Security Affairs

MAY 11, 2020

Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process.

Encryption 97

Encryption Ransomware Advertising Malware 97

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. ” reads the message published by the ransomware operators.

Hacking 121

Hacking Ransomware Advertising Encryption 121

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware 138

Ransomware Cybercrime Advertising Software 138

Security Affairs

DECEMBER 2, 2019

Experts discovered a new malware dubbed Clop ransomware that attempts to remove Malwarebytes and other security products. Security researcher Vitali Kremez discovered a new malware dubbed Clop ransomware that targets Windows systems and attempts to disable security products running on the infected systems. Pierluigi Paganini.

Ransomware 108

Ransomware Encryption Advertising Cybercrime 108

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption 61

Encryption Ransomware Malware Scams 61

Security Affairs

MAY 27, 2020

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

Ransomware 102

Ransomware Security Intelligence Encryption Advertising 102

Security Affairs

JULY 31, 2018

The security experts from Sophos have published a report on the multimillion-dollar black market business for crooks, they analyzed the SamSam ransomware case as a case study. Million since late 2015. Million since late 2015. significantly large amount compared to most ransomware families.” Pierluigi Paganini.

Ransomware 48

Ransomware Advertising Marketing Encryption 48

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. Pierluigi Paganini.

Ransomware 104

Ransomware Retail Advertising Malware 104

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. ” The analyzed attack spread the ransomware Lockbit 3.0 ” The analyzed attack spread the ransomware Lockbit 3.0 Black The LockBit 3.0

Ransomware 115

Ransomware Encryption Technology Backups 115

Security Affairs

JULY 28, 2020

Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises.

Ransomware 95

Ransomware Malware Advertising VPN 95

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. locked to the filename of the encrypted files.

Government 100

Government Ransomware Encryption Penetration Testing 100

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers.

Ransomware 143

Ransomware Cyber Insurance Insurance Advertising 143

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet.

Ransomware 106

Ransomware Hacking Advertising Malware 106

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 113

Ransomware Advertising Malware Hacking 113

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” continues the report.

Ransomware 111

Ransomware Cybercrime Social Engineering Banking 111

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 126

Ransomware VPN Advertising Government 126

Security Affairs

APRIL 9, 2020

million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. “As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data.

Ransomware 112

Ransomware Encryption Advertising Backups 112

Security Affairs

OCTOBER 2, 2018

Experts at the Cybaze Z-Lab have analyzed the latest iteration of the infamous GandCrab ransomware, version 5.0. Malware researchers at Cybaze ZLab analyzed the latest version of the infamous GandCrab ransomware, version 5.0. to allow the code to encrypt the files opened by these applications. Word, Excel, SQLServer etc.)

Ransomware 87

Ransomware Encryption Advertising Malware 87

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. AgentTesla ). Pierluigi Paganini.

Healthcare 111

Healthcare Ransomware Phishing Government 111

Security Affairs

OCTOBER 11, 2020

FONIX is a new Ransomware as a Service available in the threat landscape that was analyzed by SentinelLabs researchers. FONIX is a relatively new Ransomware as a Service (RaaS) analyzed by researchers from Sentinel Labs, its operators were previously specialized in the developers of binary crypters/packers.

Ransomware 82

Ransomware Encryption Advertising DDOS 82

Security Affairs

OCTOBER 20, 2018

The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. But at least that way we can help them now.”

Ransomware 87

Ransomware Cybercrime Identity Theft Advertising 87

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials.

Ransomware 129

Ransomware Banking Cyber Insurance Advertising 129

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data after a ransomware attack. million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. million, to decrypt it. ” reported the website edscoop.com.

Ransomware 121

Ransomware Encryption Advertising Malware 121

Security Affairs

MARCH 3, 2020

The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. Pierluigi Paganini.

Ransomware 99

Ransomware Advertising Encryption Malware 99

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware. million encrypted malware attacks, +27% over the previous year. .”

IoT 82

IoT Encryption Malware Advertising 82

Security Affairs

AUGUST 4, 2020

Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. GB from Xerox.

Ransomware 104

Ransomware Encryption Advertising Firmware 104

Security Affairs

JUNE 14, 2020

Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. Cohen, Pittsburgh Brewing Co.,

Ransomware 102

Ransomware Hacking Advertising Banking 102

Security Affairs

APRIL 27, 2020

The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware , the operators behind the threat have shut down their operations and released over 750,000 decryption keys. SecurityAffairs – Shade Ransomware, hacking).

Ransomware 115

Ransomware Advertising Antivirus Education 115

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 80

Ransomware Telecommunications Banking Advertising 80

Security Affairs

JANUARY 15, 2020

The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. “There’s quite some curiosities that indicate 5ss5c is still in active development and stems from Satan ransomware.” ” reads the analysis published by Blaze.

Ransomware 65

Ransomware Cybercrime Architecture Advertising 65

Security Affairs

MAY 22, 2019

For the second time in a few days, experts at Emsisoft released a free decrypter , this time to help victims of the GetCrypt ransomware. Security experts at Emsisoft released a new decrypted in a few days, it could be used for free by victims of the GetCrypt ransomware to decrypt their files encrypted by the malware.

Ransomware 73

Ransomware Encryption Advertising Cybercrime 73

Security Affairs

DECEMBER 19, 2019

The victims of the Maze Ransomware now face another threat because operators behind the malware could become publish their data online. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Follow the news!” Pierluigi Paganini.

Ransomware 67

Ransomware Cybercrime Advertising Malware 67

Security Affairs

NOVEMBER 6, 2020

This week, Brazil’s Superior Court of Justice has temporarily shut down its operation following a ransomware attack during judgment sessions. Two days after the ransomware attack took place, the Superior Court of Justice systems are still offline. “It was basically a ransomware attack . Pierluigi Paganini.

Ransomware 103

Ransomware CISO Encryption Cyber Attacks 103

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 107

Banking Ransomware Advertising VPN 107

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware 92

Ransomware VPN Cybercrime Advertising 92

Security Affairs

DECEMBER 4, 2018

It is interesting to note that this ransomware requests victims to pay 110 yuan (nearly Euro 14) in ransom through WeChat Pay. “On December 1, the first ransomware that demanded the “WeChat payment” ransom broke out in the country. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 87

Ransomware Encryption Advertising Software 87