.media/son-of-conti) a gravement endommagé le ministère

The U.S. government is sending $25 million to the government of Costa Rica to help the country recover from a devastating ransomware attack last year that crippled several key agencies. In May 2022, Costa Rica\'s newly elected president Rodrigo Chaves declared a [state of emergency](https://therecord.media/costa-ricas-new-president-declares-state-of-emergency-after-conti-ransomware-attack) after the now-defunct [Conti ransomware group](https://therecord.media/son-of-conti) severely damaged the Ministry]]> 2023-03-29T23:30:00+00:00 https://therecord.media/biden-administration-commits-25-million-costa-rica-ransomware-recovery www.secnews.physaphae.fr/article.php?IdArticle=8323293 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le géant pharmaceutique indien met en garde contre la perte de revenus, le litige après une attaque de ransomware [Indian pharmaceutical giant warns of revenue loss, litigation after ransomware attack]

La plus grande entreprise pharmaceutique en Inde a confirmé une attaque de ransomware dans ses documents réglementaires cette semaine, expliquant que l'incident impliquait le vol de données de l'entreprise et d'informations personnelles.Sun Pharmaceuticals & # 8211;la quatrième plus grande entreprise de pharmaceutique générique spécialisée au monde & # 8211;a déclaré dans les documents déposés auprès de la bourse de Bombay, les efforts pour contenir et

The largest pharmaceutical company in India confirmed a ransomware attack in its regulatory filings this week, explaining that the incident involved the theft of company data and personal information. Sun Pharmaceuticals – the fourth-largest specialty generic pharmaceutical company in the world – said in filings with the Bombay Stock Exchange that efforts to contain and]]> 2023-03-29T20:05:00+00:00 https://therecord.media/sun-pharma-india-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8323066 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Données volées au bureau du shérif de Floride divulguées par Lockbit Ransomware Group [Data stolen from Florida sheriff\\'s office leaked by LockBit ransomware group]

Le groupe Ransomware Lockbit a divulgué des données qu'il a volées au bureau du shérif du comté de Washington dans le nord-est de la Floride.Le dossier n'a pas vu les données volées, mais les experts en cybersécurité ont déclaré qu'il comprenait des mandats et des informations sur les employés.Le comté de Washington compte plus de 25 000 habitants et est à environ 45 minutes de Panama City, en Floride.Un porte-parole

The LockBit ransomware group has leaked data it stole from Washington County Sheriff\'s Office in northeastern Florida. The Record did not view the stolen data but cybersecurity experts said it included warrants and information on employees. Washington County has more than 25,000 residents and is about 45 minutes away from Panama City, Florida. A spokesperson]]> 2023-03-29T17:47:00+00:00 https://therecord.media/florida-sheriff-data-leak-lockbit-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8323024 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Ransomware Group prend le crédit pour l'attaque de février contre la ville de Modesto [Ransomware group takes credit for February attack on city of Modesto]

Une attaque de ransomware contre la ville de Modesto a été revendiquée par une opération de cybercriminalité de longue date plus d'un mois après que le gouvernement local a confirmé qu'il avait été attaqué.Le groupe Snatch a pris le crédit de l'incident, mais n'a pas dit combien de données avaient été prises ou lorsqu'elle serait publiée.L'annonce vient comme

A ransomware attack on the city of Modesto has been claimed by a long-running cybercrime operation more than one month after the local government confirmed it was attacked. The Snatch group took credit for the incident, but did not say how much data was taken or when it would be released. The announcement comes as]]> 2023-03-28T19:16:00+00:00 https://therecord.media/modesto-ransomware-attack-snatch www.secnews.physaphae.fr/article.php?IdArticle=8322623 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Élèves et enseignants de l'école secondaire anglais touchés par les ransomwares attaques [Students and teachers at English high school impacted by ransomware attack]

Une autre école anglaise a été répertoriée sur un site Web d'extorsion de Ransomware Group \\ lundi soir, les criminels menaçant de publier des données volées à moins que l'école de Tanbridge House à West Sussex ne payait des frais non exposés.Le directeur de l'école secondaire, qui compte environ 1 200 élèves âgés de 11 à 16 ans, a précédemment dit aux parents qu'il y avait

Another English school was listed on a ransomware group\'s extortion website on Monday evening, with the criminals threatening to publish stolen data unless Tanbridge House School in West Sussex paid an unstated fee. The headteacher at the secondary school, which has around 1,200 students aged between 11 and 16 enrolled, previously told parents there was]]> 2023-03-28T12:01:00+00:00 https://therecord.media/ransomware-school-england-tanbridge-house www.secnews.physaphae.fr/article.php?IdArticle=8322511 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Le cabinet d'avocats a condamné à une amende de 200 000 $ sur \\ 'Mauvaise sécurité des données \\' qui a conduit à une attaque de ransomware [Law firm fined $200,000 over \\'poor data security\\' that led to ransomware attack]

Le procureur général de New York \\ a consacré une amende de 200 000 $ à un cabinet d'avocats représentant des hôpitaux dont les fichiers sensibles ont été accessibles dans une attaque de ransomware en 2021.Le procureur général Laetitia James a accusé la firme basée à New York, Heidell, Pittoni, Murphy & Bach (HPMB), d'avoir une «mauvaise sécurité des données», entraînant la fuite de quelque 114 000 personnes,

New York\'s attorney general has levied a $200,000 fine on a law firm representing hospitals whose sensitive files were accessed in a 2021 ransomware attack. Attorney General Laetitia James accused the New York City-based firm, Heidell, Pittoni, Murphy & Bach (HPMB), of having “poor data security,” resulting in the leak of some 114,000 people\'s information,]]> 2023-03-27T18:05:00+00:00 https://therecord.media/new-york-law-firm-hpmb-fined-data-breach-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8322152 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Tennessee City a frappé d'attaque par ransomware [Tennessee city hit with ransomware attack]

Oak Ridge, Tennessee, a déclaré que les responsables de la ville travaillent avec des experts en application de la loi et en cybersécurité pour faire face à une attaque de ransomware affectant ses systèmes technologiques.La ville de 31 000 résidents est située dans la partie orientale de l'État et est surtout connue pour être le site de production du projet Manhattan & # 8211;l'effort de plusieurs gouvernements

Oak Ridge, Tennessee said city officials are working with law enforcement and cybersecurity experts to deal with a ransomware attack affecting its technology systems. The 31,000-resident city is located in the eastern part of the state and is best known for being the production site of the Manhattan Project – the effort by several governments]]> 2023-03-23T20:43:00+00:00 https://therecord.media/oak-ridge-tennessee-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8321049 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le Royaume-Uni émet une stratégie pour protéger les services de santé nationaux contre les cyberattaques [UK issues strategy to protect National Health Service from cyberattacks]

Le gouvernement britannique a publié mercredi sa nouvelle stratégie de cybersécurité pour le National Health Service, visant à rendre le secteur de la santé du pays \\ «durcie considérablement à la cyberattaque, au plus tard en 2030».La stratégie vient dans le sillage de la [Wannacry] (https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group) Ransomware Attack en 2017, parallèlement à une attaque criminelle contre le fournisseur de logiciels [Advanced] (https://www.bbc.co.uk/news/technology-62725363) l'année dernière,

The British government published on Wednesday its new cybersecurity strategy for the National Health Service, aiming to make the country\'s healthcare sector “significantly hardened to cyber attack, no later than 2030.” The strategy comes in the wake of the [WannaCry](https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group) ransomware attack in 2017, alongside a criminal attack on the software supplier [Advanced](https://www.bbc.co.uk/news/technology-62725363) last year,]]> 2023-03-22T12:30:00+00:00 https://therecord.media/uk-national-health-service-cyberattacks-strategy www.secnews.physaphae.fr/article.php?IdArticle=8320494 False Ransomware,General Information Wannacry,APT 38 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware \\ 'Probablement \\' pour cibler les systèmes de transport OT, avertit UE Cyber Agency [Ransomware \\'likely\\' to target transportation OT systems, warns EU cyber agency]

Les attaques de ransomwares sont devenues la cybernatre la plus importante face au secteur des transports de l'Union européenne, selon une nouvelle analyse publiée mardi.Le [rapport de 50 pages] (https://www.enisa.europa.eu/publications/enisa-transport-thereat-paysage) de l'Agence de l'Union européenne pour la cybersécurité (EISA) est la première analyse que l'agence a effectuée dans laMenaces auxquelles sont confrontés les secteurs de l'aviation, de la maritime, des chemins de fer et des routes.Il prévient que

Ransomware attacks have become the most significant cyberthreat facing the transport sector in the European Union, according to new analysis published Tuesday. The [50-page report](https://www.enisa.europa.eu/publications/enisa-transport-threat-landscape) from the European Union Agency for Cybersecurity (ENISA) is the first analysis the agency has conducted into the threats facing the aviation, maritime, railway and road sectors. It warns that]]> 2023-03-21T12:35:00+00:00 https://therecord.media/transportation-ransomware-european-union-enisa-report www.secnews.physaphae.fr/article.php?IdArticle=8320205 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Kaspersky releases decryptor for ransomware based on Conti source code

Cybersecurity firm Kaspersky on Thursday released a decryptor that could help victims who had their data locked down by a version of the Conti ransomware. Kaspersky said the tool can be used on a malware strain that infected dozens of “companies and state institutions” throughout December 2022. Kaspersky did not name the strain, but experts]]> 2023-03-16T20:56:00+00:00 https://therecord.media/kaspersky-decryptor-meow-ransomware-conti www.secnews.physaphae.fr/article.php?IdArticle=8319238 False Ransomware,Malware,Tool None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware gang exploited a zero-day in Microsoft security feature, Google says

Financially motivated hackers are using a previously undocumented bug in Microsoft's SmartScreen security feature to spread the Magniber ransomware, according to a new report. The cybercriminals have been able to exploit the zero-day vulnerability in SmartScreen since December, researchers from Google's Threat Analysis Group (TAG) said. The Google team [reported](https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass/) its findings about the bug]]> 2023-03-15T12:17:00+00:00 https://therecord.media/ransomware-zero-day-microsoft-google www.secnews.physaphae.fr/article.php?IdArticle=8318790 False Ransomware,Vulnerability,Threat,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Hackers used Fortra zero-day to steal sales data from cloud management giant Rubrik

Cloud data management giant Rubrik confirmed that hackers attacked the company using a vulnerability in a popular file transfer tool. The Clop ransomware group – which has been the primary force behind the [exploitation of a vulnerability](https://therecord.media/forta-goanywhere-mft-file-transfer-zero-day) affecting Fortra's GoAnywhere Managed File Transfer product – added Rubrik to its list of victims on Tuesday. A]]> 2023-03-14T20:36:00+00:00 https://therecord.media/rubrik-hackers-zero-day-fortra www.secnews.physaphae.fr/article.php?IdArticle=8318625 False Ransomware,Vulnerability,Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future CISA unveils ransomware warning pilot for critical infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) on Monday unveiled an effort that will collect data about commonly exploited vulnerabilities in ransomware attacks and alert critical infrastructure operators of the risks. [The Ransomware Vulnerability Warning Pilot](https://www.cisa.gov/stopransomware/Ransomware-Vulnerability-Warning-Pilot) launched Jan. 30 and was mandated under the sweeping cyber incident reporting [legislation](https://therecord.media/biden-signs-cyber-incident-reporting-bill-into-law) President Joe Biden signed into law]]> 2023-03-14T15:34:00+00:00 https://therecord.media/cisa-ransomware-warning-pilot www.secnews.physaphae.fr/article.php?IdArticle=8318475 False Ransomware,Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Amazon-owned Ring denies \'ransomware event\' following darknet listing

The smart doorbell and security camera company Ring has denied that it suffered a ransomware attack after the company was listed on a prominent ransomware gang's extortion site. The ALPHV ransomware group, also known as BlackCat, added the listing for Ring to its site late on Monday evening, adding: “There's always an option to let]]> 2023-03-14T12:34:00+00:00 https://therecord.media/ring-denies-ransomware-attack-alphv www.secnews.physaphae.fr/article.php?IdArticle=8318428 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Ransomware tracker: the latest figures [March 2023]

* Note: this Ransomware Tracker is updated on the 10th day of each month to stay current * Unlike past years, cybercriminals didn't take a break over the winter holidays. The number of victims posted on ransomware extortion sites rose more than 20% in December to 241 organizations - the highest monthly count since April,]]> 2023-03-10T12:00:00+00:00 https://therecord.media/ransomware-tracker-the-latest-figures www.secnews.physaphae.fr/article.php?IdArticle=8317217 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Canadian military: Ransomware attack on contractor didn\'t touch defense systems

Canada's defense department confirmed Thursday that its systems were not affected by a ransomware attack on engineering giant Black & McDonald. Black & McDonald did not respond to repeated requests for comment, but a spokesperson for Canada's Department of National Defence told The Record that it was aware of a ransomware attack on the company.]]> 2023-03-09T20:15:00+00:00 https://therecord.media/canada-national-defence-black-mcdonald-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8317042 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Ransomware group says it stole student data from Minneapolis Public Schools

The ransomware group behind an [attack on Minneapolis Public Schools](https://therecord.media/minneapolis-public-schools-still-investigating-what-caused-encryption-event) posted a public video allegedly showing screenshots of stolen data after the school district said it was using backups to recover from the incident. The school district – which serves about 34,500 students – faced disruptions last week after a ransomware attack damaged some systems.]]> 2023-03-08T15:55:00+00:00 https://therecord.media/ransomware-minneapolis-public-schools-stolen-data www.secnews.physaphae.fr/article.php?IdArticle=8316717 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Acer says server for repair technicians accessed by hackers

Taiwanese computer maker Acer has confirmed that it suffered a breach involving the leak of technician documents related to staff manuals, product model documentation and more. In a statement Tuesday to The Record, the company said there is “no indication that any consumer data was stored on that server.” “We have recently detected an incident of unauthorized access to one of our document servers for repair technicians,” the company said, noting that the investigation is ongoing. The statement comes after someone offered 160GB of data for sale on a hacker forum that they claimed came from Acer. The person selling the database said it had "confidential presentations,” manuals and binaries as well as information on phones, tablets and laptops. The post also says replacement digital product keys and more are included in the database. Acer has faced several data breaches in recent years, including a headline-grabbing ransomware attack in 2021 that involved a [$50 million ransom demand](https://therecord.media/ransomware-gang-demands-50-million-from-computer-maker-acer) from the REvil cybercrime group. The attack hit the company's back-office network. The hardware giant also suffered breaches in [2021](https://therecord.media/acer-confirms-second-security-breach-this-year) and [2012](https://www.databreaches.net/acer-india-hacked-20000-user-credentails-leaked/) that involved customer details and login information for Indian retailers and distributors as well as 20,000 user credentials. Acer is the sixth-largest personal computer maker in the world, with a market share of roughly 6% of all global sales. The company reported [total revenue](https://www.prnewswire.com/news-releases/acer-reports-december-consolidated-revenues-at-nt-22-89-billion-up-21-1-month-on-month-301716400.html#:~:text=9%2C%202023%20%2FPRNewswire%2F%20%2D%2D,ended%20at%20NT%24275.43%20billion.) of about $9 billion in 2022.]]> 2023-03-07T19:05:00+00:00 https://therecord.media/acer-computers-repair-technicians-server-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8316424 False Ransomware None 4.0000000000000000 Recorded Future - FLux Recorded Future Northern Essex Community College remains shuttered after cyberattack

A Massachusetts community college has closed its doors for a second day after a cyberattack took down significant parts of its network. Northern Essex Community College serves more than 6,000 students across Massachusetts and southern New Hampshire, with campuses in Haverhill and Lawrence. A spokesperson for the school told The Record that they did not know if the attack was ransomware, and claimed they “do not have evidence of any personal data being compromised.” On Tuesday, the school confirmed it would not open for the day. “The college will remain closed for business on Tuesday, March 7, 2023. We are still working through details and continuing to put protections in place. We are aiming to be operative by Wednesday, March 8, 2023,” the school [said](https://northernessex.cc/2023/03/necc-update-march-6-2023/?fbclid=IwAR3RRdDFTarOk8sFesOBBOdaJs2bR3YAnuaEsArHPpDLVQDoFuMRqCI5ktI) on a temporary website created after the cyberattack. “All employees with a NECC laptop should cease using their laptops and are asked to bring their computers in as soon as possible and leave them in your office so that our IT team can install protection-clients and perform forensics.” The statement adds that remote work will be suspended for the rest of the week due to issues with VPN access, but employees of the college will be required to come to their offices. Microsoft Office 365, Zoom and some web-based services are still functioning, the college said. On Sunday, the college [said](https://northernessex.cc/2023/03/necc-announcement-mar-5-2023/) it became aware of unauthorized access to its network on or around March 1 and later noticed that several systems were no longer working. The college contacted law enforcement and cybersecurity experts to help with an investigation. They urged students and employees to regularly change passwords and said anyone whose information may have been accessed will be contacted with guidance. The attack is the latest in a run of incidents affecting colleges across the U.S. The year started with Massacusets-based Bristol Community College informing students that it was [struggling to recover](https://therecord.media/massachusetts-school-district-community-college-dealing-with-fallout-from-ransomware-attack) from a damaging cyberattack in late December. Since then, Emsisoft ransomware expert Brett Callow said at least 10 colleges have been hit with ransomware or cyberattacks, including last week's attacks on colleges in Tennessee and Louisiana. Callow noted that the number of reported ransomware incidents affecting post-secondary schools and K-12 school districts in the U.S. is slightly worse than in previous years, with 13 ransomware incidents reported by the end of February 2021 and 15 attacks [by the end of February 2022](https://www.emsisoft.com/en/blog/43258/the-state-of-ransomware-in-the-us-report-and-statistics-2022/). “By the end of February this year, there were 19 incidents. The yearly numbers have remained very similar too, having remained within the range of 84 - 89 incidents per year since 2019,” Callow told The Record. “It's clear that we're not getting a handle on ransomware in the education sector. In fact, the problem may even be getting worse.”]]> 2023-03-07T17:55:00+00:00 https://therecord.media/northern-essex-community-college-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8316394 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future One leader for Cyber Command, NSA has \'substantial benefits,\' report says

The head of U.S Cyber Command and the National Security Agency testified Tuesday that the two entities should continue to share a leader, citing the conclusions in a recent high-level review that has yet to be shared with the public. In [written testimony](https://www.cybercom.mil/Media/News/Article/3320195/posture-statement-of-general-paul-m-nakasone/) to a Senate panel, Army Gen. Paul Nakasone directly quoted the review of the “dual hat” leadership structure, which has existed since Cyber Command was established in 2010. The report found “'substantial benefits that present compelling evidence for retaining the existing structure,'” according to Nakasone, who took over both organizations in 2018. Momentum for splitting the roles increased during the Trump administration. The Record first reported that the Biden administration had tapped former Joint Chiefs of Staff Chairman Joseph F. Dunford Jr. to lead the review. The team [concluded without a policy recommendation](https://therecord.media/review-of-nsa-cyber-command-leadership-structure-ends-without-official-recommendation) on maintaining or splitting the arraignment, but it leaned heavily toward keeping the two conjoined, despite long-held concerns that the positions are too much for a single person. Nakasone also wrote that the review “highlighted” CYBERCOM and NSA's work defending U.S. elections from foreign interference, fighting ransomware operators and bolstering the military's other combatant commands as reasons to keep the two together. Nakasone, one of Cyber Command's original architects, said publicly last year that he met with Dunford's study group and “had an opportunity to share my views.” “Success in protecting the national security of the United States in cyberspace would be more costly and less decisive with two separate organizations under two separate leaders,” Nakasone wrote in his testimony for the Senate Armed Services Committee. “The enduring relationship is vital for both organizations to meet the strategic challenges of our adversaries as they mature their capabilities against the United States,” he added. ]]> 2023-03-07T14:40:00+00:00 https://therecord.media/nakasone-cybercom-nsa-dual-hat-dunford-report www.secnews.physaphae.fr/article.php?IdArticle=8316339 False Ransomware,Guideline None 3.0000000000000000 Recorded Future - FLux Recorded Future Israel blames state-sponsored Iranian hackers for ransomware attack on university

Israeli cybersecurity officials on Tuesday blamed hackers sponsored by the Iranian government for a ransomware attack on the country's leading technology university. The attack in February forced the Israel Institute of Technology, also known as Technion, to postpone exams and shut down its IT systems. The incident followed what Israeli defense officials said were dozens of attempted Iranian cyberattacks over the past year. Hackers from a previously unknown group calling itself DarkBit claimed responsibility in a note left on Technion's systems demanding 80 bitcoins ($1.7 million at the time) to enable the university to recover its files. The note was unusually ideological, criticizing “an apartheid regime” and stating: “They should pay for their lies and crimes, their names and shames. They should pay for occupation, war crimes against humanity, killing the people (not only Palestinians' bodies, but also Israelis' souls) and destroying the future and all dreams we had.” Israel's National Cyber Directorate on Tuesday attributed the attack to a threat group tracked as MuddyWater, which last year U.S. Cyber Command linked to the Iranian Ministry of Intelligence and Security. British and American authorities subsequently issued a warning about the hacking group, saying it was targeting a “range of government and private-sector organizations across sectors - including telecommunications, defense, local government, and oil and natural gas - in Asia, Africa, Europe, and North America.” While Israel and Iran have never been in a declared war against each other, the countries have repeatedly blamed each other for cyberattacks targeting civilian infrastructure, including a steel plant in Iran. Iranian hackers have been blamed for attacks on water systems in Israel. The attack on the university in Haifa is not the first time that Iranian state-sponsored hackers have been linked to ransomware incidents. A French-Venezuelan cardiologist called Moises Luis Zagala Gonzalez was charged by the U.S. Department of Justice last year with developing the Thanos ransomware and allegedly boasting about it being used by Iranian government-linked hackers. Another advisory issued in 2022 by cyber authorities in the United Kingdom, United States, Australia and Canada - members of the Five Eyes intelligence alliance - warned that “cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps are exploiting vulnerabilities to launch ransomware operations against multiple sectors.”]]> 2023-03-07T13:05:00+00:00 https://therecord.media/israel-technion-ransomware-attack-iran-darkbit-muddywater www.secnews.physaphae.fr/article.php?IdArticle=8316294 False Ransomware,Threat,Guideline None 2.0000000000000000 Recorded Future - FLux Recorded Future Vice Society ransomware group claims German university as latest victim

The Vice Society ransomware group added the Hamburg University of Applied Sciences (HAW Hamburg) to its leak site this weekend following an attack that the institution said took place late last year. HAW Hamburg is one of several German-speaking institutions with a focus on applied sciences to be targeted by ransomware gangs in recent months. In [a statement](https://www.haw-hamburg.de/fileadmin/PK/PDF/Infos_Art._34_DS-GVO_final.pdf) sent to all employees and students, the university said the attack was on December 29, describing a ransomware incident without using the term itself. The school has about 16,000 students. “The attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage,” the statement explained. “With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started,” it added. The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses and mobile phone numbers. Despite describing the compromised passwords as “cryptographically secured” the IT team recommended that students and staff change their passwords “for all internal university applications,” adding “in particular, change your password for Microsoft Teams and avoid using passwords that you have already used before.” The university said it had to rebuild its IT systems, including the existing Microsoft cloud environment, and was “trying to restore a backup of the email data from the old mail server as of December 14.” Following the attack, HAW Hamburg's IT security said it had “received several reports from students about attempts to log on to Internet portals such as Amazon and eBay by unauthorized third parties.” “After reviewing all previous reports, and taking into account the attacker group's previous approach, it can be ruled out that the login attempts are related to the security incident at HAW Hamburg or the attacker group,” the team added. Back in January the Vice Society ransomware group [claimed responsibility](https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/) for a November attack against the University of Duisburg-Essen in Germany. Then in February the University of Zurich, Switzerland's largest university, announced it was the target of a “serious cyberattack,” which a spokesperson described to The Record as “part of a current accumulation of attacks on educational and health institutions.” The week before, the [Harz University of Applied Sciences](https://www.n-tv.de/regionales/sachsen-anhalt/Hochschule-Harz-nach-digitalem-Angriff-offline-article23885755.html) in Saxony-Anhalt, [Ruhr West University](https://www.hochschule-ruhr-west.de/hrwoffline/), and the [EU/FH European University of Applied Sciences](https://www.eufh.de/hochschule/pressemitteilung) all announced being impacted by cyberattacks. ]]> 2023-03-06T14:03:00+00:00 https://therecord.media/germany-ransomware-haw-hamburg-vice-society www.secnews.physaphae.fr/article.php?IdArticle=8316107 False Ransomware,Guideline,Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future Thousands of appointments canceled after ransomware hits major Barcelona hospital

A ransomware attack on the city of Barcelona's main hospital has forced thousands of appointments to be canceled, officials announced Monday. The Hospital Clinic de Barcelona was attacked Saturday, with computers across the institutions' numerous laboratories, clinics and emergency room shut down. Its website was unavailable on Monday. Officials said that 150 non-urgent operations were canceled on Monday alongside up to 3,000 patient checkups, including radiotherapy visits, because staff can't access patients' clinical records, reported the [El País newspaper](link). The Ransom House gang - which lists semiconductor company AMD as a previous victim, claiming to have sold data stolen by its "partners" - was responsible for the attack, according to the regional Catalonian Cybersecurity Agency. The gang itself claims on its leak site to “have nothing to do with any breaches” and doesn't “produce or use any ransomware.” It describes itself as a “professional mediators community.” Segi Marcén, telecommunications secretary for the regional Catalonia government, said that no extortion demand had yet been received but that the hospital would not be making a ransom payment even if one was. “We will not pay a cent,” Marcén said. Ransomware gangs typically threaten to release stolen data publicly if an extortion payment doesn't come by a certain deadline. As of Monday, nothing from the hospital was on Ransom House's leak site. Marcén added that the regional government was “focusing on recovering the information” impacted by the attack, although it was not yet clear whether the hospital's data backups were also compromised, El País reported. Staff at the hospital have been forced to write on paper and do not have access to electronic patient data-sharing systems. The facility's press department announced that urgent cases are being diverted to other hospitals. “We can't make any prediction as to when the system will be back up to normal,” the hospital's director, Antoni Castells, told journalists, adding that there was a contingency plan to keep services functioning for several days although he hoped the system would be fixed sooner. Tomàs Roy, the general director of the Catalan Cybersecurity Agency, said the attackers “have used new attack techniques,” but didn't specify what they were. Recovering from the attack will be “gradual,” reported El País, as IT staff will need to ensure that systems aren't restored while the attackers maintain some access to the system.]]> 2023-03-06T14:02:00+00:00 https://therecord.media/barcelona-hospital-ransomware-spain www.secnews.physaphae.fr/article.php?IdArticle=8316108 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware gang posts breast cancer patients\' clinical photographs

The ALPHV ransomware group, also known as BlackCat, is attempting to extort a healthcare network in Pennsylvania by publishing photographs of breast cancer patients. These clinical images, used by Lehigh Valley Health Network as part of radiotherapy to tackle malignant cells, were described as “nude photos” on the criminals' site. Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the BlackCat gang, which it described as linked to Russia, and stated that it would not pay a ransom. “Based on our initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. We take this very seriously and protecting the data security and privacy of our patients, physicians and staff is critical,” said the network's president and chief executive, Brian Nester. Nester added that the incident involved “a computer system used for clinically appropriate patient images for radiation oncology treatment and other sensitive information.” At the time of the original statement, Nester said Lehigh Valley Health Network's services - including a cancer institute and a children's hospital - were not affected. However the network's website is currently inaccessible. The Record was unable to contact the network for further comment following its listing on the ALPHV [.onion](https://en.wikipedia.org/wiki/Tor_(network)) website. Onlookers have been revolted by the attempt to leverage the sensitivities around cancer treatment and intimate images to extort the organization. Max Smeets, an academic at ETH Zurich - a public research university - and the director of the European Cyber Conflict Research Initiative, [wrote](https://twitter.com/Maxwsmeets/status/1632654116320075776): “This makes me so angry. I hope these barbarians will be held accountable for their heinous actions.” "A new low. This is sickening," [wrote](https://twitter.com/rj_chap/status/1632465294580133888) malware analyst Ryan Chapman, while Nicholas Carroll, a cybersecurity professional, [said](https://twitter.com/sloppy_bear/status/1632468646873165824) the gang was “trying to set new standards in despicable.” ALPHV itself celebrated the attack and the attention it brought. “Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business. Your time is running out. We are ready to unleash our full power on you!” Numerous healthcare organizations have been attacked by ransomware gangs in recent months. The criminal industry persists because of victims who pay, sometimes because their businesses face an existential threat, and sometimes to avoid the negative publicity. Medibank, one of Australia's largest health insurance providers, stated last November that it would not be making a [ransom payment](https://therecord.media/medibank-says-it-will-not-pay-ransom-in-hack-that-impacted-9-7-million-customers/) after hackers gained access to the data of 9.7 million current and former customers, including 1.8 million international customers living abroad. The information included sensitive healthcare claims data for around 480,000 individuals, including information about drug addiction treatments and abortions. Outrage at the attack prompted the government to [consider banning](https://therecord.media/australia-to-consider-banning-ransomware-payments/) ransomware payments in a bid to undermine the industry. Back in January, the hospital technology giant [NextGen Healthcare](https://therecord.media/electronic-health-record-giant-nextgen-dealing-with-cyberattack/) said it was responding to a cyberattack after ALPHV added the company to its list of victims. ]]> 2023-03-06T14:01:00+00:00 https://therecord.media/ransomware-lehigh-valley-alphv-black-cat www.secnews.physaphae.fr/article.php?IdArticle=8316109 False Ransomware,Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war

Last November, several Ukrainian organizations were targeted by a new type of ransomware called RansomBoggs. Its operators sent infected computers a ransom note written on behalf of James P. Sullivan - the main protagonist of the animated film Monsters, Inc. In the note Sullivan, whose job in the movie was to scare kids, asked for […]]> 2023-03-04T13:00:00+00:00 https://therecord.media/a-year-of-wipers-how-the-kremlin-backed-sandworm-has-attacked-ukraine-during-the-war/ www.secnews.physaphae.fr/article.php?IdArticle=8315586 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future U.S. government warns of Royal ransomware attacks against critical infrastructure CISA logo

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory Thursday warning vulnerable organizations of an increased threat posed by Royal ransomware. The guidance is the second warning the U.S. government has issued about Royal ransomware in recent months. In December, the U.S. Department of Health and Human Services (HHS) warned hospitals […]]> 2023-03-03T19:57:24+00:00 https://therecord.media/u-s-government-warns-of-royal-ransomware-attacks-against-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8315379 False Ransomware,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Oakland officials say ransomware group may release personal data on Saturday

The government of Oakland acknowledged on Friday that the ransomware group responsible for the cyberattack on city systems is planning to publish the information it stole. On Thursday evening, the Play ransomware group said it was behind the wide-ranging attack, writing on its leak site that it planned to publish sensitive stolen data on Saturday. […]]> 2023-03-03T17:11:07+00:00 https://therecord.media/oakland-officials-say-ransomware-group-may-release-personal-data-on-saturday/ www.secnews.physaphae.fr/article.php?IdArticle=8315346 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Canadian book giant says employee data was stolen during ransomware attack

Toronto-based Indigo now says that employee data was accessed in a ransomware incident last month. The LockBit gang claims it was the perpetrator]]> 2023-03-01T20:46:22+00:00 https://therecord.media/indigo-book-seller-employee-data-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8314764 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Washington state public bus system confirms ransomware attack Pierce Transit bus

Pierce Transit, which serves the Tacoma area, said a ransomware attack disrupted systems and necessitated some temporary workarounds]]> 2023-03-01T18:56:46+00:00 https://therecord.media/pierce-transit-washington-ransomware-attack-lockbit/ www.secnews.physaphae.fr/article.php?IdArticle=8314710 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Victims of MortalKombat ransomware can now decrypt their locked files for free

Cybersecurity firm Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023. The malware has been used on dozens of victims across the U.S., United Kingdom, Turkey and the Philippines, according to a recent report from Cisco. Bogdan Botezatu, director of threat research and reporting […]]> 2023-03-01T00:34:26+00:00 https://therecord.media/victims-of-mortalkombat-ransomware-can-now-decrypt-their-locked-files-for-free/ www.secnews.physaphae.fr/article.php?IdArticle=8314427 False Ransomware,Malware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future US Marshals Service becomes latest law enforcement agency hit by hackers

The U.S. Marshals Service said it was struck by ransomware last week in an attack that affected systems holding sensitive law enforcement data and personally identifiable information related to several suspects. U.S. Marshals Service spokesperson Drew Wade told NBC News late on Monday evening that after consulting with senior officials at the agency, it was […]]> 2023-02-28T21:26:32+00:00 https://therecord.media/us-marshals-service-becomes-latest-law-enforcement-agency-hit-by-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8314399 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future DISH tells SEC that ransomware attack caused outages; personal info may have been stolen

Satellite broadcast giant DISH told the SEC on Tuesday that a ransomware attack is what caused “system issues” that occurred over the weekend. In an 8-K form filing, DISH confirmed rumors that they had been hit with ransomware, warning that on Monday they became aware that “certain data was extracted from the Corporation's IT systems […]]> 2023-02-28T19:30:13+00:00 https://therecord.media/dish-tells-sec-that-ransomware-attack-caused-outages-personal-info-may-have-been-stolen/ www.secnews.physaphae.fr/article.php?IdArticle=8314286 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Minneapolis Public Schools still investigating what caused \'encryption event\'

Thousands of students in Minneapolis returned to school on Monday after a ransomware attack crippled the school's systems all of last week]]> 2023-02-27T20:46:33+00:00 https://therecord.media/minneapolis-public-schools-still-investigating-what-caused-encryption-event/ www.secnews.physaphae.fr/article.php?IdArticle=8313955 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Oakland says 311, business license systems still down, but National Guard is helping

IT experts from the California National Guard and other state agencies are helping Oakland deal with a crippling ransomware attack]]> 2023-02-24T17:24:24+00:00 https://therecord.media/oakland-ransomware-systems-still-down-national-guard/ www.secnews.physaphae.fr/article.php?IdArticle=8313217 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Food producer Dole confirms ransomware attack Dole

Dole confirmed the incident following a report that an attack had forced some of the company's production plants to close]]> 2023-02-23T14:38:49+00:00 https://therecord.media/dole-ransomware-attack-north-america/ www.secnews.physaphae.fr/article.php?IdArticle=8312867 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future LockBit gang takes credit for attack on water utility in Portugal logo for Porto, Portugal water utility

The LockBit ransomware group has taken credit for a cyberattack on Águas e Energia do Porto - the water utility for the city of Porto]]> 2023-02-21T19:19:19+00:00 https://therecord.media/porto-portugal-water-utility-cyberattack-lockbit/ www.secnews.physaphae.fr/article.php?IdArticle=8312273 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Irish TV broadcaster says attempted hack will affect programming Virgin Media Television newscast

Virgin Media Television, the Irish broadcaster, said on Monday that an attempted hack was going to impact its programming in coming days. The nature of the attack has not been specified, although a spokesperson told The Record it was not a ransomware attack. In a statement the company described identifying “an unauthorized attempt to access […]]> 2023-02-21T13:16:28+00:00 https://therecord.media/virgin-media-television-ireland-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8312175 False Ransomware,Hack None 3.0000000000000000 Recorded Future - FLux Recorded Future Semiconductor industry giant says ransomware attack on supplier will cost it $250 million

Applied Materials said that a ransomware attack on part of its supply chain would cost it $250 million in the next quarter]]> 2023-02-17T21:03:38+00:00 https://therecord.media/applied-materials-supply-chain-mks-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8311365 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Expect more sanctions and hacking operations on ransomware groups, top Justice official says Lisa Monaco, Munich Security Conference 2023

Lisa Monaco, Munich Security Conference 2023

Deputy Attorney General Lisa Monaco said the feds will continue to use sanctions and hacking operations as tools against ransomware groups]]> 2023-02-17T13:14:19+00:00 https://therecord.media/lisa-monaco-more-hacking-ransomware-groups-doj-fbi/ www.secnews.physaphae.fr/article.php?IdArticle=8311243 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future ESXiArgs ransomware has infected hundreds of new targets in Europe, researchers say

More than 500 European organizations are dealing with new infections of the ESXiArgs ransomware, according to Censys]]> 2023-02-15T21:35:27+00:00 https://therecord.media/esxiargs-ransomware-new-infections-europe-censys/ www.secnews.physaphae.fr/article.php?IdArticle=8310628 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future State of emergency as City of Oakland grapples with ransomware attack Oakland

The City of Oakland has declared a state of emergency one week after a ransomware attack hampered local government operations. In a statement on Tuesday, interim City Administrator G. Harold Duffey said he was issuing the declaration “due to the ongoing impacts of the network outages resulting from the ransomware attack” that began February 8. […]]> 2023-02-15T18:44:59+00:00 https://therecord.media/oakland-ransomware-emergency-declared/ www.secnews.physaphae.fr/article.php?IdArticle=8310582 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future MortalKombat ransomware found punching targets in US, UK, Turkey, Philippines

Organizations in the U.S. and elsewhere have been hit with the new MortalKombat ransomware, according to researchers at Cisco Talos]]> 2023-02-14T21:59:11+00:00 https://therecord.media/mortalkombat-ransomware-discovered-cisco-talos/ www.secnews.physaphae.fr/article.php?IdArticle=8310281 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Tonga is the latest Pacific Island nation hit with ransomware

Tonga’s state-owned telecommunications company has been hit with ransomware, it warned customers on Monday. Tonga Communications Corporation (TCC) – one of two telecoms companies in the country – published a notice on Facebook saying the attack may slow down administrative operations. “Ransomware attack has been confirmed to encrypt and lock access to part of TCC's […]]> 2023-02-14T20:54:27+00:00 https://therecord.media/tonga-is-the-latest-pacific-island-nation-hit-with-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8310189 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware attacks on industrial infrastructure doubled in 2022: Dragos

The number of ransomware attacks on industrial infrastructure grew significantly in 2022, according to cybersecurity firm Dragos]]> 2023-02-14T18:53:13+00:00 https://therecord.media/dragos-ransomware-report-2022-ics-ot-lockbit/ www.secnews.physaphae.fr/article.php?IdArticle=8310146 False Ransomware,Industrial None 3.0000000000000000 Recorded Future - FLux Recorded Future ALPHV (BlackCat) ransomware gang claims attack on Irish university data, dark web

A darkweb post by the ALPHV ransomware group purports to include employee records from Munster Technological University]]> 2023-02-14T13:48:55+00:00 https://therecord.media/alphv-blackcat-posted-data-ireland-munster-technical-university/ www.secnews.physaphae.fr/article.php?IdArticle=8310063 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Israel\'s top tech university postpones exams after ransomware attack Technion hackathon 2019

Hackers from a previously unknown group called DarkBit demanded about $1.7 million from the Technion technical university.]]> 2023-02-13T21:03:20+00:00 https://therecord.media/technion-israel-ransomware-darkbit-exams-canceled/ www.secnews.physaphae.fr/article.php?IdArticle=8309774 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future City of Oakland hit with ransomware attack, but says \'core functions\' are intact

The City of Oakland confirmed reports that its networks had been hit with ransomware after rumors emerged online that several agencies were having issues with systems on Thursday. City officials did not respond to requests for comment but released a statement on Friday afternoon saying the ransomware attack began on Wednesday night. “The Information Technology […]]]> 2023-02-10T21:43:54+00:00 https://therecord.media/city-of-oakland-hit-with-ransomware-attack-but-says-core-functions-are-intact/ www.secnews.physaphae.fr/article.php?IdArticle=8309391 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future More than 18,500 ESXi servers still vulnerable to VMware bug behind initial ransomware spree server racks

Rapid7 said 18,581 VMware ESXi servers are still exposed to CVE-2021-21974 - a 2-year-old bug being exploited by the ESXiArgs ransomware]]> 2023-02-10T21:09:22+00:00 https://therecord.media/esxiargs-ransomware-vmware-more-than-18500-servers-still-vulnerable/ www.secnews.physaphae.fr/article.php?IdArticle=8309392 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future December ransomware attack leads to massive data breach from California health network

Facilities within California's Heritage Provider Network reported a data breach related to a ransomware attack in December]]> 2023-02-10T19:45:08+00:00 https://therecord.media/ransomware-attack-leads-to-massive-data-breach-from-california-health-network/ www.secnews.physaphae.fr/article.php?IdArticle=8309393 False Ransomware,Data Breach,Guideline Heritage,Heritage 3.0000000000000000 Recorded Future - FLux Recorded Future Mount Saint Mary College confirms December ransomware attack

Mount Saint Mary College – a liberal arts college in New York – confirmed it experienced a ransomware attack in December after a cybercrime group publicly shared details about the incident this week. The Vice Society ransomware gang, a group known for dozens of attacks on K-12 schools as well as colleges and universities, claimed […]]> 2023-02-09T22:25:22+00:00 https://therecord.media/mount-saint-mary-college-confirms-december-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8308750 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Britain and US make major move against ransomware gangs by sanctioning seven individuals

The sanctions documents formally link the Conti and Ryuk ransomware gangs and the Trickbot banking trojan to a single criminal organization]]> 2023-02-09T13:34:05+00:00 https://therecord.media/ransomware-sactions-conti-ryuk-trickbot-uk-us/ www.secnews.physaphae.fr/article.php?IdArticle=8308547 False Ransomware None 1.00000000000000000000 Recorded Future - FLux Recorded Future CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel CISA

CISA adapted work by two Turkish developers into a script for recovering files affected by ESXiArgs ransomware without having to decrypt them]]> 2023-02-08T17:14:52+00:00 https://therecord.media/esxiargs-ransomware-cisa-file-recovery-script/ www.secnews.physaphae.fr/article.php?IdArticle=8308319 False Ransomware None 4.0000000000000000 Recorded Future - FLux Recorded Future First Linux variant of Clop ransomware targeted universities, colleges but was flawed

The first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims. SentinelOne researcher Antonis Terefos said his team observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on December 26. Clop has existed since about 2019, targeting large companies, financial institutions, […]]> 2023-02-08T00:34:48+00:00 https://therecord.media/first-linux-variant-of-clop-ransomware-targeted-universities-colleges-but-was-flawed/ www.secnews.physaphae.fr/article.php?IdArticle=8308101 False Ransomware,Tool None 2.0000000000000000 Recorded Future - FLux Recorded Future Russian crypto exchange exec pleads guilty to laundering Ryuk ransomware funds justice law

A Russian man pleaded guilty on Monday in an Oregon court on charges related to laundering funds for the Ryuk ransomware group. Denis Dubnikov was arrested in November 2021 in the Netherlands before being extradited to the U.S. last August. Prosecutors accused him, along with 13 co-conspirators whose names were redacted in a federal indictment, […]]> 2023-02-07T21:17:45+00:00 https://therecord.media/russian-crypto-exchange-exec-pleads-guilty-to-laundering-ryuk-ransomware-funds/ www.secnews.physaphae.fr/article.php?IdArticle=8308051 False Ransomware,Guideline None 3.0000000000000000 Recorded Future - FLux Recorded Future House approves cybersecurity research bill focused on energy infrastructure Rep. Deborah Ross, cybersecurity

The U.S. House of Representatives on Monday passed a bill that would provide funding for cybersecurity research with a focus on protecting the country's energy infrastructure. The Energy Cybersecurity University Leadership Act - inspired by the ransomware attack on Colonial Pipeline and several other incidents - proposes grants and other forms of funding to graduate […]]> 2023-02-07T19:19:38+00:00 https://therecord.media/energy-cybersecurity-university-leadership-act-passes-house/ www.secnews.physaphae.fr/article.php?IdArticle=8308024 False Ransomware,Guideline None 3.0000000000000000 Recorded Future - FLux Recorded Future LockBit ransomware group threatens Royal Mail with data leak deadline Royal Mail truck

The LockBit cybercriminals told the British mail service it has until February 9 to pay up to protect data apparently stolen in January]]> 2023-02-07T14:18:24+00:00 https://therecord.media/lockbit-ransomware-group-threatens-royal-mail-data-leak-deadline/ www.secnews.physaphae.fr/article.php?IdArticle=8307935 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future \'Massive\' new ESXiArgs ransomware campaign has compromised thousands of victims servers

Thousands of servers running an unpatched version of VMware's ESXi product are vulnerable to ransomware, researchers say]]> 2023-02-06T14:28:11+00:00 https://therecord.media/esxiargs-ransomware-vmware-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8307548 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future QNAP warns of new bug prompting worries of potential Deadbolt ransomware exploitation QNAP

QNAP is warning customers to update their devices after a vulnerability was discovered making thousands of devices susceptible to attack]]> 2023-02-02T15:54:42+00:00 https://therecord.media/qnap-new-vulnerability-hardware/ www.secnews.physaphae.fr/article.php?IdArticle=8306613 False Ransomware,Vulnerability None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware gang attempts to extort UK school by posting files about at-risk children student sitting in classroom

The Vice Society group apparently posted files that included safeguarding reports, which record information about at-risk students]]> 2023-02-02T13:57:35+00:00 https://therecord.media/vice-society-ransomware-guildford-school-student-data-extortion/ www.secnews.physaphae.fr/article.php?IdArticle=8306577 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future \'Global markets\' impacted by ransomware attack on financial software company ION

A ransomware attack on Dublin-based software company ION Group has impacted the trading of financial derivatives on international markets. ION Group describes itself as enabling “financial institutions, central banks and corporations to digitize and automate their most business critical processes.” A pop-up notice on its site on Wednesday warned that “a cybersecurity event” that struck […]]> 2023-02-01T18:46:19+00:00 https://therecord.media/global-markets-impacted-by-ransomware-attack-on-financial-software-company/ www.secnews.physaphae.fr/article.php?IdArticle=8306323 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future K-12 schools in Tucson, Nantucket respond to cyberattacks

The disruptions to school networks in Arizona and Massachusetts follow a string of similar K-12 ransomware incidents]]> 2023-02-01T17:12:21+00:00 https://therecord.media/k-12-schools-ransomware-tucson-nantucket/ www.secnews.physaphae.fr/article.php?IdArticle=8306304 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future LockBit takes credit for November ransomware attack on Sacramento PBS station

The LockBit ransomware group this week said it was responsible for a November ransomware attack on a public broadcasting affiliate in Sacramento, California. The high-profile cybercrime gang made the claim on the dark web site where it leaks victims’ data. The PBS station KVIE announced the attack on November 23, noting that some of its […]]> 2023-01-31T19:00:45+00:00 https://therecord.media/lockbit-takes-credit-kvie-pbs-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8305967 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future British government minister told council to keep quiet after ransomware attack

An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a “catastrophic” ransomware attack two years ago, a parliamentary committee was told on Monday. The pressure from central government to not discuss the impact of the attack “caused us a lot of issues,” said […]]> 2023-01-31T14:01:13+00:00 https://therecord.media/british-government-minister-told-council-to-keep-quiet-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8305905 False Ransomware,Guideline None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware attack on Indianapolis Housing Agency leaks sensitive info on 200,000 residents

The Indianapolis Housing Agency is notifying more than 200,000 people that their information, including Social Security numbers and more, was leaked during a ransomware attack in that began in September. The federally-funded agency is responsible for providing housing to low-income tenants across Indianapolis. It did not respond to requests for comment in October when the […]]> 2023-01-30T22:00:28+00:00 https://therecord.media/ransomware-attack-on-indianapolis-housing-agency-leaks-sensitive-info-on-200000-residents/ www.secnews.physaphae.fr/article.php?IdArticle=8305634 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Ransomware experts laud Hive takedown but question impact without arrests HiveLeaks

The Justice Department’s splashy announcement of the takedown of the Hive ransomware group’s infrastructure on Thursday was reminiscent of other recent high-profile operations against the scourge of ransomware. But the details of the operation set it apart from other ransomware group takedowns in recent years. FBI Director Christopher Wray said agents with the FBI's Tampa […]]> 2023-01-27T20:45:09+00:00 https://therecord.media/ransomware-experts-laud-hive-takedown-but-question-impact-without-arrests/ www.secnews.physaphae.fr/article.php?IdArticle=8304987 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future \'We hacked the hackers:\' DOJ, FBI take down Hive ransomware after spending months inside gang systems

The FBI and Justice Department took down the infrastructure of the Hive ransomware group on Thursday, announcing that their agents had been inside the group's systems since July 2022. FBI Director Christopher Wray said agents gained “clandestine, persistent access” to the control panel used by Hive operators seven months ago, allowing them to identify victims […]]> 2023-01-26T17:25:14+00:00 https://therecord.media/we-hacked-the-hackers-doj-fbi-take-down-hive-ransomware-after-spending-months-inside-gang-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8304256 False Ransomware None 4.0000000000000000 Recorded Future - FLux Recorded Future Royal Mail nearly back to full operations following ransomware attack Royal Mail - United Kingdom

Royal Mail is close to resuming full operations just two weeks after a ransomware attack caused “severe service disruption,” marking a victory for British cyber authorities who have stressed the importance of recovery as well as resistance to combat the impact of attacks. The British postage and courier company's ability to dispatch parcels and letters […]]> 2023-01-26T13:48:34+00:00 https://therecord.media/royal-mail-nearly-back-to-full-operations-following-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8304199 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Ohio town working to restore municipal court systems after cyberattack

An Ohio town is investigating a cyberattack that has brought down the systems used by their court and may have accessed sensitive data. Circleville Municipal Court told The Record that it recently discovered a cyberattack requiring its IT department to work with outside cybersecurity professionals. A spokesperson would not confirm whether the incident involved ransomware […]]> 2023-01-24T14:51:01+00:00 https://therecord.media/ohio-town-working-to-restore-municipal-court-systems-after-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8303701 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Los Angeles Unified School District confirms SSNs leaked in September ransomware attack

The Los Angeles Unified School District (LAUSD) sent out breach notification letters to an unknown number of contractors in recent days notifying them that sensitive information – including Social Security numbers – was leaked during a wide-ranging cyberattack last year. The school district said an investigation revealed that from July 31 until September 3 hackers […]]> 2023-01-23T16:27:09+00:00 https://therecord.media/los-angeles-unified-school-district-confirms-ssns-leaked-in-september-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8303444 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future International Counter Ransomware Task Force kicks off

An international counter-ransomware task force first announced at a White House event in November officially commenced operations on Monday, according to the Australian government which is the inaugural chair of the group. The International Counter Ransomware Task Force's (ICRTF) operations are intended to drive collaboration among a coalition of 36 member states and the European […]]> 2023-01-23T14:14:16+00:00 https://therecord.media/international-counter-ransomware-task-force-kicks-off/ www.secnews.physaphae.fr/article.php?IdArticle=8303420 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future PLAY ransomware group claims attack on Arnold Clark, one of Britain\'s largest car dealerships

Sensitive personal data allegedly stolen from Arnold Clark, one of the United Kingdom's largest car dealerships, has been posted online by the PLAY ransomware group. The company had claimed in a Tweet on January 3 to have protected customer data after it discovered suspicious traffic on its network back in December, although it did not […]]> 2023-01-23T14:03:32+00:00 https://therecord.media/play-ransomware-group-claims-attack-on-arnold-clark-one-of-britains-largest-car-dealerships/ www.secnews.physaphae.fr/article.php?IdArticle=8303403 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Electronic health record giant NextGen dealing with cyberattack

Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims. The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada. On […]]> 2023-01-20T20:13:31+00:00 https://therecord.media/electronic-health-record-giant-nextgen-dealing-with-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8302925 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Costa Rica\'s Ministry of Public Works and Transport crippled by ransomware attack

Costa Rica's government has suffered another ransomware attack just months after several ministries were crippled in a wide-ranging attack by hackers using the Conti ransomware. On Tuesday, Costa Rica's Ministry of Public Works and Transport (MOPT) said in a statement that 12 of its servers were encrypted. Cybersecurity experts from the National Security Directorate and […]]> 2023-01-20T10:30:43+00:00 https://therecord.media/costa-ricas-ministry-of-public-works-and-transport-crippled-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8302777 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut

A ransomware attack closed nearly 300 fast-food restaurants in the United Kingdom, according to a statement from Yum! Brands published late Wednesday evening. Yum! Brands, an American company which owns KFC, Pizza Hut and Taco Bell, stated “certain information technology systems” were impacted in the incident. Data was taken from the company's network, the statement […]]> 2023-01-19T14:08:02+00:00 https://therecord.media/ransomware-attack-hits-nearly-300-fast-food-restaurants-in-uk-including-kfc-and-pizza-hut/ www.secnews.physaphae.fr/article.php?IdArticle=8302544 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Royal Mail trials \'operational workarounds\' following suspected ransomware attack email

Royal Mail, the British postage and courier company, said on Wednesday evening it was “trialing operational workarounds” to get services moving again following a suspected ransomware attack. The company announced it had been impacted by a “cyber incident” last week, although it has not confirmed that the incident was a ransomware attack. The Record has […]]> 2023-01-19T13:24:22+00:00 https://therecord.media/royal-mail-trials-operational-workarounds-following-suspected-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8302545 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Ransomware revenue fell by $300 million in 2022 as more victims refuse to pay: report ransomware lock

Revenues brought in from ransomware attacks fell from $765.6 million in 2021 to $456.8 million in 2022, according to a new report. Experts from blockchain research firm Chainalysis attributed the drop to a variety of factors, most notably that more victims are simply refusing to pay up when threatened by criminal groups. The company tracks […]]> 2023-01-19T13:00:00+00:00 https://therecord.media/ransomware-revenue-fell-by-300-million-in-2022-as-more-victims-refuse-to-pay-report/ www.secnews.physaphae.fr/article.php?IdArticle=8302546 False Ransomware None 4.0000000000000000 Recorded Future - FLux Recorded Future Law enforcement takes down crypto exchange allegedly used to launder $15 million in ransomware payments

The Russian co-founder of a cryptocurrency exchange allegedly used to launder cybercrime proceeds was arrested early Wednesday morning in Miami, the Department of Justice announced. The arrest of Anatoly Legkodymov, who is charged with “unlicensed money transmitting,” is “a significant blow to the cryptocrime ecosystem,” Deputy Attorney General Lisa Monaco said. The exchange, Bitzlato, is […]]> 2023-01-18T19:11:10+00:00 https://therecord.media/law-enforcement-takes-down-crypto-exchange-allegedly-used-to-launder-15-million-in-ransomware-payments/ www.secnews.physaphae.fr/article.php?IdArticle=8302343 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Vice Society ransomware gang claims attack on one of Germany\'s largest universities

The Vice Society ransomware group said it was responsible for a November attack against one of Germany's largest universities. The University of Duisburg-Essen in the country's North Rhine-Westphalia region was forced to shut down its entire IT infrastructure and disconnect it from the network following the incident. The university has 12 departments and about 43,000 […]]> 2023-01-17T21:06:07+00:00 https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/ www.secnews.physaphae.fr/article.php?IdArticle=8301957 False Ransomware None 3.0000000000000000