2017, Information Security and Ransomware

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The SynAck ransomware gang released the master decryption keys for their operations and rebranded as a new group dubbed El_Cometa group. Good news for the victims of the SynAck ransomware gang, the group released the master decryption keys to allow victims to decrypt their files for free. Pierluigi Paganini.

Ransomware

Ransomware Authentication Malware Hacking

Emsisoft releases free SynAck ransomware decryptor

Security Affairs

AUGUST 20, 2021

Emsisoft researchers have released a decryptor for the SynAck Ransomware that could allow victims of the gang to decrypt their files for free. Emsisoft has released a free decryptor for SynAck Ransomware that can allow victims of the gang to decrypt their encrypted files. <gwmw <gwmw style=”display:none;”>.

Ransomware

Ransomware Encryption Authentication Internet

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17. Russia-linked threat actors breached the internal network of Dutch police in 2017 during the investigation into the MH-17 crash. SecurityAffairs – hacking, Epsilon Red ransomware).

Government

Government Surveillance Hacking Ransomware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. MSIL/Filecoder.RansomBoggs.A

Ransomware

Ransomware Encryption Telecommunications Malware

Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers

Security Affairs

AUGUST 12, 2021

Threat actors behind the Magniber Ransomware are using PrintNightmare exploits in attacks aimed at Windows servers. Threat actors behind the Magniber Ransomware are exploiting the PrintNightmare flaws ( CVE-2021-1675 , CVE-2021-34527 , and CVE-2021-36958 ) to infect Windows servers. ” CrowdStrike concludes. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Encryption Hacking

Fake mobile version of Cyberpunk 2077 spreads ransomware

Security Affairs

DECEMBER 18, 2020

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware. SecurityAffairs – hacking, ransomware).

Mobile

Mobile Ransomware Encryption Malware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware

Ransomware Hacking Encryption Penetration Testing

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Source BleepingComputer.

Ransomware

Ransomware Hacking Encryption Malware

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists.

Education

Education Data breaches Ransomware Hacking

TrueBot infections were observed in Clop ransomware attacks

Security Affairs

DECEMBER 11, 2022

Truebot has been active since 2017 and some researchers linked it to the Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). “Post-compromise activity included data theft and the execution of Clop ransomware.” ” reads the analysis published by Talos. Pierluigi Paganini.

Ransomware

Ransomware Malware Internet Internet

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. In August 2017, the pharmaceutical company revealed that the massive NotPetya cyberattack disrupted its worldwide operations. Merck filed a $1.4 Experts from Kaspersky’s conducted a similar research that led to a similar conclusion.

Insurance

Insurance Manufacturing Ransomware Healthcare

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems.

Healthcare

Healthcare Ransomware Cybercrime Advertising

Most ransomware attacks take place outside the working hours

Security Affairs

MARCH 17, 2020

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours.

Ransomware

Ransomware Advertising Malware Cybercrime

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Krebs on Security

NOVEMBER 7, 2019

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. “There is a lot of possible research that might be unleashed by this study. .

Data breaches

Data breaches Healthcare Ransomware Cyber threats

Experts linked multiple ransomware strains North Korea-backed APT38 group

Security Affairs

MAY 4, 2022

Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on financial institutions, experts estimated that APT38 (Unit 180 of North Korea’s cyber-army Bureau 121) has stolen at hundreds of million dollars from banks worldwide. akkim@protonmail[.]com

Ransomware

Ransomware Banking Malware Hacking

Conti ransomware operations made at least $25.5 million since July 2021

Security Affairs

NOVEMBER 19, 2021

Researchers revealed that Conti ransomware operators earned at least $25.5 A study conducted by Swiss security firm Prodaft with the support of blockchain analysis firm Elliptic revealed that the operators of the Conti ransomware have earned at least $25.5 In August 2021, ransomware operators sent 0.07 bitcoin. .

Ransomware

Ransomware Cybercrime Malware Hacking

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. The campaign shares victimology with recent operations conducted by Russia-linked threat actors.

Ransomware

Ransomware Telecommunications DNS Hacking

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Stunning as these two high-profile attacks were, they do not begin to convey the full scope of what a pervasive and destructive phenomenon ransomware has become – to individuals, to companies of all sizes and, lately, to poorly defended local agencies. Probing and plundering Ransomware is highly resilient and flexible.

Ransomware

Ransomware Internet Internet Hacking

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Security Affairs

AUGUST 13, 2021

Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare vulnerability in their attacks against Windows servers. The flaw received a CVSS score of 7.3,

Ransomware

Ransomware Backups Education Malware

Harvard Business Publishing licensee hit by ransomware

Security Affairs

OCTOBER 9, 2022

Three days later, Cybernews researchers revisited the database to see whether it had been closed, and found it had been hit with ransomware. The oldest entry goes as far back as 2017, and it is unclear how long this instance had been open prior to the Cybernews discovery. The 3.9GB-strong database held information from 2017 onwards.

Ransomware

Ransomware Passwords Encryption Identity Theft

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Malware

Malware Cryptocurrency Ransomware Hacking

Leading Law firm Seyfarth Shaw discloses ransomware attack

Security Affairs

OCTOBER 13, 2020

Seyfarth Shaw, one of the leading global legal firms announced that it was a victim of an “aggressive malware” attack, likely a ransomware attack. Seyfarth Shaw announced it was the victim of an “aggressive malware” attack, but the media immediately reported a ransomware infection later confirmed by the firm. Pierluigi Paganini.

Ransomware

Ransomware Advertising Malware Encryption

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet.

Ransomware

Ransomware Hacking Advertising Malware

The Satan Ransomware adds new exploits to its arsenal

Security Affairs

MAY 21, 2019

A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible.

Ransomware

Ransomware Advertising Malware Encryption

How the ransomware explosion is reshaping the cyber insurance market

SC Magazine

MAY 19, 2021

Today’s special columnist, Scott Register of Keysight Technologies, says government and industry must come together to secure the nation’s critical infrastructure in the wake of the Colonial Pipeline hack. The ransomware reality check for insurers. Credit: Colonial Pipeline. NotPetya changed that.

Cyber Insurance

Cyber Insurance Insurance Marketing Ransomware

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups.

Ransomware

Ransomware Malware Financial Services Encryption

New MalLocker.B ransomware displays ransom note in innovative way

Security Affairs

OCTOBER 9, 2020

Microsoft warns of Android ransomware that activates when you press the Home button. Microsoft spotted a new strain of Amdroid ransomware tracked as MalLocker.B Like other Android ransomware, MalLocker.B Once installed, the ransomware displays a ransom note on the phone’s screen and prevents the victim from dismissing.

Ransomware

Ransomware Malware Advertising Encryption

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in the security community. Yet, much of the media attention ransomware gets is focused on chronicling which companies fall prey to it. Part I: Three preconceived ideas about ransomware.

Ransomware

Ransomware Encryption Malware Cybercrime

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. ” The analyzed attack spread the ransomware Lockbit 3.0 ” The analyzed attack spread the ransomware Lockbit 3.0 ORIGINAL_extension].specific/different

Ransomware

Ransomware Encryption Technology Backups

Top 5 Cybersecurity and Computer Threats of 2017

NopSec

FEBRUARY 9, 2017

The year 2016 will be remembered for some big moments in the world of cybersecurity: the largest known distributed denial of service (DDoS) attack, a phishing attack on a United States presidential candidate’s campaign, and ransomware attacks on major healthcare organizations are just a few. Ransomware The U.S.

Cybersecurity

Cybersecurity DDOS IoT Social Engineering

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

WithSecure noticed overlaps between Kapeka and GreyEnergy and the Prestige ransomware attacks which are attributed to the Russia-linked Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The malware masqueraded as a Microsoft Word Add-In (.wll)

Malware

Malware Ransomware Hacking Technology

Microsoft warns of growing DoppelPaymer Ransomware threat

Security Affairs

NOVEMBER 21, 2019

The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware and provided useful information on the threat. The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware , the tech giant provided useful information on the threat and how it spreads.

Ransomware

Ransomware Social Engineering Malware Advertising

Top Cybersecurity Trends for 2017

Spinone

NOVEMBER 15, 2016

Information Technology research and advisory company, Gartner, presented its top predictions for the cybersecurity industry for 2017 earlier this year. Previously Separate Security Policies Must Overlap and Converge Information security, IT security, and physical security are no longer separate concepts.

Cybersecurity

Cybersecurity Software Internet Internet

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 24, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Ransomware

Ransomware Mobile Malware Marketing

A cyber attack hit Nissan Oceania

Security Affairs

DECEMBER 7, 2023

The problems suffered by the company suggest that its systems were infected with ransomware. The software engineer Tillie Kottmann was informed by an anonymous source that the Git server was exposed online and accessible to anyone using the default login credentials admin/admin. and nissan.co.nz.

Cyber Attacks

Cyber Attacks Financial Services Scams Data breaches

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. The spread of this ransomware was considered to be the worst cyber attack in terms of contamination rate and scope, putting public offices and companies (especially healthcare facilities) out of operation.

Malware

Malware Computers and Electronics Encryption Ransomware

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. In December 2017, Nissan Finance Canada was hacked , personal information of 1.13

Data breaches

Data breaches Identity Theft Financial Services Cybercrime

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Security Affairs

JULY 15, 2019

Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. The group that is known for the distribution of the Dridex Trojan and the Locky ransomware , has released other pieces of malware including the tRat backdoor and the AndroMut downloader. .

Ransomware

Ransomware Encryption Advertising Malware

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. ” reads the announcement published by Lockbit operators on their leak site.

Manufacturing

Manufacturing Ransomware Hacking Security Awareness

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

AUGUST 31, 2023

To prevent similar incidents from occurring in the future, the company announced it has implemented additional cyber security measures to protect its infrastructure. The company did not provide details about the attack, but it is likely it was the victim of a ransomware attack.

Retail

Retail Data breaches Identity Theft Banking

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

The malware author named the bot Satan DDoS, but Palo Alto Network’s Unit42 researchers dubbed it Lucifer because there’s another malware with the same name, the Satan Ransomware. ” reads the report published by the Unit42 team.

DDOS

DDOS Malware Advertising Passwords

Experts warn of a surge of TrueBot activity in May 2023

Security Affairs

JUNE 5, 2023

Truebot has been active since 2017 and some researchers linked it to the Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). When an organization is infected with this malware, it can quickly escalate to become a bigger infection, similar to how ransomware spreads throughout a network.”

Malware

Malware Ransomware Hacking Software

SynAck ransomware gang releases master decryption keys for old victims

Emsisoft releases free SynAck ransomware decryptor

Webinars

Trending Sources

Russia-linked APT breached the network of Dutch police in 2017

Webinars

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers

Fake mobile version of Cyberpunk 2077 spreads ransomware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

TrueBot infections were observed in Clop ransomware attacks

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Most ransomware attacks take place outside the working hours

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Experts linked multiple ransomware strains North Korea-backed APT38 group

Conti ransomware operations made at least $25.5 million since July 2021

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Harvard Business Publishing licensee hit by ransomware

StripedFly, a complex malware that infected one million devices without being noticed

Leading Law firm Seyfarth Shaw discloses ransomware attack

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Source code of Dharma ransomware now surfacing on public hacking forums

The Satan Ransomware adds new exploits to its arsenal

How the ransomware explosion is reshaping the cyber insurance market

Experts linked ransomware attacks to China-linked APT27

New MalLocker.B ransomware displays ransom note in innovative way

Ransomware world in 2021: who, how and why

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Top 5 Cybersecurity and Computer Threats of 2017

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Microsoft warns of growing DoppelPaymer Ransomware threat

Top Cybersecurity Trends for 2017

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION

A cyber attack hit Nissan Oceania

Wannacry, the hybrid malware that brought the world to its knees

Nissan Oceania data breach impacted roughly 100,000 people

DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Fashion retailer Forever 21 data breach impacted +500,000 individuals

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Experts warn of a surge of TrueBot activity in May 2023

Stay Connected