Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption 65

Encryption Ransomware Malware Scams 65

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. Pierluigi Paganini.

Ransomware 110

Ransomware Retail Advertising Malware 110

Security Affairs

MAY 27, 2020

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

Ransomware 105

Ransomware Security Intelligence Encryption Advertising 105

Security Affairs

JULY 28, 2020

Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises.

Ransomware 98

Ransomware Malware Advertising VPN 98

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. locked to the filename of the encrypted files.

Government 105

Government Ransomware Encryption Penetration Testing 105

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers.

Ransomware 143

Ransomware Cyber Insurance Insurance Advertising 143

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. Encrypting sensitive data wherever possible.

Healthcare 262

Healthcare Backups Ransomware Insurance 262

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet.

Ransomware 110

Ransomware Hacking Advertising Malware 110

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 134

Ransomware VPN Advertising Government 134

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 119

Ransomware Advertising Malware Hacking 119

Security Affairs

APRIL 9, 2020

million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. “As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data.

Ransomware 117

Ransomware Encryption Advertising Backups 117

Security Affairs

APRIL 27, 2020

The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware , the operators behind the threat have shut down their operations and released over 750,000 decryption keys. SecurityAffairs – Shade Ransomware, hacking).

Ransomware 121

Ransomware Advertising Antivirus Education 121

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” continues the report.

Ransomware 117

Ransomware Cybercrime Social Engineering Banking 117

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials.

Ransomware 136

Ransomware Banking Cyber Insurance Advertising 136

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. AgentTesla ). Pierluigi Paganini.

Healthcare 116

Healthcare Ransomware Phishing Government 116

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data after a ransomware attack. million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. million, to decrypt it. ” reported the website edscoop.com.

Ransomware 126

Ransomware Encryption Advertising Malware 126

Security Affairs

OCTOBER 2, 2018

Experts at the Cybaze Z-Lab have analyzed the latest iteration of the infamous GandCrab ransomware, version 5.0. Malware researchers at Cybaze ZLab analyzed the latest version of the infamous GandCrab ransomware, version 5.0. to allow the code to encrypt the files opened by these applications. Word, Excel, SQLServer etc.)

Ransomware 92

Ransomware Encryption Advertising Malware 92

Security Affairs

OCTOBER 11, 2020

FONIX is a new Ransomware as a Service available in the threat landscape that was analyzed by SentinelLabs researchers. FONIX is a relatively new Ransomware as a Service (RaaS) analyzed by researchers from Sentinel Labs, its operators were previously specialized in the developers of binary crypters/packers.

Ransomware 86

Ransomware Encryption Advertising DDOS 86

Security Affairs

OCTOBER 20, 2018

The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. But at least that way we can help them now.”

Ransomware 92

Ransomware Cybercrime Identity Theft Advertising 92

Security Affairs

MARCH 3, 2020

The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. Pierluigi Paganini.

Ransomware 102

Ransomware Advertising Encryption Malware 102

Security Affairs

AUGUST 4, 2020

Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. GB from Xerox.

Ransomware 110

Ransomware Encryption Advertising Firmware 110

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 86

Ransomware Telecommunications Banking Advertising 86

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware. million encrypted malware attacks, +27% over the previous year. .”

IoT 85

IoT Encryption Malware Advertising 85

Security Affairs

JUNE 14, 2020

Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. Cohen, Pittsburgh Brewing Co.,

Ransomware 105

Ransomware Hacking Advertising Banking 105

Security Affairs

JANUARY 15, 2020

The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. “There’s quite some curiosities that indicate 5ss5c is still in active development and stems from Satan ransomware.” ” reads the analysis published by Blaze.

Ransomware 71

Ransomware Cybercrime Architecture Advertising 71

Security Affairs

DECEMBER 19, 2019

The victims of the Maze Ransomware now face another threat because operators behind the malware could become publish their data online. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Follow the news!” Pierluigi Paganini.

Ransomware 72

Ransomware Cybercrime Advertising Malware 72

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 112

Banking Ransomware Advertising VPN 112

Security Affairs

MAY 22, 2019

For the second time in a few days, experts at Emsisoft released a free decrypter , this time to help victims of the GetCrypt ransomware. Security experts at Emsisoft released a new decrypted in a few days, it could be used for free by victims of the GetCrypt ransomware to decrypt their files encrypted by the malware.

Ransomware 75

Ransomware Encryption Advertising Cybercrime 75

Security Affairs

NOVEMBER 6, 2020

This week, Brazil’s Superior Court of Justice has temporarily shut down its operation following a ransomware attack during judgment sessions. Two days after the ransomware attack took place, the Superior Court of Justice systems are still offline. “It was basically a ransomware attack . Pierluigi Paganini.

Ransomware 108

Ransomware CISO Encryption Cyber Attacks 108

Security Affairs

DECEMBER 4, 2018

It is interesting to note that this ransomware requests victims to pay 110 yuan (nearly Euro 14) in ransom through WeChat Pay. “On December 1, the first ransomware that demanded the “WeChat payment” ransom broke out in the country. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 92

Ransomware Encryption Advertising Software 92

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware 94

Ransomware VPN Cybercrime Advertising 94

Security Affairs

DECEMBER 24, 2019

The FBI has issued a warning to the private industry of cyber attacks involving the LockerGoga and MegaCortex Ransomware. The FBI is warning the private industry of cyber attacks involving the LockerGoga and MegaCortex Ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 62

Ransomware Backups Encryption Cyber Attacks 62

Security Affairs

FEBRUARY 25, 2019

The recently discovered B0r0nt0K ransomware infects both Linux and Windows servers and demands $75,000 ransom to the victims. A new piece of ransomware called B0r0nt0K appeared in the threat landscape, it is targeting web sites and demanding a 20 bitcoin ransom to the victims (roughly $75,000). rontok extension to the file names.

Ransomware 93

Ransomware Encryption Advertising Malware 93

Security Affairs

APRIL 12, 2019

Good news for the victims of the CryptoPokemon ransomware , security experts at Emsisoft just released a free decrypter tool. Victims of the CryptoPokemon ransomware have a good reason to smile, security experts at Emsisoft have released a free decrypter tool. The CryptoPokemon ransomware encrypts files using SHA256 + AES128.

Ransomware 89

Ransomware Encryption Advertising Malware 89

Security Affairs

JUNE 17, 2019

Good news for the victims of the latest variants of the GandCrab ransomware , NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website. The tool works with versions 5 to 5.2

Ransomware 82

Ransomware Advertising Cybercrime Marketing 82

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware 74

Ransomware VPN Cybercrime Advertising 74

Security Affairs

JULY 15, 2019

Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. ” reads the analysis published by CrowdStrike.

Ransomware 72

Ransomware Encryption Advertising Malware 72