The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Threatpost

SEPTEMBER 29, 2021

The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.

Backups 103

Backups Ransomware Software Malware 103

SecureWorld News

JANUARY 19, 2023

That is how James McQuiggan, CISSP, Security Awareness Advocate for KnowBe4, kicked off the recent SecureWorld Remote Sessions webcast titled, "Ransomware, Ransom-war, and Ran-some-where: What We Can Learn When the Hackers Get Hacked." Some scary statistics: Ransomware attacks increased 13% from 2020 to 2021.

Hacking 87

Hacking Backups Ransomware Retail 87

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 107

Ransomware Encryption Backups Malware 107

Security Affairs

SEPTEMBER 13, 2023

3AM is a new strain of ransomware that was spotted in a single incident in which the threat actors failed to deploy the LockBit ransomware in the target infrastructure. The threat actors managed to deploy the ransomware to three computers on the target organization’s network, but it was blocked on two of those three machines.

Ransomware 109

Ransomware Encryption Cybercrime Backups 109

Security Affairs

APRIL 25, 2024

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply. Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 98

Ransomware Retail Cyber Attacks Backups 98

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. Reached by phone today, Jansson said he quit the company in August, right around the time Gunnebo disclosed the thwarted ransomware attack.

Hacking 344

Hacking Ransomware Banking Accountability 344

IT Security Guru

SEPTEMBER 28, 2023

The landscape of ransomware has undergone rapid evolution, shifting from a relatively straightforward form of malicious software primarily affecting individual computer users, to a menacing enterprise-level threat that has inflicted substantial harm on various industries and government institutions.

Ransomware 118

Ransomware Encryption Backups Social Engineering 118

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. SecurityAffairs – hacking, Avaddon).

Ransomware 124

Ransomware Backups Antivirus DDOS 124

Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The FBI continues to observe ransomware operators abusing third-party vendors and services as an attack vector. ” reported the PIN.

Ransomware 100

Ransomware Backups Encryption Phishing 100

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware 137

Ransomware Backups Malware Firewall 137

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The company said that the ransomware attack took place on Friday night and impacted only one data center in Sweden. The company later confirmed the news of an Akira ransomware attack.

Ransomware 101

Ransomware VPN Government Retail 101

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 120

Malware Antivirus Software Passwords 120

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 276

Healthcare Ransomware Antivirus Software 276

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 135

Ransomware Encryption Backups Malware 135

Security Affairs

AUGUST 21, 2020

Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. Maze ransomware operators claim to be in possession of the company’s sensitive data and are threatening to release it. SecurityAffairs – hacking, Maze Ransomware Operators).

Ransomware 123

Ransomware Hacking Advertising Backups 123

Security Affairs

MAY 26, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fix it now!

Healthcare 94

Healthcare Spyware Data breaches Banking 94

eSecurity Planet

APRIL 6, 2023

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability to cripple organizations by locking their data is a threat like no other.

Ransomware 98

Ransomware Backups Encryption Cybersecurity 98

Krebs on Security

JUNE 9, 2020

that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. The average ransomware payment by ransomware strain.

Ransomware 357

Ransomware System Administration Backups Technology 357

Malwarebytes

DECEMBER 14, 2023

The ALPHV ransomware gang, arguably the second most dangerous “big game” ransomware operator, appears to be back in business after its infrastructure went down for five days. ALPHV wouldn’t be the first ransomware gang to suffer problems behind the scenes. But all does not appear to be going well for group.

Ransomware 86

Ransomware Backups Encryption Malware 86

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. The threat actors demand the payment of 3.5

Ransomware 105

Ransomware Backups Encryption Healthcare 105

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 92

Ransomware Antivirus Encryption Backups 92

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 116

Ransomware Backups Healthcare Firewall 116

NetSpi Executives

APRIL 27, 2024

Table of Contents What is ransomware? Ransomware trends Ransomware prevention Ransomware detection Ransomware simulation Ransomware security terms How NetSPI can help What is ransomware? Ransomware adversaries hold the data hostage until a victim pays the ransom. How does ransomware work?

Ransomware 52

Ransomware Cyber Insurance Backups Insurance 52

eSecurity Planet

JULY 12, 2022

The first signs of the ransomware attack at data storage vendor Spectra Logic were reports from a number of IT staffers about little things going wrong at the beginning of the day. Screens then started to display a ransom demand, which said files had been encrypted by the NetWalker ransomware virus. The ransom demand was $3.6

Ransomware 144

Ransomware Cyber Insurance Backups Insurance 144

Security Affairs

AUGUST 10, 2020

Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group , an independent European leader in multi-technical services. Pierluigi Paganini.

Ransomware 103

Ransomware Hacking Advertising Backups 103

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. Last month, the U.S. healthcare organizations.

Healthcare 274

Healthcare Backups Ransomware Insurance 274

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. At the time of this writing, the Loren group has started uploading the stolen data (95%) US Healthcare organizations continue to be a privileged target of ransomware gangs.

Ransomware 118

Ransomware Healthcare Encryption Cyber Attacks 118

The Last Watchdog

FEBRUARY 20, 2023

Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. Amos These are just a handful of examples of ransomware attacks in the last year.

Ransomware 124

Ransomware Education Hacking Backups 124

SiteLock

AUGUST 27, 2021

File backups are essential to the security of any site. With regular, tested website backups, you can recover your site easily from any of the following issues: hardware failures. ransomware. Websites Damaged By Malware. We clean a lot of malware. And sometimes malware damages site files beyond repair.

Backups 52

Backups Malware Firewall Accountability 52

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. Other ransomware attacks recently hit US hospitals. Threat actors continue to target hospitals.

Ransomware 115

Ransomware Healthcare Data breaches Cyber Attacks 115

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 119

Ransomware Backups Encryption DNS 119

Security Affairs

DECEMBER 25, 2021

Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. New ransomware variant, "Rook Ransomware", found on VT practicing searches/hunting on my day off. “The ransomware attempts to terminate any process that may interfere with encryption.

Ransomware 110

Ransomware Malware Encryption Backups 110

Security Affairs

APRIL 23, 2021

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. QNAP is urgently working on a solution to remove malware from infected devices.”

Ransomware 112

Ransomware Backups Media Malware 112

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 78

Energy and Utilities Ransomware Backups Malware 78

Security Affairs

MAY 2, 2021

Swiss cloud hosting provider Swiss Cloud has suffered a ransomware attack that seriously impacted its server infrastructure. On April 27 the Swiss cloud hosting provider was hit by a ransomware attack that brought down the company’s server infrastructure. The backup systems can be used for recovery. Pierluigi Paganini.

Ransomware 121

Ransomware Backups Cyber Attacks Malware 121

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware 85

Ransomware Antivirus Backups Malware 85