The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Adam Levin

NOVEMBER 4, 2020

The infamous Maze ransomware gang has announced they will cease operations, effective immediately. . On November 1, the hacking group behind several high profile ransomware attacks in 2020 issued a rambling press release, riddled with spelling errors, on the dark web announcing, “it is officially closed.”.

Ransomware 168

Ransomware Scams Hacking Malware 168

Krebs on Security

DECEMBER 10, 2019

The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks. It is very likely this is being exploited in the wild.”

Backups 148

Backups Software Malware Marketing 148

Security Affairs

NOVEMBER 11, 2020

?Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems.

Advertising 127

Advertising Hacking Ransomware Accountability 127

Security Affairs

JANUARY 18, 2020

According to the IC3 Annual Report released in April 2019 financial losses reached $2.7 The total cost of cybercrime for each company in 2019 reached US$13M. According to Accenture, malware and Web-based attacks continue to cause higher financial losses to organizations worldwide. What about malware? billion in 2018.

Cybercrime 126

Cybercrime Small Business Data breaches Mobile 126

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet.

Ransomware 109

Ransomware Hacking Advertising Malware 109

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. Experts from Sophos analyzed the code of Entropy ransomware employed in two distinct attacks.

Ransomware 95

Ransomware Malware Cybercrime Banking 95

Krebs on Security

AUGUST 13, 2019

. “According to Microsoft, at least two of these vulnerabilities ( CVE-2019-1181 and CVE-2019-1182 ) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak.

Backups 184

Backups Software Authentication Internet 184

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Malware 242

Malware Cybercrime Software Antivirus 242

Security Affairs

AUGUST 22, 2023

Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site. The Snatch ransomware group added the Department of Defence South Africa to its data leak site. In October 2022, the Snatch ransomware group claimed to have hacked the French company HENSOLDT France.

Hacking 92

Hacking Computers and Electronics Ransomware Risk 92

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. SecurityAffairs – hacking, ransomware).

Ransomware 95

Ransomware Antivirus Encryption Backups 95

Security Affairs

OCTOBER 20, 2023

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law enforcement operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure.

Ransomware 92

Ransomware Cybercrime Malware Hacking 92

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking 102

Hacking Ransomware Banking Mobile 102

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 124

Ransomware Backups Healthcare Firewall 124

Security Affairs

OCTOBER 31, 2022

The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. The Snatch ransomware group added HENSOLDT France to the list of victims published on its Tor leak site.

Computers and Electronics 105

Computers and Electronics Hacking Ransomware Data breaches 105

Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. ech0raix ransomware operators demand a ransom raising from.024 TXTT” extension. 024 ($1,200) up to.06 06 bitcoins ($3,000).

Ransomware 125

Ransomware Encryption Manufacturing Hacking 125

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. Previously, the UNC2165 actors also deployed the HADES ransomware.

Ransomware 130

Ransomware Cybercrime Malware Hacking 130

Security Affairs

AUGUST 10, 2020

Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group , an independent European leader in multi-technical services. Pierluigi Paganini.

Ransomware 108

Ransomware Hacking Advertising Backups 108

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 117

Ransomware Advertising Malware Hacking 117

CyberSecurity Insiders

AUGUST 26, 2022

One of the most ruthless cyberattacks is a ransomware attack. What Is a Ransomware Attack? Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. Ransomware attacks are about as old as the internet itself.

Ransomware 123

Ransomware Education Software Malware 123

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. billion in 2019. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. Pierluigi Paganini.

Ransomware 128

Ransomware Encryption IoT Malware 128

Adam Levin

JANUARY 9, 2020

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . The ransomware detected on the Travelex servers has been identified as Sodinokibi (also known as REvil), a “ransomware as a service” form of malware that is developed and maintained by the Sodinokibi hacking group and deployed by over 40 affiliates.

Ransomware 157

Ransomware Encryption Insurance VPN 157

CyberSecurity Insiders

JANUARY 26, 2022

Merck, the Pharma giant from New Jersey, has won a legal battle with its insurer for covering costs related to the NotPetya ransomware attack that crippled its computer networks to the core incurring losses in millions. Moving ahead into the details, the year 2017 witnessed many companies falling prey to NotPetya ransomware hackers.

Ransomware 112

Ransomware Insurance Cyber Insurance Hacking 112

Security Affairs

AUGUST 26, 2019

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. ” 2019-08-24: #Nemty #Ransomware version '1.0'

Ransomware 91

Ransomware Malware Antivirus Encryption 91

Security Affairs

MARCH 6, 2023

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group.

Ransomware 74

Ransomware Cybercrime Malware Phishing 74

Security Affairs

MAY 24, 2021

Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran , have resumed their operations after a temporary interruption. Pierluigi Paganini.

Ransomware 120

Ransomware Encryption Malware Healthcare 120

Security Affairs

SEPTEMBER 29, 2022

The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Ransomware. builder to create its own ransomware.

Ransomware 104

Ransomware Hacking Encryption Passwords 104

Security Affairs

OCTOBER 6, 2023

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos.

Ransomware 118

Ransomware Insurance Banking Hacking 118

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 93

Malware Cybercrime Banking Hacking 93

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies.

Encryption 144

Encryption Ransomware Malware Hacking 144

Security Affairs

MAY 23, 2023

The German automotive and arms manufacturer Rheinmetall announced it was victim of a Black Basta ransomware attack that took place last month. The company this week announced it was victim of a ransomware attack conducted by the Black Basta ransomware group.

Manufacturing 87

Manufacturing Ransomware Hacking Cyber Attacks 87

Security Affairs

OCTOBER 8, 2019

One of the victims of the Muhstik ransomware gang who initially paid the ransomware, decided to hack back the crooks and released their decryption keys. Tobias Frömel , is a German software developer, who was a victim of the Muhstik ransomware. SecurityAffairs – Muhstik ransomware, hacking).

Hacking 83

Hacking Ransomware Advertising Passwords 83

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. In 2019, the U.S. SecurityAffairs – hacking, NRA).

Ransomware 120

Ransomware Banking Cybercrime Hacking 120

Security Affairs

SEPTEMBER 29, 2020

revealed it was the victim of a malware attack that affecting some servers on its network. a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. SecurityAffairs – hacking, ransomware). The French maritime transport and logistics giant CMA CGM S.A.

Ransomware 144

Ransomware Malware Advertising Cyber Attacks 144

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores.

Retail 138

Retail Ransomware Media Malware 138

Security Affairs

NOVEMBER 10, 2020

Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. Pierluigi Paganini.

Ransomware 142

Ransomware Malware Engineering Passwords 142

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 133

Ransomware Malware Telecommunications Advertising 133