Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems. conduct penetration testing.

Energy and Utilities 121

Energy and Utilities Ransomware Banking Hacking 121

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware).

Ransomware 94

Ransomware Cybercrime Malware Hacking 94

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 224

Ransomware Accountability Cybercrime Backups 224

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 114

Hacking Ransomware Computers and Electronics Marketing 114

Security Affairs

APRIL 27, 2022

Conti ransomware gang continues to target organizations worldwide despite the massive data leak has shed light on its operations. Researchers from Secureworks state that the Conti ransomware gang, tracked as a Russia-based threat actor Gold Ulrick, continues to operate despite the recent data leak on its internal activities.

Ransomware 81

Ransomware Cybercrime Hacking Cybersecurity 81

Security Affairs

APRIL 19, 2023

Russian national Denis Mihaqlovic Dubnikov has been sentenced to time served for committing money laundering for the Ryuk ransomware operation. Russian national Denis Dubnikov (30) has been sentenced to time served for committing money laundering for the Ryuk ransomware group. The man was also ordered to pay $2,000 in restitution.

Ransomware 77

Ransomware Education Media Hacking 77

Security Affairs

JUNE 16, 2022

The BlackCat ransomware gang is targeting unpatched Exchange servers to compromise target networks, Microsoft warns. Microsoft researchers have observed BlackCat ransomware gang targeting unpatched Exchange servers to compromise organizations worldwide.

Ransomware 104

Ransomware Cybercrime Malware Advertising 104

Security Affairs

JUNE 16, 2022

ALPHV/BlackCat ransomware group began publishing victims’ data on the clear web to increase the pressure on them and force them to pay the ransom. ALPHV/BlackCat ransomware group has adopted a new strategy to force victims into paying the ransom, the gang began publishing victims’ data on the clear web to increase the pressure.

Ransomware 85

Ransomware Cybercrime Malware Advertising 85

The Last Watchdog

SEPTEMBER 7, 2022

The internet has drawn comparisons to the Wild West, making ransomware the digital incarnation of a hold-up. They could be on the other side of the globe, part of a cybercrime regime that will never be discovered, much less brought to justice. Ransomware usually starts with a phishing email. Prevalence. A typical attack.

Ransomware 124

Ransomware Education Financial Services Phishing 124

Security Affairs

MAY 12, 2023

The leak of the source code of the Babuk ransomware allowed 9 ransomware gangs to create their own ransomware targeting VMware ESXi systems. SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of the Babuk ransomware that was leaked in 2021.

Ransomware 97

Ransomware Encryption Hacking Cybersecurity 97

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The researchers assess with high confidence that the group is using the leaked Babuk ransomware source code.

Ransomware 87

Ransomware Encryption Cybercrime Insurance 87

eSecurity Planet

AUGUST 23, 2021

Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source. Evolving Ransomware Scene. million ransomware attacks in the first six months of 2021, compared with 121.5 There were 304.7

Ransomware 127

Ransomware Social Engineering Engineering VPN 127

Security Affairs

MAY 17, 2023

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks.

Ransomware 78

Ransomware Healthcare Cybercrime Encryption 78

Security Affairs

APRIL 25, 2022

Google’s Project Zero researchers reported that 58 zero-day were discovered in 2021 (28 zero-day were detected in 2020), which marks a record for the company since it started tracking these issues in mid 2014. Google researchers reported that the exploitation of the zero-days they saw in 2021 was not different from the past.

Ransomware 101

Ransomware Hacking Software Risk 101

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Starting from September 2022, the note was changed to Royal.

Encryption 97

Encryption Ransomware Malware Healthcare 97

Spinone

OCTOBER 10, 2019

The best way to stay up-to-date with the recent trends is by reading the top cybersecurity blogs. Here’s our list of the best cybersecurity blogs to read and follow. Securing Tomorrow SecuringTomorrow is a blog by McAfee, one of the biggest security software providers. Their main focus is on cybercrime investigations.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Affairs

MAY 20, 2023

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers. Some details: * 305.759.991 on luxottica_nice.csv * 74.417.098 unique email address * 2.590.076 unique domain mail I don't think it's the data from the ransomware attack. Luxottica Group S.p.A.

Data breaches 91

Data breaches Retail Hacking Ransomware 91

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. Another notable Ransomware trend: new methods of intimidation.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

Security Affairs

JUNE 10, 2022

The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the IT admins to shut down its infrastructure. The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy.

Ransomware 110

Ransomware Data breaches Cyber Attacks Surveillance 110

SiteLock

DECEMBER 7, 2021

2021 posed many cybersecurity challenges for companies around the world—and now, business leaders must prepare for what will likely be another year rife with new cyber breaches. It’s no secret that cybersecurity breaches can yield staggering cybercrime costs for your business. Finally, the second quarter of 2021 alone saw 367.3

Cybercrime 52

Cybercrime Identity Theft Ransomware Marketing 52

Security Affairs

SEPTEMBER 7, 2021

The leak site of the popular REvil ransomware gang is it is not clear if the group resumed operations or the FBI turned on its servers. Today the servers of the REvil ransomware gang were back online after around two months since their shutdown. ddd1ms) September 7, 2021. SecurityAffairs – hacking, ransomware).

Ransomware 86

Ransomware Media Hacking Cybercrime 86

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. ” . . To nominate, please visit:?

Manufacturing 85

Manufacturing Ransomware Hacking Risk 85

Security Affairs

OCTOBER 18, 2021

It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor hidden service. The REvil ransomware gang has shut down its operation once again after a threat actor has hijacked their Tor leak site and payment portal. ddd1ms) October 17, 2021. REvil gives additional update.

Ransomware 91

Ransomware Hacking Backups Media 91

SecureWorld News

MARCH 21, 2023

Ransomware has gone through several game-changing milestones over the course of its decade-long evolution. Two years later, a sketchy affiliate model called Ransomware-as-a-Service (RaaS) made its debut, thereby lowering the entry bar for wannabe threat actors. For instance, the felons hit the D.C.

Ransomware 86

Ransomware Encryption Adware Data breaches 86

Malwarebytes

MARCH 18, 2022

Among these interested parties TAG found the Conti and Diavol ransomware groups. Because Exotic Lily’s methods involved a lot of detail, they are believed to require a level of human interaction that is rather unusual for cybercrime groups focused on large scale operations. Initial access broker. Exotic Lily. Stay safe, everyone!

Ransomware 95

Ransomware Malware Social Engineering Media 95

Security Affairs

APRIL 19, 2022

Kaspersky discovered a flaw in the encryption process of the Yanluowang ransomware that allows victims to recover their files for free. Researchers from Kaspersky discovered a vulnerability in the encryption process of the Yanluowang ransomware that can be exploited to recover the files encrypted by the malware without paying the ransom.

Ransomware 90

Ransomware Encryption DDOS Malware 90

SecureWorld News

FEBRUARY 2, 2022

DeadBolt ransomware was recently used to target customers of QNAP, a Taiwanese company that produces network attached storage (NAS) devices. The attacks target a Zero-Day vulnerability that was patched in December 2021 which allows the threat actor to run arbitrary code on vulnerable devices exposed to the internet.

Ransomware 85

Ransomware Firmware Encryption Internet 85

McAfee

DECEMBER 29, 2020

With 2021 approaching, it is a time to both reflect on the outstanding progress we have each made – personally and professionally, and warmly welcome a new chapter in 2021!? . And, as our Advanced Threat Research team has reported, cybercriminals took full advantage of more ransomware, malware, and general bad behavior.

Architecture 96

Architecture Ransomware Cybercrime Government 96

Security Affairs

MAY 2, 2022

The REvil ransomware gang has resumed its operations, experts found a new encryptor and a new attack infrastructure. The Russian police arrested 14 alleged members of the ransomware gang and raided 25 addresses seizing computer equipment and cryptocurrency wallets. SecurityAffairs – hacking, REvil ransomware).

Ransomware 89

Ransomware Encryption Cryptocurrency Malware 89

Webroot

APRIL 7, 2021

With investors currently bullish on Bitcoin, is its high value is driving cybercriminals to pursue crypto-generating forms of cybercrime like ransomware and illicit miners? Famously volatile , a crash is widely expected to accompany the current bubble, perhaps before the end of 2021. Patient ones, at least.

Ransomware 85

Ransomware Cryptocurrency Marketing Cybercrime 85

BH Consulting

APRIL 13, 2021

The 2021 SANS Security Awareness Report offers an interesting look back over the past year. Report author Lance Spitzner of SANS blogged : “The more that managing human risk becomes a dedicated, prioritised effort, the more effective organizations will become at managing their human risk.” FBI finds cybercrime losses reached .

Cybercrime 52

Cybercrime Security Awareness IoT Risk 52

Security Affairs

MAY 13, 2023

The CheckMate ransomware operators have been targeting the Server Message Block (SMB) communication protocol used for file sharing to compromise their victims’ networks. That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites.

Ransomware 92

Ransomware Encryption Passwords Internet 92

The Last Watchdog

DECEMBER 19, 2022

Cybercrime is a big business. Related: IABs fuel ransomware surge. In some cases, they find vulnerable third parties that provide ways into larger targets, which is how hackers infiltrated the Red Cross in 2021. Ransomware correlation. As IABs continue to grow, so will ransomware.

Cybercrime 124

Cybercrime Digital transformation Ransomware Cybersecurity 124

Security Affairs

JULY 11, 2022

BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, has detected a significant increase in the value of ransom demand requests by the notorious Blackcat ransomware gang.

Ransomware 86

Ransomware Passwords Data breaches Technology 86

Security Affairs

MAY 8, 2022

The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The US Department of State offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. Pierluigi Paganini.

Ransomware 69

Ransomware Hacking Government Cybersecurity 69

Security Affairs

SEPTEMBER 16, 2021

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. The group asked $70 million worth of Bitcoin for decrypting all systems impacted in the Kaseya supply-chain ransomware attack. The Tor leak site, the payment website “decoder[.]re”,

Ransomware 88

Ransomware Encryption Media Hacking 88