Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. ech0raix ransomware operators demand a ransom raising from.024 TXTT” extension. 024 ($1,200) up to.06 06 bitcoins ($3,000).

Ransomware 124

Ransomware Encryption Manufacturing Hacking 124

Security Affairs

AUGUST 26, 2019

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. ” 2019-08-24: #Nemty #Ransomware version '1.0'

Ransomware 91

Ransomware Malware Antivirus Encryption 91

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. billion in 2019. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. Pierluigi Paganini.

Ransomware 128

Ransomware Encryption IoT Malware 128

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 113

Hacking Ransomware Computers and Electronics Marketing 113

Security Affairs

MARCH 6, 2023

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group.

Ransomware 74

Ransomware Cybercrime Malware Phishing 74

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 117

Ransomware Advertising Malware Hacking 117

Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 142

Ransomware Hacking Computers and Electronics Malware 142

Security Affairs

MAY 24, 2021

Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran , have resumed their operations after a temporary interruption. Pierluigi Paganini.

Ransomware 119

Ransomware Encryption Malware Healthcare 119

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 92

Malware Cybercrime Banking Hacking 92

Security Affairs

NOVEMBER 28, 2019

A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. SecurityAffairs – hacking, ransomware).

Ransomware 115

Ransomware Cybersecurity Telecommunications Advertising 115

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 132

Ransomware Malware Telecommunications Advertising 132

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

NOVEMBER 10, 2020

Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. Pierluigi Paganini.

Ransomware 142

Ransomware Malware Engineering Passwords 142

Security Affairs

OCTOBER 6, 2023

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos.

Ransomware 117

Ransomware Insurance Banking Hacking 117

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Source BleepingComputer.

Ransomware 124

Ransomware Hacking Encryption Malware 124

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019.

Ransomware 141

Ransomware Cybercrime Advertising Software 141

Security Affairs

SEPTEMBER 29, 2022

The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Ransomware. builder to create its own ransomware.

Ransomware 104

Ransomware Hacking Encryption Passwords 104

Security Affairs

NOVEMBER 8, 2021

Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation led by Interpol. Clop ransomware gang has been active since February 2019, it targeted many organizations and universities over the years. Pierluigi Paganini.

Ransomware 122

Ransomware Cybercrime Malware Hacking 122

Security Affairs

JANUARY 28, 2022

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware. Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. ” reported a statement from the security company cited by CTWANT.

Computers and Electronics 88

Computers and Electronics Ransomware Manufacturing Malware 88

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies.

Encryption 144

Encryption Ransomware Malware Hacking 144

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. DataProtector was launched in 2015, while CyberScan was launched in 2019. ” continues the press release.

Malware 132

Malware Antivirus Cybercrime Software 132

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Internet 110

Internet Internet Scams Cybercrime 110

Security Affairs

MARCH 14, 2023

Cyber security researcher Luca Mella analyzed the Makop ransomware employed in a recent intrusion. Executive summary Insights from a recent intrusion authored by Makop ransomware operators show persistence capability through dedicated.NET tools. Advanced_Port_Scanner_2.5.3869.exe

Ransomware 82

Ransomware Software System Administration Encryption 82

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores.

Retail 138

Retail Ransomware Media Malware 138

Security Affairs

SEPTEMBER 29, 2020

Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. US-based Arthur J. The company is currently ranked 429 on the Fortune 500 list.

Insurance 138

Insurance Ransomware Advertising Data breaches 138

Security Affairs

DECEMBER 17, 2021

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. ” reads the analysis published by AdvIntel. “A

Ransomware 128

Ransomware Energy and Utilities Cybercrime Malware 128

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach.

Banking 103

Banking Ransomware Cybercrime Malware 103

Security Affairs

SEPTEMBER 17, 2020

University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online.

Ransomware 139

Ransomware Advertising Data breaches Encryption 139

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. billion in revenue for 2019.

Ransomware 110

Ransomware Retail Advertising Malware 110

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. In 2019, the U.S. Pierluigi Paganini.

Ransomware 116

Ransomware Cybercrime Banking Encryption 116

Security Affairs

JULY 8, 2022

Experts documented the evolution of the LockBit ransomware that leverages multiple techniques to infect targets and evade detection. The Cybereason Global Security Operations Center (GSOC) Team published the Cybereason Threat Analysis Reports that investigates the threat landscape and provides recommendations to mitigate their attacks.

Ransomware 96

Ransomware Accountability Malware Firewall 96

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet.

Ransomware 109

Ransomware Hacking Advertising Malware 109

Security Affairs

MARCH 17, 2020

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours.

Ransomware 111

Ransomware Advertising Malware Cybercrime 111

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware 98

Ransomware Penetration Testing Healthcare Government 98

Security Affairs

FEBRUARY 8, 2023

to money laundering charges linked to the Ryuk ransomware operation. to one count of conspiracy to commit money laundering for the Ryuk ransomware operation. “Specifically, Dubnikov and his accomplices laundered ransom payments extracted from victims of Ryuk ransomware attacks.” ” reads the press release.

Ransomware 82

Ransomware Hacking Cybercrime Information Security 82

Security Affairs

NOVEMBER 8, 2021

The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware affiliate for orchestrating the ransomware attacks on Kaseya MSP platform that took place in July 4. US DoJ also seized $6.1

Ransomware 121

Ransomware Government Hacking Technology 121

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. All @txcourts websites are down.

Ransomware 124

Ransomware Government Advertising Malware 124