Adam Levin

APRIL 9, 2019

Israeli cybersecurity researchers have created malware capable of showing fake cancerous growths on CT and MRI scans. The malware, called CT-GAN, served as a proof of concept to show the potential for hacking medical devices with fake medical news that was convincing enough to fool medical technicians.

Malware 254

Malware Healthcare Technology Ransomware 254

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. News of the Trickbot compromise was first published here on Oct.

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. based iNSYNQ specializes in providing cloud-based QuickBooks accounting software and services.

Ransomware 279

Ransomware Accountability Software Marketing 279

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. VCPI) was hit by the Ryuk ransomware strain. In mid-November 2019, Wisconsin-based Virtual Care Provider Inc.

Passwords 271

Passwords Ransomware Password Management Malware 271

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. Editors note: This report was authored by Gautham Ashok & Alexa Feminella.

VPN 133

VPN Authentication Ransomware Risk 133

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. The government says between July 2012 and Sept.

Banking 234

Banking Malware Advertising Government 234

Krebs on Security

OCTOBER 9, 2020

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. “They are running normally and their ransomware operations are pretty much back in full swing,” Holden said.

Ransomware 363

Ransomware Internet Internet Passwords 363

Krebs on Security

JULY 15, 2019

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. “We are a living proof that you can do evil and get off scot-free.” We are interested in professionals.”

Ransomware 248

Ransomware Cybercrime Media Encryption 248

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. nl — circa October 2018.

Cybercrime 359

Cybercrime Ransomware Passwords Banking 359

Krebs on Security

MARCH 2, 2022

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti , one of the more rapacious and ruthless ransomware gangs in operation today. – Testers: Workers in charge of testing Conti malware against security tools and obfuscating it.

Ransomware 245

Ransomware Antivirus Malware Cybercrime 245

Krebs on Security

FEBRUARY 17, 2021

million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York. Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks. Image: CISA.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

Adam Levin

JANUARY 25, 2019

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. Ransomware attacks remain a persistent threat, but are not as prevalent as they were at their peak in 2017, which coincided with the meteoric rise in cyptocurrency values.

Spyware 212

Spyware Ransomware Malware Banking 212

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The victim shaming website for the Snatch ransomware gang. com and www-discord[.]com. the now-defunct pittsburghcitygirls[.]com).

Ransomware 326

Ransomware Internet Internet Phishing 326

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 294

Ransomware Accountability Cybercrime Backups 294

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community.

Malware 144

Malware Ransomware Cybercrime Hacking 144

eSecurity Planet

MAY 5, 2025

Cybersecurity analysts at Recorded Futures Insikt Group have identified the fresh threats as TerraStealerV2 and TerraLogger, two malware strains believed to be the latest additions to Golden Chickens growing Malware-as-a-Service (MaaS) arsenal. A familiar name behind major hacks Golden Chickens has been active since at least 2018.

Passwords 67

Passwords Malware Cryptocurrency Cybercrime 67

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 145

Ransomware Advertising Malware Hacking 145

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. Unlike ransomware, which is deployed against large businesses that cybercriminals hope can pay hefty ransoms, info stealers can deliver illicit gains no matter the target. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 128

Malware Software Passwords Cryptocurrency 128

Security Affairs

DECEMBER 4, 2023

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198).

Ransomware 139

Ransomware Malware Banking Hacking 139

Krebs on Security

APRIL 7, 2022

and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. In May 2018, the FBI executed a similar strategy to dismantle VPNFilter, which had spread to more than a half-million consumer devices. energy facilities.

Marketing 309

Marketing Energy and Utilities Malware Ransomware 309

Krebs on Security

OCTOBER 22, 2019

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. “Out of an abundance of caution, we cannot disclose the precise ransomware strains but will do so as soon as prudently possible. Cloud service providers are a favorite target of attackers who deal in ransomware.

B2B 154

B2B Ransomware Insurance Backups 154

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. The Cring ransomware appeared in the threat landscape in January, it was first reported by Amigo_A and the CSIRT team of Swisscom. ” reads the post published by Kaspersky.

VPN 130

VPN Ransomware Antivirus Firmware 130

The Last Watchdog

APRIL 21, 2021

At the time, in the spring of 2018, only 25 percent of commercial websites used HTTPS; today adoption is at 98 percent and rising. TLS, he says, is increasingly being used to cloak a wide array of the operational steps behind the most damaging attacks of the moment, namely ransomware attacks and massive data breaches. “For

Malware 214

Malware Firewall Encryption Data breaches 214

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. SecurityAffairs – hacking, malware).

Ransomware 145

Ransomware Malware Advertising Cybercrime 145

Malwarebytes

AUGUST 6, 2024

If you’ve been following any news about ransomware , you may be under the impression that ransomware groups are only after organizations rather than individual people, and for the most part that’s true. However, Magniber is one ransomware that does target home users. Run a trusted anti-malware solution.

Ransomware 141

Ransomware Artificial Intelligence Encryption Software 141

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 141

Ransomware Malware Telecommunications Advertising 141

The Last Watchdog

AUGUST 15, 2019

Related: ‘Cyber Pearl Harbor’ happens every day Some 15 months earlier, in March 2018, Atlanta was hit by a similar assault, and likewise refused to pay a $51,000 ransom, eating $17 million in damage. Probing and plundering Ransomware is highly resilient and flexible. mayors attending the U.S. A poll of IT pros in the U.S.,

Ransomware 196

Ransomware Internet Internet Hacking 196

Krebs on Security

FEBRUARY 4, 2019

But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal. 29 Gand Crab malware spam campaign. The domains documented by MyOnlineSecurity all had their DNS records altered between Jan.

DNS 277

DNS Ransomware Accountability Internet 277

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. Experts from Sophos analyzed the code of Entropy ransomware employed in two distinct attacks.

Ransomware 113

Ransomware Malware Cybercrime Banking 113

CyberSecurity Insiders

APRIL 18, 2022

A malware dubbed MyloBot malware is seen sending extortion emails to victims and demanding a payment of $2,732 in digital currency. This malware that was first detected in 2018 has anti-debugging capabilities and the potential to remove other malware already installed in the system or network.

Malware 135

Malware Firewall Software Ransomware 135

Security Affairs

MAY 4, 2022

Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on financial institutions, experts estimated that APT38 (Unit 180 of North Korea’s cyber-army Bureau 121) has stolen at hundreds of million dollars from banks worldwide. akkim@protonmail[.]com

Ransomware 130

Ransomware Banking Malware Hacking 130

Security Affairs

MARCH 17, 2020

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours.

Ransomware 143

Ransomware Advertising Malware Cybercrime 143

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities.

Mobile 145

Mobile Malware Adware Banking 145

Malwarebytes

OCTOBER 28, 2021

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. For an attacker, fileless malware has two major advantages: There is no file for traditional anti-virus software to detect. Is fileless malware new?

Malware 136

Malware Artificial Intelligence Software Ransomware 136

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned.

Malware 98

Malware Ransomware Cybercrime Phishing 98