2007, Information Security and Ransomware

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Security Affairs

DECEMBER 6, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware VPN Encryption Authentication

Grief ransomware gang hit US National Rifle Association (NRA)

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. In 2019, the U.S. Pierluigi Paganini.

Ransomware

Ransomware Banking Cybercrime Hacking

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. macaw extension to the file name of the encrypted files.

Ransomware

Ransomware Cybercrime Banking Encryption

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware

Ransomware Telecommunications Banking Advertising

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists. .”

Data breaches

Data breaches Education Ransomware Hacking

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. Experts from Sophos analyzed the code of Entropy ransomware employed in two distinct attacks. In 2019, the U.S.

Ransomware

Ransomware Malware Cybercrime Banking

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Engineering Software Malware

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access.

Banking

Banking Malware Advertising Hacking

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

The group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. SecurityAffairs – hacking, Epsilon Red ransomware). The post Russia-linked APT breached the network of Dutch police in 2017 appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Hacking Surveillance Ransomware

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware System Administration Hacking Media

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Dacls was first spotted by researchers at Qihoo 360 Netlab in December 2019 when it was used to target both Windows and Linux devices.

Malware

Malware Advertising Encryption Hacking

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. .” The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Cryptocurrency Password Management Encryption

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Antivirus Hacking Accountability

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Dacls is the first malware linked to the Lazarus group that targets Linux systems.

Malware

Malware Advertising Encryption Hacking

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “According to industry and press reporting, by 2018, Bluenoroff had attempted to steal over $1.1 ” continues the US Treasury.

Cyber Attacks

Cyber Attacks Hacking Cryptocurrency Banking

News URSNIF variant doesn’t support banking features

Security Affairs

OCTOBER 21, 2022

Given the success and sophistication RM3 previously had, LDR4 could be a significantly dangerous variant—capable of distributing ransomware—that should be watched closely.” ” Ursnif is one of the most and widespread common threats today delivered through malspam campaigns.

Banking

Banking Malware Hacking Ransomware

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Hacking Phishing Ransomware

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Software Cryptocurrency Financial Services

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Phishing

Phishing Hacking Cryptocurrency Encryption

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Advertising

Advertising Malware Passwords Accountability

HITRUST i1 Assessment control selection leverages security best practices, threat intelligence

CyberSecurity Insiders

DECEMBER 17, 2021

FRISCO, Texas–( BUSINESS WIRE )–HITRUST today announced it is addressing the need for a continuously-relevant cybersecurity assessment that aligns and incorporates best practices and leverages the latest threat intelligence to maintain applicability with information security risks and emerging cyber threats, such as ransomware.

Cyber threats

Cyber threats Information Security Risk Marketing

Great American Insurance Group Launches Innovative Cyber Risk Management Platform for Policyholders

CyberSecurity Insiders

JANUARY 24, 2022

by Great American, a powerful cyber risk management platform that combines the National Institute of Standards and Technology (NIST) driven, inside-out review of an organization’s cyber security posture with insights from continuous, external vulnerability scans and best-in-class cyber security ratings from SecurityScorecard.

Cyber Risk

Cyber Risk Insurance Risk Cyber Insurance

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. Ransomware is the Cyber Pearl Harbor we’ve been waiting for all along. Ransomware is the new PCI. They called it Cyber Pearl Harbor. It just looks different.

Ransomware

Ransomware Government Social Engineering Small Business

A taste of the latest release of QakBot

Security Affairs

MAY 6, 2021

A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007. The malware QakBot , also known as Qbot , Pinkslipbot , and Quakbot is a banking trojan that has been made headlines since 2007. In recent reports , it could be used to drop other malware such as ProLock, Egregor ransomware.

Malware

Malware Encryption Banking Software

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

Centre for Defence: In 2007, a struggle over a divisive Soviet statutes set the standard for a new form of Russian interference in the affairs of foreign states. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general. Instead we have these faceless ransomware groups.

Cybercrime

Cybercrime Government Ransomware Hacking

Cyber Security Informer

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Grief ransomware gang hit US National Rifle Association (NRA)

Trending Sources

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

North Korea-linked APT group BeagleBoyz targets banks

Russia-linked APT breached the network of Dutch police in 2017

North Korea-linked Lazarus APT targets the IT supply chain

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Microsoft: North Korea-linked Zinc APT targets security experts

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Dacls RAT, the first Lazarus malware that targets Linux devices

The US Treasury placed sanctions on North Korea linked APT Groups

News URSNIF variant doesn’t support banking features

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

HITRUST i1 Assessment control selection leverages security best practices, threat intelligence

Great American Insurance Group Launches Innovative Cyber Risk Management Platform for Policyholders

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

A taste of the latest release of QakBot

North Korea-linked Lazarus APT targets the COVID-19 research

The Hacker Mind Podcast: The Fog of Cyber War

Stay Connected