Krebs on Security

NOVEMBER 2, 2021

A number of publications in September warned about the emergence of “ Groove ,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. 22 on RAMP , a new and fairly exclusive Russian-language darknet cybercrime forum. Sometime in the last week, Groove’s darknet blog disappeared.

Ransomware 256

Ransomware Cybercrime VPN Media 256

Graham Cluley

MAY 11, 2023

Akira is a new family of ransomware, first used in cybercrime attacks in March 2023. Read more about the threat in my article on the Tripwire State of Security blog.

Ransomware 110

Ransomware Cybercrime Data breaches Malware 110

Heimadal Security

MARCH 1, 2024

Change Healthcare, a subsidiary of UnitedHealth Group, has fallen victim to a ransomware attack orchestrated by the notorious cybercrime gang ALPHV/BlackCat. Change Healthcare is […] The post Massive Ransomware Attack Disrupts US Healthcare: Behind it, ALPHV/BlackCat appeared first on Heimdal Security Blog.

Healthcare 90

Healthcare Ransomware Cybercrime Cybersecurity 90

Webroot

MAY 4, 2021

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. But that doesn’t necessarily mean you’ll see big spikes in ransomware or cryptojacking. The post How Cryptocurrency and Cybercrime Trends Influence One Another appeared first on Webroot Blog.

Cryptocurrency 142

Cryptocurrency Cybercrime Marketing Scams 142

Krebs on Security

JUNE 16, 2021

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims. The CLOP gang seized on those flaws to deploy ransomware to a significant number of Accellion’s FTA customers , including U.S.

Ransomware 321

Ransomware Cybercrime Malware Encryption 321

Heimadal Security

OCTOBER 4, 2021

President Joe Biden declared that this month the White House will convoke a 30-country meeting in order to try to jointly fight against cybercrime and disrupt ransomware attacks. The post Biden Administration Gathers 30 Countries for a Meeting on Cybercrime and Ransomware appeared first on Heimdal Security Blog.

Cybercrime 76

Cybercrime Ransomware Cybersecurity 76

Krebs on Security

MAY 11, 2020

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware.

Ransomware 341

Ransomware Retail Malware Data breaches 341

Security Boulevard

AUGUST 5, 2021

Ransomware. The post Ransomware 101: How to Keep Your Business Safe From the Latest Trend in Cybercrime appeared first on Hyperproof. The post Ransomware 101: How to Keep Your Business Safe From the Latest Trend in Cybercrime appeared first on Security Boulevard. Yes, that’s.

Cybercrime 104

Cybercrime Ransomware Data privacy Cybersecurity 104

Krebs on Security

JUNE 14, 2022

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web.

Ransomware 249

Ransomware Internet Internet Cybercrime 249

Security Boulevard

AUGUST 1, 2022

The post This was H1 2022 – Part 1 – The Fight Against Cybercrime appeared first on Radware Blog. The post This was H1 2022 – Part 1 – The Fight Against Cybercrime appeared first on Security Boulevard. To make matters worse, there was a lack of skilled security professionals who could […].

Cybercrime 119

Cybercrime Architecture Technology DDOS 119

Security Boulevard

APRIL 11, 2024

In recent years, cybercrime has become an increasingly familiar issue amongst cybersecurity professionals, with ransomware in particular commanding news […] The post Awkward Adolescence: Increased Risks Among Immature Ransomware Operators appeared first on Security Boulevard.

Risk 64

Risk Ransomware Cybercrime Cybersecurity 64

Security Boulevard

MARCH 3, 2024

Today, we’re turning the spotlight on LockBit ransomware attacks and the unprecedented $15 million bounty offered by the U.S. International cooperation against ransomware is essential in combating cyber threats and safeguarding digital infrastructures worldwide. government to dismantle its operations.

Ransomware 117

Ransomware Cyber threats Government Cyber Attacks 117

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. “There will be panic. 428 hospitals.”

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Heimadal Security

MAY 17, 2021

After the XSS Russian-speaking hacking forum announced last week it had completely banned ransomware sales, ransomware rental, and ransomware affiliate programs on their platform, it’s now Exploit’s turn to make the same decision. Source Exploit stated that the […]. Source Exploit stated that the […].

Cybercrime 53

Cybercrime Ransomware Advertising Hacking 53

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. To nominate, please visit:?.

Cybercrime 129

Cybercrime Education Accountability Phishing 129

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 296

Ransomware Backups Encryption Internet 296

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ransomware to evade sanctions. Pierluigi Paganini.

Hacking 128

Hacking Ransomware Cybersecurity Cybercrime 128

Heimadal Security

NOVEMBER 9, 2021

The REvil/Sodinokibi ransomware (AKA Sodin) is a great example of Ransomware-as-a-Service, a type of cybercrime where two parties collaborate on the hack: the code writers who create the ransomware, and the affiliates who distribute it and collect the payment. malicious software owner and/or creator) […].

Ransomware 101

Ransomware Architecture Cybercrime Software 101

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. ” reads the analysis published by Mandiant. .

Ransomware 129

Ransomware Cybercrime Malware Hacking 129

Heimadal Security

OCTOBER 21, 2022

It is not often that ransomware groups attack Russian corporate networks, however OldGremlin, also known as TinyScouts, is one of the few cybercrime gangs that primarily focuses on Russian companies. The post OldGremlin Attacks Russian Organizations via Linux Ransomware appeared first on Heimdal Security Blog.

Ransomware 92

Ransomware Cybercrime Encryption Malware 92

Heimadal Security

APRIL 28, 2023

RTM Locker is now the most recent enterprise-targeting ransomware operation found to be using a Linux encryptor to target virtual machines on VMware ESXi systems.

Ransomware 80

Ransomware Cybercrime Banking Cybersecurity 80

Graham Cluley

MARCH 15, 2023

In its latest Patch Tuesday bundle of security fixes, Microsoft has patched a security flaw that was being used by the Magniber cybercrime gang to help them infect computers with ransomware. Read more in my article on the Hot for Security blog.

Ransomware 75

Ransomware Cybercrime Malware 75

Heimadal Security

DECEMBER 9, 2022

Vice Society ransomware seemed to favor educational institutions in their attacks in 2022. The Cybercrime group targeted 33 schools in the last year, surpassing other threat actors like LockBit, BlackCat, BianLian, and Hive.

Education 92

Education Ransomware Manufacturing Healthcare 92

Heimadal Security

FEBRUARY 10, 2023

As part of a new coordinated action against international cybercrime, the UK and the US have sanctioned seven Russian cyber criminals today (Thursday, 9 February). Several ransomware strains have been developed or deployed by these individuals that have targeted the UK and US.

Ransomware 84

Ransomware Cybercrime Cybersecurity 84

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

Heimadal Security

NOVEMBER 22, 2022

The Malaysian low-cost airline belonging to AirAsia had some of its data leaked by the cybercrime group known as Daixin Team, following a ransomware attack earlier this month. The post AirAsia Falls Victim to Daixin Ransomware Gang appeared first on Heimdal Security Blog.

Ransomware 77

Ransomware Cybercrime Cybersecurity 77

Heimadal Security

MARCH 7, 2023

Europol announced via a press release that core members of the cybercrime gang behind the DoppelPaymer ransomware operation have been detained.

Ransomware 84

Ransomware Cybercrime Cybersecurity 84

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

Government 137

Government Ransomware Cybercrime Banking 137

Heimadal Security

JULY 6, 2021

We recently witnessed the appearance of a new ransomware strain that was dubbed as Diavol ransomware by the security researchers from FortiGuard Lab. Diavol ransomware could be linked to the Wizard Spider threat actor as the researchers discovered a few similarities in the M.O. appeared first on Heimdal Security Blog.

Ransomware 89

Ransomware Cybercrime Malware Cybersecurity 89

Security Affairs

APRIL 24, 2023

. “While the ultimate goal of the current activity leveraging PaperCut’s software is unknown, these links (albeit somewhat circumstantial) to a known ransomware entity are concerning. ” concludes the report published by Huntress.

Cybercrime 73

Cybercrime Software Education Ransomware 73

Krebs on Security

MAY 31, 2022

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti.

Ransomware 259

Ransomware Government Hacking Media 259

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. The message displayed at the top of the Maze Ransomware public shaming site. Follow the news!”

Ransomware 216

Ransomware Data breaches Healthcare Cybercrime 216

Security Affairs

NOVEMBER 1, 2022

Ransomware activity report: Threat actors are selling access to hundreds of organizations, with a cumulative requested price of around $4M. KELA identified around 600 victims by analyzing ransomware actors’ blogs and negotiation portals, data leak sites and public reports. SecurityAffairs – hacking, cybercrime).

Ransomware 92

Ransomware Cybercrime Hacking Information Security 92

SiteLock

AUGUST 2, 2021

You’ve likely heard of ransomware, the highly profitable cybercrime through which malicious actors gain unauthorized access to sensitive data and hold it hostage in exchange for a ransom, typically paid in cryptocurrency. With that in mind, you’re likely wondering “What is ransomware as a service?” What is […].

Ransomware 98

Ransomware Cryptocurrency Cybercrime Cyber Attacks 98

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware).

Ransomware 92

Ransomware Cybercrime Malware Hacking 92

The Hacker News

MAY 17, 2021

Just as Colonial Pipeline restored all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure.

Ransomware 117

Ransomware Cybercrime 117

Security Affairs

SEPTEMBER 12, 2021

Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 113

Ransomware Cybercrime Media Hacking 113