This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-23T11:12:57+00:00 www.secnews.physaphae.fr Recorded Future - FLux Recorded Future Un ressortissant russe soupçonné de posséder des milliers de dollars volé aux victimes françaises de ransomware de ruche a été arrêtée à Paris la semaine dernière.En fouillant son téléphone, la police a saisi plus que & Euro; 570 000 (plus de 615 000 $) en actifs de crypto-monnaie qu'il aurait aidé à voler.Selon la police, le suspect a été «banquier» pour les affiliés de Hive,

---

A Russian national suspected of possessing thousands of dollars stolen from the French victims of Hive ransomware was arrested in Paris last week. While searching his phone, the police seized more than €570,000 (over $615,000) in cryptocurrency assets that he allegedly helped steal. According to police, the suspect served as a “banker” for Hive affiliates,]]> 2023-12-13T18:45:00+00:00 https://therecord.media/russian-with-hive-ties-arrested-france www.secnews.physaphae.fr/article.php?IdArticle=8422207 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims\' ransom payments. [...]]]> 2023-12-13T15:25:23+00:00 https://www.bleepingcomputer.com/news/security/french-police-arrests-russian-suspect-linked-to-hive-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8422256 False Ransomware None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial A report released Wednesday by the U.K. Joint Committee on the National Security Strategy by the authority of... ]]> 2023-12-13T13:14:18+00:00 https://industrialcyber.co/critical-infrastructure/uk-government-at-high-risk-of-catastrophic-ransomware-attack-joint-committee-report-warns/ www.secnews.physaphae.fr/article.php?IdArticle=8422080 False Ransomware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A UK parliament report found that large swathes of critical national infrastructure are vulnerable to ransomware]]> 2023-12-13T12:20:00+00:00 https://www.infosecurity-magazine.com/news/uk-risk-catastrophic-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8422059 False Ransomware None 2.0000000000000000 SecureMac - Security focused on MAC également connu sous le nom de heur: trojan-ransom.osx.agent.trtl Type: Ransomware Plateforme: Mac OS 9 Dernière mise à jour: 13/12/23 6:58 PM Niveau de menace: High Description La tortue est un ransomware qui crypte les fichiers sur des systèmes compromis. Débours des menaces de tortue MacScan peut détecter et éliminer les ransomwares de tortues de votre système, ainsi que de protéger d'autres menaces de sécurité et de confidentialité.Un essai de 30 jours est disponible pour scanner votre système pour cette menace. télécharger macscan

---

>also known as HEUR:Trojan-Ransom.OSX.Agent.trtl Type: Ransomware Platform: Mac OS 9 Last updated: 12/13/23 6:58 pm Threat Level: High Description Turtle is ransomware that encrypts files on compromised systems. Turtle Threat Removal MacScan can detect and remove Turtle Ransomware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat. Download MacScan ]]> 2023-12-13T11:09:37+00:00 https://www.securemac.com/definitions/Turtle www.secnews.physaphae.fr/article.php?IdArticle=8422230 True Threat,Ransomware None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors are fully embracing the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, all in an effort to make headlines.]]> 2023-12-13T11:00:00+00:00 https://www.darkreading.com/threat-intelligence/ransomware-gangs-pr-charm-offensive-pressure-victims www.secnews.physaphae.fr/article.php?IdArticle=8422002 False Threat,Ransomware None 2.0000000000000000 UnderNews - Site de news "pirate" francais Les cyberattaques se sont professionnalisées ces dernières années, les attaquants se montrent toujours plus inventifs et les attaques toujours plus sophistiquées. Les hackers profitent du contexte géopolitique, des innovations technologiques, et du travail hybride pour prospérer et innover. Le mois de septembre dernier, une augmentation record de 153 % des attaques de ransomware a été […] The post Le jumeau numérique du SI combiné à un modèle génératif : Comment entrainer les entreprises à répondre aux cyber attaques first appeared on UnderNews.]]> 2023-12-13T10:05:38+00:00 https://www.undernews.fr/reseau-securite/le-jumeau-numerique-du-si-combine-a-un-modele-generatif-comment-entrainer-les-entreprises-a-repondre-aux-cyber-attaques.html www.secnews.physaphae.fr/article.php?IdArticle=8421971 False Ransomware None 3.0000000000000000 Kaspersky - Kaspersky Research blog In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS.]]> 2023-12-13T10:00:25+00:00 https://securelist.com/crimeware-report-fakesg-akira-amos/111483/ www.secnews.physaphae.fr/article.php?IdArticle=8421973 False Ransomware,Malware None 2.0000000000000000 Recorded Future - FLux Recorded Future En raison de l'échec du gouvernement britannique à lutter contre les ransomwares, il y a un «risque élevé» auquel le pays fait face à une «attaque de ransomware catastrophique à tout moment», selon un rapport parlementaire critique sans précédent publié mercredi par le comité conjoint du NationalStratégie de sécurité (JCNSS).En particulier, le rapport distingue l'ancien secrétaire à l'Intérieur Suella Braverman, qui

---

Because of the British government\'s failures to tackle ransomware, there is a “high risk” the country faces a “catastrophic ransomware attack at any moment,” according to an unprecedentedly critical parliamentary report published Wednesday by the Joint Committee on the National Security Strategy (JCNSS). In particular, the report singles out former Home Secretary Suella Braverman, who]]> 2023-12-13T00:00:00+00:00 https://therecord.media/uk-government-risking-catastrophic-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8421761 False Ransomware None 2.0000000000000000 HackRead - Chercher Cyber Par waqas Un autre jour, un autre géant du jeu revendiqué par un groupe de ransomwares. Ceci est un article de HackRead.com Lire le message original: Développeur Spider-Man Insomniac Games frappé par Rhysida Ransomware

---

>By Waqas Another day, another gaming giant claimed by a ransomware group. This is a post from HackRead.com Read the original post: Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware]]> 2023-12-12T22:57:19+00:00 https://www.hackread.com/spider-man-2-developer-insomniac-games-rhysida-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8421741 False Ransomware None 2.0000000000000000 Techworm - News BleepingComputer ). Pour ceux qui ne le savent pas, certains des systèmes de TFS \\ en Europe et en Afrique ont subi une attaque de ransomware le mois dernier. The Medusa Ransomware Gang Responsabilité affirmée pourL'attaque et les TF répertoriés comme site de fuite de données sur le Web Dark. Le groupe a exigé que l'entreprise paie une rançon de 8 millions de dollars américains en 10 jours pour supprimer les données qui auraient été volées à la société japonaise, avec la possibilité de payer 10 000 $ pour une extension de jour. . Pour soutenir sa réclamation, le gang de ransomware a également publié des captures d'écran de plusieurs documents, aux côtés d'une arborescence de fichiers de toutes les données exfiltrées. Il comprenait des documents financiers, des feuilles de calcul, des mots de passe du compte hachée, des factures d'achat, des analyses de passeport, des identifiants utilisateur en texte clair et des mots de passe, des adresses e-mail du personnel, des graphiques d'organisation interne, des rapports de performances financières, des accords, et plus encore. «Toyota Motor Corporation est un fabricant d'automobile multinational japonais dont le siège est à Toyota City, Aichi, Japon.Toyota est l'un des plus grands constructeurs automobiles au monde, produisant environ 10 millions de véhicules par an », a déclaré le site de fuite de Medusa \\, qui comprenait une brève description du piratage. «Les données divulguées proviennent de Toyota Financial Services en Allemagne.Toyota Deutschland GmbH est une société affiliée détenue par Toyota Motor Europe (TME) à Bruxelles / Belgique et située à K & OUML; LN (Cologne). » Suite à la menace de fuite de données par Medusa Ransomware, un porte-parole de Toyota a confirmé à BleepingComputer qu'il a détecté un accès non autorisé sur certains de ses systèmes en Europe et en Afrique. À l'époque, TFS n'a confirmé pas si l'une de ses données avait été volée dans la violation, mais a déclaré qu'elle avait pris des systèmes hors ligne pour atténuer les risques et aider ses enquêtes. Il semble que Toyota n'a pas cédé aux demandes du gang de ransomware de Medusa, car toutes les données divulguées ont été publiées sur le portail d'extorsion de Medusa & # 8217; Plus tôt ce mois-Germany-Toyota-KreditBank-GmbH-2 / Texte "Data-Wpel-Link =" External "rel =" Nofollow Noopener NoreFerrer "> Identifié comme l'une des divisions affectées, admettant que certains fichiers TKG étaient accessibles parpirates pendant l'attaque. Les lettres de notification de violation qui ont été envoyées en allemand aux clients touchés de Toyota \\ ont été accessibles par le point de presse allemand heise . Il les informe que les informations compromises dans la violation de données sur la base de l'enquête en cours comprennent les noms de premier et de famille, les adresses résidentielles, les informations du contrat, les détails de l'achat de location et Iban (numéro de compte bancaire international). Étan]]> 2023-12-12T22:15:48+00:00 https://www.techworm.net/2023/12/toyota-personal-financial-info-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8421603 False Threat,Ransomware,Data Breach,Hack None 3.0000000000000000 Recorded Future - FLux Recorded Future L'agence fédérale qui supervise les coopératives de crédit a déclaré que les opérations dans environ 60 des organisations ont été restaurées à la suite d'un Ransomware AttackLe mois dernier .La National Credit Union Administration (NCUA) a déclaré à enregistrer les futures nouvelles qu'elle avait été en contact régulier avec toutes les institutions financières touchées, en les aidant à obtenir leurs systèmes et

---

The federal agency that oversees credit unions said operations at about 60 of the organizations have been restored following a ransomware attack last month. The National Credit Union Administration (NCUA) told Recorded Future News that it has been in regular contact with all of the affected financial institutions, helping them get their systems and]]> 2023-12-12T21:35:00+00:00 https://therecord.media/credit-union-services-restored-after-ransomware-attack-technology-provider www.secnews.physaphae.fr/article.php?IdArticle=8421716 False Ransomware None 3.0000000000000000 RedCanary - Red Canary The combination of the BITSAdmin tool with Veritas backup software pointed our detection engineers to an attempted ransomware attack.]]> 2023-12-12T18:18:34+00:00 https://redcanary.com/blog/bitsadmin/ www.secnews.physaphae.fr/article.php?IdArticle=8421646 False Ransomware,Tool None 3.0000000000000000 SecurityWeek - Security News Toyota Allemagne informe les clients que leurs données personnelles ont été volées dans une attaque de ransomware le mois dernier.

---

>Toyota Germany is informing customers that their personal data has been stolen in a ransomware attack last month. ]]> 2023-12-12T10:54:54+00:00 https://www.securityweek.com/toyota-germany-confirms-personal-information-stolen-in-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8421463 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Un ransomware attaque En avril, le géant du stockage à froid Americold a touché près de 130 000 personnes, a annoncé la société.Dans un Rapport de violation aux régulateurs du Maine Vendredi, Americold, basée à Atlanta, a confirmé que les pirates avaient violé ses systèmes le 26 avril et accédé aux informations des employés actuels et anciens d'Americold ainsi que de leurs personnes à charge.

---

A ransomware attack in April on cold storage giant Americold affected nearly 130,000 people, the company has announced. In a breach report to regulators in Maine on Friday, Atlanta-based Americold confirmed that hackers had breached its systems on April 26 and accessed the information of current and former Americold employees as well as their dependents.]]> 2023-12-11T22:00:00+00:00 https://therecord.media/ransomware-attack-on-americold-cold-storage www.secnews.physaphae.fr/article.php?IdArticle=8421239 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Une attaque de ransomware en mai a révélé 2,5 millions de patients d'hôpitaux liés au géant des soins de santé Norton Healthcare.Dans les avis soumis aux régulateurs dans MAINE et Californie La semaine dernière, la société a déclaré qu'elle avait découvert l'attaque le 9 mai et a confirmé plus tard que c'étaittraitant d'un incident de ransomware.Après une enquête, la société a déclaré

---

A ransomware attack in May exposed 2.5 million patients of hospitals connected to healthcare giant Norton Healthcare. In notices submitted to regulators in Maine and California last week, the company said it discovered the attack on May 9 and later confirmed that it was dealing with a ransomware incident. After an investigation, the company said]]> 2023-12-11T21:45:00+00:00 https://therecord.media/kentucky-norton-healthcare-millions-affected-in-may-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8421217 False Ransomware None 2.0000000000000000 The Register - Site journalistique Anglais AlphV lays claims to the intrusion Norton Healthcare, which runs eight hospitals and more than 30 clinics in Kentucky and Indiana, has admitted crooks may have stolen 2.5 million people\'s most sensitive data during a ransomware attack in May.…]]> 2023-12-11T20:01:08+00:00 https://go.theregister.com/feed/www.theregister.com/2023/12/11/norton_healthcare_ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8421177 False Ransomware None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial A new report from Claroty has found that 37 percent of ransomware attacks targeting industrial organizations have a... ]]> 2023-12-11T16:00:18+00:00 https://industrialcyber.co/reports/claroty-reports-that-37-percent-of-ransomware-attacks-on-industrial-organizations-affected-it-and-ot-environments/ www.secnews.physaphae.fr/article.php?IdArticle=8421100 False Ransomware,Studies,Industrial None 4.0000000000000000 SecurityWeek - Security News Les données compromises comprennent des noms, des dates de naissance, des numéros de sécurité sociale, des informations sur la santé et l'assurance et les numéros de licence de conducteur.

---

>Compromised data includes names, dates of birth, Social Security numbers, health and insurance information, and driver\'s license numbers. ]]> 2023-12-11T15:19:30+00:00 https://www.securityweek.com/norton-healthcare-ransomware-hack-2-5-million-personal-records-stolen/ www.secnews.physaphae.fr/article.php?IdArticle=8421096 False Ransomware,Hack None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyberLes principales attaques et violations l'American Greater Richmond Transit Company (GRTC), qui fournissent des services à des millions de personnes, a été victime d'une cyberattaque qui a eu un impact sur certaines applications et parties du réseau GRTC.Le ransomware de lecture [& # 8230;]

---

>For the latest discoveries in cyber research for the week of 11th December, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The American Greater Richmond Transit Company (GRTC), which provides services for millions of people, has been a victim of cyber-attack that impacted certain applications and parts of the GRTC network. The Play ransomware […] ]]> 2023-12-11T13:14:16+00:00 https://research.checkpoint.com/2023/11th-december-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8421051 False Threat,Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware. [...]]]> 2023-12-11T12:50:49+00:00 https://www.bleepingcomputer.com/news/security/cold-storage-giant-americold-discloses-data-breach-after-april-malware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8421137 False Ransomware,Data Breach,Malware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Notorious ransomware collective ALPHV/BlackCat may have been disrupted by law enforcement]]> 2023-12-11T11:45:00+00:00 https://www.infosecurity-magazine.com/news/alphvblackcat-site-downed-police/ www.secnews.physaphae.fr/article.php?IdArticle=8421010 False Ransomware None 2.0000000000000000 SecurityWeek - Security News Le site Web de fuite du célèbre groupe de ransomware BlackCat / AlphV est hors ligne depuis des jours et les forces de l'ordre auraient été derrière le retrait.

---

>The leak website of the notorious BlackCat/Alphv ransomware group has been offline for days and law enforcement is reportedly behind the takedown. ]]> 2023-12-11T09:58:35+00:00 https://www.securityweek.com/law-enforcement-reportedly-behind-takedown-of-blackcat-alphv-ransomware-website/ www.secnews.physaphae.fr/article.php?IdArticle=8420985 False Ransomware None 3.0000000000000000 Dark Reading - Informationweek Branch Threat intel sources confirm the ransomware group\'s site has been shuttered by law enforcement.]]> 2023-12-09T01:02:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/alphv-blackcat-takedown-appears-to-be-law-enforcement-related www.secnews.physaphae.fr/article.php?IdArticle=8421099 False Threat,Ransomware None 3.0000000000000000 Dark Reading - Informationweek Branch Threat intel sources confirm the ransomware group\'s site has been shuttered by law enforcement.]]> 2023-12-09T01:02:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/alphv-blackcat-takedown-appears-to-be-law-enforcement-related- www.secnews.physaphae.fr/article.php?IdArticle=8420325 False Threat,Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. [...]]]> 2023-12-08T18:28:18+00:00 https://www.bleepingcomputer.com/news/security/norton-healthcare-discloses-data-breach-after-may-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8420315 False Ransomware,Data Breach,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch As record-breaking volumes of ransomware hit cities, towns, and counties this year, municipalities remain easy targets that pay, and there\'s no end of the attacks in sight.]]> 2023-12-08T18:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/as-ransomware-attacks-abound-municipalities-face-a-constant-battle www.secnews.physaphae.fr/article.php?IdArticle=8420270 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks.]]> 2023-12-08T16:38:00+00:00 https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8420156 False Threat,Ransomware,Technical,Prediction None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Veeam research reveals that corporate victims of ransomware are more likely to increase prices and fire staff]]> 2023-12-08T09:30:00+00:00 https://www.infosecurity-magazine.com/news/ransomware-surge-driving-uk/ www.secnews.physaphae.fr/article.php?IdArticle=8420153 False Ransomware None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-08T06:00:37+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/how-itdr-complements-edr-and-xdr www.secnews.physaphae.fr/article.php?IdArticle=8420211 False Threat,Ransomware,Malware,Cloud,Studies,Tool,Vulnerability None 3.0000000000000000 AhnLab - Korean Security Firm Ce rapport de tendance sur le Web Deep et le réseau sombre d'octobre 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteurs de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.Ransomware & # 8211;Regard de la ruche?Hunters International & # 8211;NOESCAPE Ransomware Gang & # 8211;Ragnarlocker DLS fermé & # 8211;Trigona disparaît Forum & # 38;Marché noir & # 8211;La base de données 23andMe a fui et vendu & # 8211;Violation du système de support d'Okta \\ détecté ...

---

This trend report on the deep web and dark web of October 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware – Rebrand of Hive? Hunters International – NoEscape Ransomware Gang – RagnarLocker DLS Shut Down – Trigona Disappears Forum & Black Market – 23andMe Database Leaked and Being Sold – Breach of Okta\'s Support System Detected... ]]> 2023-12-08T05:00:12+00:00 https://asec.ahnlab.com/en/59741/ www.secnews.physaphae.fr/article.php?IdArticle=8420091 False Threat,Ransomware,Prediction None 3.0000000000000000 AhnLab - Korean Security Firm Ce rapport fournit des statistiques sur le nombre de nouveaux échantillons de ransomware, des systèmes ciblés et des entreprises ciblées en octobre 2023, ainsi que des problèmes de ransomware notables en Corée et dans d'autres pays.Tendances clés 1) Hellokitty Ransomware & # 8217; s Code source fuite 2) Attaques de ransomware contre le serveur WS_FTP non corrigé 3) BlackCat Ransomware utilise & # 8216; Munchkin & # 8217;Alpine Linux VM 4) Autres 2023_OCT_THERAT RAPPORT DE TENDANCE SUR LES STATISTIQUES RANSOMWAGIES ET LES MAJEURS INSCULTATIONS

---

This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in October 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) HelloKitty Ransomware’s Source Code Leaked 2) Ransomware Attacks Against Unpatched WS_FTP Server 3) BlackCat Ransomware Uses ‘Munchkin’ Alpine Linux VM 4) Others 2023_Oct_Threat Trend Report on Ransomware Statistics and Major Issues ]]> 2023-12-08T04:58:39+00:00 https://asec.ahnlab.com/en/59751/ www.secnews.physaphae.fr/article.php?IdArticle=8420093 False Threat,Ransomware,Prediction None 2.0000000000000000 CyberArk - Software Vendor The growing frequency and sophistication of cyberattacks, especially on the ransomware front, have compelled even more companies to seek cyber insurance coverage. But as the need for coverage grows, so do the complexities. Even though...]]> 2023-12-07T20:55:31+00:00 https://www.cyberark.com/blog/how-to-meet-cyber-insurance-requirements-when-all-identities-are-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8419999 False Ransomware None 2.0000000000000000 Dark Reading - Informationweek Branch Because of the criticality of remaining operational, industrial companies and utilities are far more likely to pay, attracting even more threat groups and a focus on OT systems.]]> 2023-12-07T19:00:00+00:00 https://www.darkreading.com/ics-ot-security/ransomware-data-breaches-inundate-ot-industrial-sector www.secnews.physaphae.fr/article.php?IdArticle=8419977 False Threat,Ransomware,Industrial None 3.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

Claroty released new research showing that 75% of respondents reported being targeted by ransomware in the past year. The report, "The Global State of Industrial Cybersecurity 2023: New Technologies, Persistent Threats, and Maturing Defenses," is based on a global independent survey of 1,100 information technology (IT) and operational technology (OT) security professionals who work in critical infrastructure sectors, exploring industry challenges faced in the past year, their impact on OT security programs, and priorities moving forward. - Special Reports]]> 2023-12-07T17:13:52+00:00 https://www.globalsecuritymag.fr/75-of-the-Industrial-Sector-Experienced-a-Ransomware-Attack-in-the-Past-Year.html www.secnews.physaphae.fr/article.php?IdArticle=8419964 False Ransomware,Studies,Industrial None 3.0000000000000000 Recorded Future - FLux Recorded Future Un citoyen russe a plaidé coupable à la gestion de l'échange de crypto-monnaie Bitzlato, qui est devenu «un paradis pour les transactions illicites des criminels de ransomwares», selon le ministère américain de la Justice.Le cofondateur de la plateforme \\, Anatoly Legkodymov, qui s'associe également aux alias Tolik et Gandalf, a convenu de perdre 23 millions de dollars en produit de l'exploitation Bitzlato.Legkodymov, 41 ans,

---

A Russian citizen pleaded guilty to running the cryptocurrency exchange Bitzlato, which became “a haven for illicit transactions by ransomware criminals,” according to the U.S. Department of Justice. The platform\'s co-founder, Anatoly Legkodymov, who also goes by the aliases Tolik and Gandalf, has agreed to forfeit $23 million in proceeds from operating Bitzlato. Legkodymov, 41,]]> 2023-12-07T15:15:00+00:00 https://therecord.media/russian-citizen-pleads-guilty-to-operating-bitzlato-exchange www.secnews.physaphae.fr/article.php?IdArticle=8419929 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le vendeur de chaussures d'un milliard de dollars, Aldo, a déclaré qu'une réclamation récente d'un gang de ransomware notoire était liée à l'un des partenaires de franchise de la société.Mercredi matin, le gang de ransomware Lockbit a réclamé Une quantité non divulguée de données volées.Le gang a fait

---

Billion-dollar shoe seller Aldo said a recent claim by a notorious ransomware gang was related to one of the company\'s franchise partners. On Wednesday morning, the LockBit ransomware gang claimed it attacked the company, giving it until December 25 to pay a ransom in exchange for an undisclosed amount of stolen data. The gang did]]> 2023-12-07T14:41:00+00:00 https://therecord.media/aldo-franchise-partner-lockbit-ransomware-posting www.secnews.physaphae.fr/article.php?IdArticle=8419913 False Ransomware None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2023-12-07T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/las-vegas-casinos-targeted-by-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8419832 False Threat,Ransomware,Technical,Mobile,Vulnerability None 3.0000000000000000 The State of Security - Magazine Américain What\'s going on? A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia . And earlier in the year, a zoo in Tampa Bay was targeted by the same hacking gang. Meanwhile, liberal arts college DePauw University in Indiana says that it was recently targeted, and a "limited amount of data on specific individuals was accessed." 214GB of stolen data has since been made available for download on BlackSuit\'s extortion site on the dark web. How come I haven\'t heard of BlackSuit before? Chances are that...]]> 2023-12-07T10:11:40+00:00 https://www.tripwire.com/state-of-security/blacksuit-ransomware-what-you-need-know www.secnews.physaphae.fr/article.php?IdArticle=8419924 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les collèges et les écoles de la maternelle à la 12e année dans plusieurs États sont confrontés à des incidents de ransomwares provoquant des pannes et une fuite de données sensibles - une continuation d'une tendance qui a affecté les campus à l'échelle nationale tout au long de l'année.Écoles du comté de Henry - Un district à une heure d'Atlanta avec des dizaines d'écoles élémentaires, intermédiaires et secondaires avec plus de 44 000 étudiants

---

Colleges and K-12 schools in several states are dealing with ransomware incidents causing outages and leaking sensitive data - a continuation of a trend that has affected campuses nationwide throughout the year. Henry County Schools - a district an hour from Atlanta with dozens of elementary, middle and high schools with more than 44,000 students]]> 2023-12-06T22:00:00+00:00 https://therecord.media/schools-maine-indiana-georgia-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8419689 False Ransomware,Prediction None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-12-06T19:23:26+00:00 https://blog.knowbe4.com/worlds-largest-bank-becomes-ransomware-victim www.secnews.physaphae.fr/article.php?IdArticle=8419660 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Un constructeur naval pour la marine américaine a récemment informé les autorités fédérales d'un cyber-incident réclamé par un groupe de ransomware au cours du week-end.La branche américaine d'Austal - une société de construction de navires basée en Australie et un entrepreneur de prime de défense spécialisé dans les navires de défense et commerciaux - a déclaré qu'il avait alerté le FBI et le Naval Criminal Investigative Service

---

A shipbuilder for the U.S. Navy recently notified federal authorities of a cyber incident claimed by a ransomware group over the weekend. The U.S. arm of Austal - an Australia-based ship building company and defense prime contractor that specializes in defense and commercial vessels - said it alerted the FBI and Naval Criminal Investigative Service]]> 2023-12-06T16:30:00+00:00 https://therecord.media/us-navy-cyber-incident-no-impact www.secnews.physaphae.fr/article.php?IdArticle=8419613 False Ransomware,Commercial None 2.0000000000000000 Dark Reading - Informationweek Branch The NCSC\'s Ollie Whitehouse criticizes security vendors for actively working against organizations in their fight against breaches and ransomware.]]> 2023-12-06T15:00:00+00:00 https://www.darkreading.com/cyber-risk/uk-cyber-cto-vendors-security-failings-rampant www.secnews.physaphae.fr/article.php?IdArticle=8419662 False Ransomware None 2.0000000000000000 TechRepublic - Security News US Based on the security researchers\' analysis of the 2023 cyberthreat landscape, we highlight new or heightened risks.]]> 2023-12-06T14:36:06+00:00 https://www.techrepublic.com/article/cisco-talos-year-end-report/ www.secnews.physaphae.fr/article.php?IdArticle=8419579 False Ransomware,Malware None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The strain was responsible for over a quarter of global ransomware attacks between January 2022 and September 2023]]> 2023-12-06T11:30:00+00:00 https://www.infosecurity-magazine.com/news/lockbit-top-ransomware-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8419536 False Threat,Ransomware None 3.0000000000000000 WatchGuard - Fabricant Matériel et Logiciels 2023-12-06T00:00:00+00:00 https://www.watchguard.com/fr/wgrd-news/press-releases/le-rapport-du-threat-lab-de-watchguard-revele-une-augmentation-du-nombre www.secnews.physaphae.fr/article.php?IdArticle=8436663 False Threat,Ransomware,Malware,Tool None 2.0000000000000000 Dark Reading - Informationweek Branch BlackCat/ALPHV claims it has had access to the payments technology vendor\'s systems since September, and threatens follow-on attacks on its customer Roblox.]]> 2023-12-05T21:19:00+00:00 https://www.darkreading.com/application-security/payments-giant-tipalti-no-ransomware-breach-roblox www.secnews.physaphae.fr/article.php?IdArticle=8419379 False Threat,Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les pirates utilisent des logiciels malveillants distribués via des publicités en ligne pour infecter les victimes de ransomwares de cactus, selon de nouvelles recherches.Dans un avertissement publié vendredi, des chercheurs de Microsoft ont déclaré que l'acteur de ransomware derrière la campagne - que Microsoft appelle Storm-0216, mais d'autres appellent Twisted Spider et UNC2198 - avait «reçu des transferts de Qakbot

---

Hackers are using malware distributed through online advertisements to infect victims with Cactus ransomware, according to new research. In a warning published on Friday, researchers at Microsoft said that the ransomware actor behind the campaign - which Microsoft calls Storm-0216 but others refer to as Twisted Spider and UNC2198 - had “received handoffs from Qakbot]]> 2023-12-05T20:00:00+00:00 https://therecord.media/cactus-ransomware-actors-using-malvertising-microsoft www.secnews.physaphae.fr/article.php?IdArticle=8419370 False Ransomware,Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Le géant du logiciel comptable Tipalti a déclaré qu'il enquêtait sur les rapports d'une attaque de ransomware après qu'un gang avait passé le week-end à tenter d'extorquer l'entreprise et ses clients.Samedi, le gang de ransomware Black Cat / Alphv a affirmé qu'il avait attaqué la société basée en Californie et a commencé à menacer plusieurs de ses sonles clients les plus connus, notamment Roblox, Twitch et

---

Accounting software giant Tipalti said it is investigating reports of a ransomware attack after a gang spent the weekend attempting to extort the company and its customers. On Saturday, the Black Cat/AlphV ransomware gang claimed that it attacked the California-based company and began to threaten several of its most well-known customers, including Roblox, Twitch and]]> 2023-12-04T19:33:00+00:00 https://therecord.media/tipalti-alleged-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8419099 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

November State of Ransomware Report by Blackfog - Special Reports]]> 2023-12-04T15:14:36+00:00 https://www.globalsecuritymag.fr/November-State-of-Ransomware-Report-by-Blackfog.html www.secnews.physaphae.fr/article.php?IdArticle=8419075 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network and stole 256 GB of data, including data for Roblox and Twitch. [...]]]> 2023-12-04T14:22:36+00:00 https://www.bleepingcomputer.com/news/security/tipalti-investigates-claims-of-data-stolen-in-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8419118 False Ransomware None 2.0000000000000000 Soc Radar - Blog spécialisé SOC The first days of December 2023 were rattled by ALPHV/BlackCat ransomware group, known for its... ]]> 2023-12-04T13:33:24+00:00 https://socradar.io/alphv-blackcat-ransomware-attack-on-tipalti-threatening-tipaltis-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8419017 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future L'Université DePauw a averti cette semaine les étudiants que leurs informations personnelles pourraient avoir été accessibles par des pirates qui ont attaqué l'école.Le journal de l'école a rapporté que le 27 novembre, les élèves actuels et potentiels ont reçu des lettres notifiant les lettreseux d'une fuite de données et leur fournissant un an de services de protection d'identité gratuits.Les arts libéraux

---

DePauw University warned students this week that their personal information may have been accessed by hackers who attacked the school. The school newspaper reported that on November 27, current and prospective students were sent letters notifying them of a data leak and providing them with one year of free identity protection services. The liberal arts]]> 2023-12-04T13:00:00+00:00 https://therecord.media/depauw-university-warns-of-data-breach-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8419000 False Ransomware,Data Breach None 2.0000000000000000 Kaspersky - Kaspersky Research blog Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.]]> 2023-12-04T11:00:17+00:00 https://securelist.com/ksb-2023-statistics/111156/ www.secnews.physaphae.fr/article.php?IdArticle=8418971 False Threat,Ransomware,Malware,Studies,Vulnerability None 2.0000000000000000 The State of Security - Magazine Américain Over sixty credit unions across the United States have been taken offline following a ransomware attack at one of their technology providers - demonstrating once again the damage that can be caused by a supply-chain attack . There are a few moving parts here, so here\'s a quick summary: Trellance - A provider of solutions and services used by credit unions, and the parent company of FedComp. FedComp - a provider of software and services that enable credit unions to operate around the world. Ongoing Operations - a unit of Trellance, which specialises in disaster recovery and business recovery...]]> 2023-12-04T10:05:37+00:00 https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions www.secnews.physaphae.fr/article.php?IdArticle=8419048 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the deployment of CACTUS ransomware," the Microsoft Threat Intelligence team said in a series of posts on X (]]> 2023-12-04T09:50:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html www.secnews.physaphae.fr/article.php?IdArticle=8418912 False Threat,Ransomware None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-04T07:10:47+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/using-behavioral-ai-to-quash-payroll-diversion www.secnews.physaphae.fr/article.php?IdArticle=8419043 False Threat,Ransomware,Tool Yahoo 2.0000000000000000 AhnLab - Korean Security Firm Un service de bureau à distance fait référence à la fonctionnalité qui permet le contrôle à distance d'autres PC.Dans Windows, ce service est fourni par défaut via le protocole de bureau distant (RDP).Cela signifie que si le système cible est un environnement Windows, RDP peut être utilisé pour contrôler cette cible distante sans avoir à installer des outils de télécommande supplémentaires.Pour la télécommande, l'opérateur doit avoir des informations d'identification de compte pour le système cible et se connecter à l'aide de ces informations d'identification.En tant que tel, si ...

---

A remote desktop service refers to the feature that allows remote control of other PCs. In Windows, this service is provided by default through Remote Desktop Protocol (RDP). This means that if the target system is a Windows environment, RDP can be used to control this remote target without having to install additional remote control tools. For remote control, the operator is required to have account credentials for the target system and log in using these credentials. As such, if... ]]> 2023-12-04T01:13:29+00:00 https://asec.ahnlab.com/en/59439/ www.secnews.physaphae.fr/article.php?IdArticle=8418891 False Ransomware,Tool None 2.0000000000000000 Marco Ramilli - Blog Category: Ransomware Content: No samples have been attached. Source: tor Source Link: http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/0536c4fd-8644-47bd-add8-6d7c6bc54995 Threat Actor: ALPHV Victimology Country : USA Industry : Gaming Organization : roblox]]> 2023-12-03T07:35:06+00:00 https://marcoramilli.com/2023/12/03/detected-roblox-falls-victim-to-alphv-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8418755 True Threat,Ransomware None 2.0000000000000000 Marco Ramilli - Blog Category: Ransomware Content: They claim to have access to multiple Tipali systems since September 8th 2023. And have access to over 265GB+ of confidential business data. Source: tor Source Link: http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/0536c4fd-8644-47bd-add8-6d7c6bc54995 Threat Actor: ALPHV Victimology Country : USA Industry : Software Development Organization : tipalti]]> 2023-12-03T07:27:44+00:00 https://marcoramilli.com/2023/12/03/detected-tipalti-falls-victim-to-alphv-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8418756 False Threat,Ransomware None 2.0000000000000000 Marco Ramilli - Blog Category: Ransomware Content: Group claims to have publish the organizations data on 14 Dec, 2023 Source: tor Source Link: http://lockbitapt2d73krlbewgv27tquljgxr33xbwwsp6rkyieto7u4ncead.onion/post/XgSBRG356wX2Neuk656b95f474870 Threat Actor: LOCKBIT 3.0 Victimology Country : USA Industry : Education Organization : bayonne school district-bboed]]> 2023-12-02T23:32:25+00:00 https://marcoramilli.com/2023/12/02/detected-bayonne-public-schools-falls-victim-to-lockbit-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8418671 False Threat,Ransomware None 1.00000000000000000000 Recorded Future - FLux Recorded Future Le département américain de la santé et des services sociaux avertit les hôpitaux et les établissements de santé à travers le pays pour corriger une vulnérabilité connue sous le nom de «saignement Citrix» qui est utilisé dans les attaques par des gangs de ransomware.Pendant des semaines, les experts en cybersécurité et les principaux agences de cyber-défense à travers le monde ont publié des avertissements frappés à propos des cybercriminauxet les États-nations

---

The U.S. Department of Health and Human Services is warning hospitals and healthcare facilities across the country to patch a vulnerability known as “Citrix Bleed” that is being used in attacks by ransomware gangs. For weeks, cybersecurity experts and the leading cyber defense agencies across the globe have released stark warnings about cybercriminals and nation-states]]> 2023-12-01T22:00:00+00:00 https://therecord.media/hhs-warns-of-citrix-bleed-bug www.secnews.physaphae.fr/article.php?IdArticle=8418439 False Ransomware,Vulnerability None 2.0000000000000000 Recorded Future - FLux Recorded Future Environ 60 coopératives de crédit traitent des pannes en raison d'une attaque de ransomware contre un fournisseur de technologie largement utilisé.Le porte-parole de la National Credit Union Administration (NCUA), Joseph Adamoli, a déclaré que l'attaque des ransomwares visait les opérations en cours des services de services cloud, une entreprise détenu par la société de technologie de crédit Trellance.Adamoli a déclaré que la NCUA, qui réglemente les coopératives de crédit à

---

About 60 credit unions are dealing with outages due to a ransomware attack on a widely-used technology provider. National Credit Union Administration (NCUA) spokesperson Joseph Adamoli said the ransomware attack targeted the cloud services provider Ongoing Operations, a company owned by credit union technology firm Trellance. Adamoli said the NCUA, which regulates credit unions at]]> 2023-12-01T21:00:00+00:00 https://therecord.media/credit-unions-facing-outages-due-to-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8418440 False Ransomware,Cloud None 3.0000000000000000 Kaspersky - Kaspersky Research blog Mobile threat statistics for Q3 2023 include data on malware, adware, banking Trojans and ransomware for Android devices.]]> 2023-12-01T10:00:31+00:00 https://securelist.com/it-threat-evolution-q3-2023-mobile-statistics/111224/ www.secnews.physaphae.fr/article.php?IdArticle=8418266 False Threat,Ransomware,Malware,Mobile,Mobile None 3.0000000000000000 Kaspersky - Kaspersky Research blog PC malware statistics for Q3 2023 include data on miners, ransomware, banking Trojans and other threats to Windows, macOS and IoT equipment.]]> 2023-12-01T10:00:03+00:00 https://securelist.com/it-threat-evolution-q3-2023-non-mobile-statistics/111228/ www.secnews.physaphae.fr/article.php?IdArticle=8418268 False Threat,Ransomware,Malware,Studies None 3.0000000000000000 Dark Reading - Informationweek Branch Cybercriminals use legal search terms to ensnare unwitting victims, then launch ransomware or business email compromise attacks.]]> 2023-11-30T22:22:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/law-firms-face-a-more-dangerous-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8418174 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le gang Black Basta Cybercrime a récolté au moins 107 millions de dollars de paiements de rançon depuis le début de 2022, selon les recherches de la société de sécurité blockchain Elliptic et Corvus Insurance.Le groupe a infecté plus de 329 organisations avec des ransomwares tout au long de son temps, et L'analyse des entreprises \\ ' des transactions blockchain montre des liens entre Black Basta

---

The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 organizations with ransomware throughout its time operating, and the companies\' analysis of blockchain transactions shows links between Black Basta]]> 2023-11-30T21:28:00+00:00 https://therecord.media/blackbasta-ransom-payments www.secnews.physaphae.fr/article.php?IdArticle=8418162 False Ransomware,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access," Arctic Wolf]]> 2023-11-30T16:46:00+00:00 https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html www.secnews.physaphae.fr/article.php?IdArticle=8418040 False Threat,Ransomware,Cloud,Vulnerability None 2.0000000000000000 The Register - Site journalistique Anglais Assumed Conti offshoot averages 7 figures for each successful attack but may have issues with, er, \'closing deals\' The Black Basta ransomware group has reportedly generated upwards of $100 million in revenue since it started operations in April 2022.…]]> 2023-11-30T13:15:07+00:00 https://go.theregister.com/feed/www.theregister.com/2023/11/30/black_basta_ransomware_operation_extorts/ www.secnews.physaphae.fr/article.php?IdArticle=8418063 False Ransomware None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Les techniques de désinformation et de manipulation employées par les cybercriminels deviennent de plus en plus sophistiquées en raison de la mise en œuvre de l'intelligence artificielle dans leurs systèmes que l'ère post-vérité a atteint de nouveaux sommets avec l'avènement de l'intelligence artificielle (IA).Avec la popularité croissante et l'utilisation d'outils d'IA génératifs tels que Chatgpt, la tâche de discerner entre ce qui est réel et faux est devenu plus compliqué, et les cybercriminels tirent parti de ces outils pour créer des menaces de plus en plus sophistiquées.Vérifier Pont Software Technologies a constaté qu'une entreprise sur 34 a connu une tentative d'attaque de ransomware au cours des trois premiers trimestres de 2023, une augmentation [& # 8230;]

---

>The disinformation and manipulation techniques employed by cybercriminals are becoming increasingly sophisticated due to the implementation of Artificial Intelligence in their systems The post-truth era has reached new heights with the advent of artificial intelligence (AI). With the increasing popularity and use of generative AI tools such as ChatGPT, the task of discerning between what is real and fake has become more complicated, and cybercriminals are leveraging these tools to create increasingly sophisticated threats. Check Pont Software Technologies has found that one in 34 companies have experienced an attempted ransomware attack in the first three quarters of 2023, an increase […] ]]> 2023-11-30T13:00:15+00:00 https://blog.checkpoint.com/artificial-intelligence/information-is-power-but-misinformation-is-just-as-powerful/ www.secnews.physaphae.fr/article.php?IdArticle=8418065 False Ransomware,Tool ChatGPT,ChatGPT 2.0000000000000000 SecurityWeek - Security News Le Black Basta Ransomware Group a infecté plus de 300 victimes et a reçu plus de 100 millions de dollars en paiements de rançon.

---

>The Black Basta ransomware group has infected over 300 victims and received more than $100 million in ransom payments. ]]> 2023-11-30T13:00:00+00:00 https://www.securityweek.com/black-basta-ransomware-group-received-over-100-million-from-90-victims/ www.secnews.physaphae.fr/article.php?IdArticle=8418081 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. [...]]]> 2023-11-30T12:46:34+00:00 https://www.bleepingcomputer.com/news/security/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8418131 False Ransomware,Vulnerability None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Researchers identify scores of cryptocurrency payments]]> 2023-11-30T09:30:00+00:00 https://www.infosecurity-magazine.com/news/black-basta-ransomware-group-100/ www.secnews.physaphae.fr/article.php?IdArticle=8418016 False Ransomware None 2.0000000000000000 ProofPoint - Cyber Firms Proofpoint has made more investments in our Aegis threat protection platform this year that can help support our federal agency customer]]> 2023-11-30T07:23:34+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/enhancements-federal-solutions www.secnews.physaphae.fr/article.php?IdArticle=8418095 False Threat,Ransomware,Spam,Malware,Cloud,Industrial,Commercial,Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch Black Hat speaker and 13-year-old ethical hacker Marco Liberale talks about his interest in cybersecurity, and what opportunities he has in Saudi Arabia.]]> 2023-11-29T22:30:00+00:00 https://www.darkreading.com/cybersecurity-careers/Q&A-saudi-teenage-hacker-talks-about-getting-into-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8417919 False Ransomware None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Description The Cybereason Security Services Team is investigating incidents that involve variants of the DJvu ransomware delivered via loader payloads masquerading as freeware or cracked software.  While this attack pattern is not new, incidents involving a DJvu variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers. #### Reference URL(s) 1. https://www.cybereason.com/blog/threat-alert-djvu-variant-delivered-by-loader-masquerading-as-freeware #### Publication Date November 28, 2023 #### Author(s) Cybereason Security Research Team ]]> 2023-11-29T21:32:15+00:00 https://community.riskiq.com/article/faddd316 www.secnews.physaphae.fr/article.php?IdArticle=8417910 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais vulnérabilité de sécurité

---

Dig Security released new research that explores encryption and data protection stats, and today\'s top ransomware techniques: Understand Ransomware to Protect Your Data in the Cloud. - Security Vulnerability]]> 2023-11-29T20:31:15+00:00 https://www.globalsecuritymag.fr/Dig-Security-released-ransomware-research.html www.secnews.physaphae.fr/article.php?IdArticle=8417894 False Ransomware,Guideline,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Organizations from the Middle East and Africa have typically escaped public ransoms, but that\'s changing amid heightened geopolitical conflicts and digitalization initiatives.]]> 2023-11-29T16:57:00+00:00 https://www.darkreading.com/vulnerabilities-threats/ransomware-attacks-strike-south-africa-decline-in-uae www.secnews.physaphae.fr/article.php?IdArticle=8417835 False Ransomware None 2.0000000000000000 Dark Reading - Informationweek Branch In a rare instance of an overseas arrest of ransomware perpetrators, four other high-profile gang members were also seized.]]> 2023-11-29T16:15:00+00:00 https://www.darkreading.com/cybersecurity-operations/ringleader-of-prolific-ransomware-gang-arrested-in-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8417836 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. [...]]]> 2023-11-29T13:19:51+00:00 https://www.bleepingcomputer.com/news/security/black-basta-ransomware-made-over-100-million-from-extortion/ www.secnews.physaphae.fr/article.php?IdArticle=8417868 False Ransomware None 2.0000000000000000 The Register - Site journalistique Anglais CRM databases were accessed and library users are advised to change passwords The Rhysida ransomware group has published most of the data it claimed to have stolen from the British Library a month after the attack was disclosed.…]]> 2023-11-29T12:30:12+00:00 https://go.theregister.com/feed/www.theregister.com/2023/11/29/british_library_begins_contacting_customers/ www.secnews.physaphae.fr/article.php?IdArticle=8417785 False Ransomware None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC get the 2022 report). Get the complimentary 2023 report.  The robust quantitative field survey reached 1,418 security, IT, application development, and line of business professionals worldwide. The qualitative research tapped subject matter experts across the cybersecurity industry. Transportation-specific respondents equal 202. At the onset of our research, we established the following hypotheses. Momentum edge computing has in the market. Approaches to connecting and securing the edge ecosystem – including the role of trusted advisors to achieve edge goals. Perceived risk and perceived benefit of the common use cases in each industry surveyed. The results focus on common edge use cases in seven vertical industries – healthcare, retail, finance, manufacturing, energy and utilities, transportation, and U.S. SLED- delivering actionable advice for securing and connecting an edge ecosystem, including external trusted advisors. Finally, it examines cybersecurity and the broader edge ecosystem of networking, service providers, and top use cases. The role of IT is shifting, embracing stakeholders at the ideation phase of development. Edge computing is a transformative technology that brings together various stakeholders and aligns their interests to drive integrated business outcomes. The emergence of edge computing has been fueled by a generation of visionaries who grew up in the era of smartphones and limitless possibilities. Look at the infographic below for a topline summary of key findings in the transportation industry. In this paradigm, the role of IT has shifted from being the sole leader to a collaborative partner in delivering innovative edge computing solutions. In addition, we found that transportation leaders are budgeting differently for edge use cases. These two things, along with an expanded approach to securing edge computing, were prioritized by our respondents in the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem. One of the most promising aspects of edge computing is its potential to effectively use near-real-time data for tighter control of variable operations such as inventory and supply chain management that deliver improved operational efficiency. Adding new endpoints is essential for collecting the data, but how they’re connected can make them vulnerable to cyberattacks. Successful cyberattacks can disrupt services, highlighting the need for robust cybersecurity measures. Edge computing brings the data closer to where decisions are made. With edge computing, the intelligence required to make decisions, the networks used to capture and transmit data, and the use case management are distributed. Distributed means things work faster because nothing is backhauled to a central processing area such as a data center and delivers the near-real-time experience. With this level of complexity, it’s common to re-evaluate decisions regarding security, data storage, or networking. The report shares emerging trends as transportation continues exploring edge computing use cases. One area that’s exam]]> 2023-11-29T12:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/get-the-att-cybersecurity-insightsreport-focus-on-transportation www.secnews.physaphae.fr/article.php?IdArticle=8417783 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers," Cybereason]]> 2023-11-29T11:25:00+00:00 https://thehackernews.com/2023/11/djvu-ransomwares-latest-variant-xaro.html www.secnews.physaphae.fr/article.php?IdArticle=8417699 False Ransomware None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Law enforcement and judicial authorities from seven countries, in collaboration with Europol and Eurojust, have united to dismantle... ]]> 2023-11-29T10:06:01+00:00 https://industrialcyber.co/ransomware/global-law-enforcement-collaboration-strikes-against-ransomware-networks-targeting-large-corporations/ www.secnews.physaphae.fr/article.php?IdArticle=8418426 False Ransomware None 3.0000000000000000 ProofPoint - Cyber Firms 2023-11-28T23:05:04+00:00 https://www.proofpoint.com/us/blog/ciso-perspectives/proofpoints-2024-predictions-brace-impact www.secnews.physaphae.fr/article.php?IdArticle=8417740 False Threat,Ransomware,Malware,Tool,Prediction,Prediction,Mobile,Vulnerability ChatGPT,ChatGPT 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Description The Trigona ransomware, first tracked by Trend Micro as Water Ungaw, emerged in October 2022 but binaries of the ransomware were seen as early as June of the same year. The group positioned itself as running a lucrative scheme, launching global attacks and advertising revenues up to 20% to 50% for each successful attack.The group was also reported as communicating with network access brokers who provide compromised credentials via the Russian Anonymous Marketplace (RAMP) forum\'s internal chats and using the sourced information to obtain initial access to targets. In April 2023, Trigona started targeting compromised Microsoft SQL (MSSQL) Servers via brute-force attacks. A month later, a Linux version of Trigona was found that shared similarities with its Windows counterpart. The Trigona ransomware is also linked to CryLock due to their similarities in tactics, techniques, and procedures (TTPs), ransom note file name, and email addresses used. Trigona ransomware targeted government organizations the most, with attack attempts making up 21.4% of total detections, according to feedback from Trend customers who detailed the industries in which they belong. Trigona also targeted enterprises in the technology, retail, fast-moving consumer goods, and banking industries. The group set its sights on small- and medium-sized businesses, which made up more than half of the group\'s total victims from April to October 2023. Trigona compromised a total of 33 organizations within the aforementioned period. #### Reference URL(s) 1. https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-trigona #### Publication Date November 28, 2023 #### Author(s) Trend Micro Research ]]> 2023-11-28T21:56:39+00:00 https://community.riskiq.com/article/c02ee065 www.secnews.physaphae.fr/article.php?IdArticle=8417638 False Ransomware,Prediction None 3.0000000000000000 Dark Reading - Informationweek Branch The company\'s power production remains in operation, and authorities have been notified of the attack.]]> 2023-11-28T20:21:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/slovenia-power-provider-hse-suffers-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8417637 False Ransomware None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La police d'Ukraine a arrêté un homme de 32 ans qui, selon lui, était le "chef" d'un groupe, ainsi que "ses quatre complices les plus actifs", selon une traduction Google d'une déclaration publiée par la cyber-police ukrainienne.

---

>Police in Ukraine arrested a 32-year-old man they say was the "leader" of a group, as well as "his four most active accomplices," according to a Google translation of a statement issued by the Ukrainian Cyber Police. ]]> 2023-11-28T19:51:36+00:00 https://cyberscoop.com/ransomware-gang-broken-up-in-ukraine-as-a-result-of-international-operation/ www.secnews.physaphae.fr/article.php?IdArticle=8417614 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Utimaco introduces u.trust LAN Crypt Cloud, a cloud-based file encryption management solution for easy, strong data protection With ransomware and other cyber-attacks at an all-time high in 2023, it is more important than ever for organizations to protect their data - Product Reviews]]> 2023-11-28T17:28:14+00:00 https://www.globalsecuritymag.fr/Utimaco-introduces-u-trust-LAN-Crypt-Cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8417580 False Ransomware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Fawry confirms addresses, phone numbers, and dates of birth, leaked online.]]> 2023-11-28T17:20:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/fawry-recovering-from-lockbit-ransomware-attack- www.secnews.physaphae.fr/article.php?IdArticle=8417573 False Ransomware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Non-urgent procedures are being rescheduled, emergency room patients redirected to other hospitals]]> 2023-11-28T16:30:00+00:00 https://www.infosecurity-magazine.com/news/ardent-health-services-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8417561 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old ringleader," Europol said in a statement today. "Four of the ringleader\'s most active accomplices were]]> 2023-11-28T16:03:00+00:00 https://thehackernews.com/2023/11/key-cybercriminals-behind-notorious.html www.secnews.physaphae.fr/article.php?IdArticle=8417481 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world\'s largest automotive parts suppliers. [...]]]> 2023-11-28T14:39:29+00:00 https://www.bleepingcomputer.com/news/security/qilin-ransomware-claims-attack-on-automotive-giant-yanfeng/ www.secnews.physaphae.fr/article.php?IdArticle=8417611 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Des agents de l'application des lois de sept pays ont déclaré avoir arrêté des membres clés d'un gang de ransomware de haut niveau qui opérait en Ukraine.Depuis 2018, les membres du groupe \\ ont crypté plus de 1 000 serveurs de grandes entreprises dans le monde, causant au moins 82 millions de dollars de dommagesGryven-Zbytkiv-Kiberpolicziya-Ta-Slidchi-Naczpolu-Vykryly-Xakeriv-yaki-Attakuvaly-Providni-Svitovi-Kompaniyi-1780 / "> Selon la police ukrainienne .Les pirates ont exigé des paiements de rançon en crypto-monnaie.Parmi

---

Law enforcement officers from seven countries said they have arrested key members of a high-profile ransomware gang that was operating from Ukraine. Since 2018, the group\'s members have encrypted over 1,000 servers of large enterprises worldwide, causing at least $82 million in damages, according to Ukrainian police. The hackers demanded ransom payments in cryptocurrency. Among]]> 2023-11-28T14:19:00+00:00 https://therecord.media/ransomware-gang-suspects-arrested-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8417534 False Ransomware,Legislation None 2.0000000000000000 HackRead - Chercher Cyber Par deeba ahmed La société de victimes, Gellyberry Studios, un studio de jeu indépendant, a développé l'éthyrial: Echoes of yore. Ceci est un article de HackRead.com Lire le post original: Ethyrial: échos d'antan frappé par les ransomwares, comptes de joueurs supprimés

---

>By Deeba Ahmed The victim company, Gellyberry Studios, an independent game studio, developed Ethyrial: Echoes of Yore. This is a post from HackRead.com Read the original post: Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted]]> 2023-11-28T13:55:33+00:00 https://www.hackread.com/ethyrial-echoes-of-yore-ansomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8417512 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future Le conseil municipal de Gloucester dans les West Midlands d'Angleterre a été contraint de dépenser plus que & Pound; 1,1 million (1,39 million de dollars) pour se remettre d'une attaque de ransomware en décembre 2021, selon L'agenda publié d'une réunion du conseil qui a eu lieu lundi.La réunion a suivi le Conseil recevant une réprimande officielle par le commissaire à l'information \\

---

Gloucester City Council in the West Midlands of England was forced to spend more than £1.1 million ($1.39 million) to recover from a ransomware attack in December 2021, according to the published agenda of a council meeting that took place on Monday. The meeting followed the council receiving a formal reprimand by the Information Commissioner\'s]]> 2023-11-28T13:35:00+00:00 https://therecord.media/gloucester-city-council-ransomware-response-ico-reprimand www.secnews.physaphae.fr/article.php?IdArticle=8417513 False Ransomware None 2.0000000000000000 BBC - BBC News - Technology Cyber police carry out raids to dismantle gang responsible for hacking hundreds of organisations.]]> 2023-11-28T13:15:24+00:00 https://www.bbc.co.uk/news/technology-67556607?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=8417553 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack. [...]]]> 2023-11-28T12:09:29+00:00 https://www.bleepingcomputer.com/news/security/dp-world-confirms-data-stolen-in-cyberattack-no-ransomware-used/ www.secnews.physaphae.fr/article.php?IdArticle=8417569 False Ransomware None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Richard’s Almanack in 1768, it was preceded by the cautionary words: “a little neglect may breed great mischief”. This simple proverb and added comment serve as emblematic examples of how seemingly inconsequential missteps or neglect can lead to sweeping, irreversible, catastrophic losses. The cascade of events resonates strongly within the increasingly complex domain of cybersecurity, in which the omission of even the most elementary precaution can result in a spiraling series of calamities. Indeed, the realm of cybersecurity is replete with elements that bear striking resemblance to the nail, shoe, horse, and rider in this proverb. Consider, for example, the ubiquitous and elementary software patch that may be considered the proverbial digital "nail." In isolation, this patch might seem trivial, but its role becomes crucial when viewed within the broader network of security measures. The 2017 WannaCry ransomware attack demonstrates the significance of such patches; an unpatched vulnerability in Microsoft Windows allowed the malware to infiltrate hundreds of thousands of computers across the globe. It wasn\'t just a single machine that was compromised due to this overlooked \'nail,\' but entire networks, echoing how a lost shoe leads to a lost horse in the proverb. This analogy further extends to the human elements of cybersecurity. Personnel tasked with maintaining an organization\'s cyber hygiene play the role of the "rider" in our metaphorical tale. However, the rider is only as effective as the horse they ride; likewise, even the most skilled IT professional cannot secure a network if the basic building blocks—the patches, firewalls, and antivirus software—resemble missing nails and shoes. Numerous reports and studies have indicated that human error constitutes one of the most common causes of data breaches, often acting as the \'rider\' who loses the \'battle\'. Once the \'battle\' of securing a particular network or system is lost, the ramifications can extend much further, jeopardizing the broader \'kingdom\' of an entire organization or, in more extreme cases, critical national infrastructure. One glaring example that serves as a cautionary tale is the Equifax data breach of 2017, wherein a failure to address a known vulnerability resulted in the personal data of 147 million Americans being compromised. Much like how the absence of a single rider can tip the scales of an entire battle, this singular oversight led to repercussions that went far beyond just the digital boundaries of Equifax, affecting millions of individuals and shaking trust in the security of financial systems. ]]> 2023-11-28T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/for-want-of-a-cyber-nail-the-kingdom-fell www.secnews.physaphae.fr/article.php?IdArticle=8417468 False Ransomware,Data Breach,Malware,Vulnerability Wannacry,Wannacry,Equifax,Equifax 2.0000000000000000 SecurityWeek - Security News L'attaque de ransomware oblige les hôpitaux ardents à fermer les systèmes, un impact sur les opérations cliniques et financières.

---

>Ransomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations. ]]> 2023-11-28T09:53:13+00:00 https://www.securityweek.com/ardent-hospitals-diverting-patients-following-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8417463 False Ransomware,Medical None 2.0000000000000000