Security Affairs

JUNE 13, 2023

A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. ” reported HIBP.

Data breaches 85

Data breaches Passwords Cybercrime Encryption 85

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. It will only serve to stifle global efforts to combat cybercrime.”

Cybercrime 60

Cybercrime Surveillance Spyware Government 60

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. ” Follow me on Twitter: @securityaffairs and Facebook.

Encryption 130

Encryption Malware Media Authentication 130

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S. On Sunday, Feb. 428 hospitals.”

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Security Affairs

APRIL 21, 2024

The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it. Earlier versions of the ransomware were written in C++ and the malware added the.akira extension to the encrypted files. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 106

Ransomware Encryption Antivirus VPN 106

Security Affairs

FEBRUARY 18, 2024

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders U.S.

Cybercrime 97

Cybercrime Ransomware Malware Data breaches 97

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The availability of the master decryption key allows the victims to recover their encrypted files for free. Unfortunately, at the time of writing the RAR archive is not available.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

Security Affairs

NOVEMBER 1, 2021

The HelloKitty ransomware group, like other ransomware gangs, implements a double extortion model, stealing sensitive documents from victims before encrypting them. SecurityAffairs – hacking, cybercrime). The post HelloKitty ransomware gang also targets victims with DDoS attacks appeared first on Security Affairs.

DDOS 124

DDOS Ransomware Cybercrime Encryption 124

Security Affairs

DECEMBER 10, 2021

Another one used to encrypt companies' networks. In the past, other two ransomware were written in Rust for research purposes, one of them was published on GitHub in 2020, the second one is a now-defunct strain named BadBeeTeam. Filemarker 19 47 B7 4D at EOF and before the encrypted key, which is JSON with some settings.

Ransomware 97

Ransomware Malware Cybercrime Encryption 97

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020.

Ransomware 97

Ransomware Encryption Malware Cybercrime 97

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. The gold rush of 2020.

Ransomware 121

Ransomware Cybercrime Malware Marketing 121

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 127

Cybercrime Hacking Mobile DDOS 127

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. File encryption 2013 – 2015. pharma giant ExecuPharm.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

AUGUST 12, 2021

Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020. SecurityAffairs – hacking, cybercrime).

Phishing 117

Phishing Passwords Encryption Cybercrime 117

Security Affairs

NOVEMBER 4, 2020

Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. The good news that the company excluded the theft of internal information. The toymaker is one of the largest toymakers in the world with 24,000 employees and $5.7

Ransomware 111

Ransomware Retail Advertising Malware 111

Security Affairs

MAY 9, 2021

Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. The malware employed by the group since November 2020, includes Sombrat, FiveHands, the Warprism PowerShell dropper, the Cobalt Strike beacon, and FoxGrabber.

Ransomware 121

Ransomware Penetration Testing Malware Cybercrime 121

Security Affairs

JULY 8, 2021

. “On May 20, 2021, Morgan Stanley was notified by Guidehouse, a vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business, that it had suffered an information security incident. ” reads the letter.

Data breaches 121

Data breaches Hacking Banking Financial Services 121

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers. .” ” reads a press release published by the University.

Ransomware 144

Ransomware Cyber Insurance Insurance Advertising 144

Security Affairs

JANUARY 17, 2022

SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. “The SFile ransomware uses the Mbed TLS library, RSA-2048 and AES-256 algorithms for file encryption.

Ransomware 139

Ransomware Encryption Backups Malware 139

Security Affairs

MARCH 16, 2020

“Upon further examination, we determined that the unauthorised user appeared to have initially gained access on 9 February 2020, and could have gained access to a database in which we store user data.” ” @troyhunt pic.twitter.com/HfAwV7gtVq — Sylvia van Os (@SylvieLorxu) March 12, 2020. .”

Data breaches 105

Data breaches Passwords Advertising Accountability 105

Security Affairs

NOVEMBER 1, 2020

The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. The gang was the first to introduce a double-extortion model in the cybercrime landscape at the end of 2019.

Ransomware 141

Ransomware Cybercrime Advertising Software 141

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Europol said.

VPN 82

VPN Cybercrime Ransomware Advertising 82

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. Most of the similarities between the two malicious codes relate to the encryption scheme. ” continues the report. ” . . ” continues the report.

Ransomware 112

Ransomware Encryption Engineering Cybercrime 112

Security Affairs

MARCH 3, 2021

A couple of weeks ago, security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. reported FireEye. “The onion website.

Ransomware 129

Ransomware Cybersecurity Cyber Attacks Data breaches 129

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020.

Ransomware 104

Ransomware Security Intelligence Encryption Advertising 104

Security Affairs

AUGUST 18, 2021

In July, researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider , the cybercrime gang behind the TrickBot botnet. The sample analyzed by IBM X-Force was submitted to Virus Total on January 27, 2021 and has a reported compilation date of March 5, 2020.

Ransomware 100

Ransomware DNS Cybercrime Malware 100

Security Affairs

JANUARY 28, 2022

According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak. ” reported a statement from the security company cited by CTWANT.

Computers and Electronics 89

Computers and Electronics Ransomware Manufacturing Malware 89

Security Affairs

MARCH 23, 2021

billion in 2020. “Shell has been impacted by a data security incident involving Accellion’s File Transfer Appliance. .” ” Since the disclosure of the vulnerabilities in Accellion FTA multiple cybercrime groups targeted organizations worldwide. continues FireEye.

Data breaches 124

Data breaches Hacking Cybercrime Cyber Attacks 124

Security Affairs

MAY 10, 2021

The Darkside ransomware gang first emerged in the threat landscape in August 2020, in recent months the group was very active and targeted organizations worldwide. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” Pierluigi Paganini.

Ransomware 138

Ransomware Energy and Utilities Healthcare Cybercrime 138

Security Affairs

MAY 17, 2023

“According to the indictment obtained in the District of New Jersey, from at least as early as 2020, Mikhail Pavlovich Matveev, aka Wazawaka, aka m1x, aka Boriselcin, aka Uhodiransomwar, allegedly participated in conspiracies to deploy three ransomware variants.” The attacks hit law enforcement agencies in Washington, D.C.

Ransomware 75

Ransomware Healthcare Cybercrime Encryption 75

Security Affairs

DECEMBER 10, 2021

In addition to the encryption of data and subsequent impact to organisations’ ability to operate as usual, victims have had data stolen during incidents published by the ransomware actors, including Personally Identifiable Information (PII).” This activity has happened across multiple sectors.

Ransomware 91

Ransomware Cybercrime Encryption Malware 91

Security Affairs

APRIL 4, 2021

The University told DataBreaches.net that hackers had accessed a limited number of files in its system containing some personally identifiable information. “In late December, CLOP breached the security of our Accellion file transfer system. This system was used by our students, faculty, and staff to transfer encrypted files.

Ransomware 93

Ransomware Encryption Data breaches Cybercrime 93

Security Affairs

SEPTEMBER 2, 2020

Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details from compromised websites. Attackers encrypt payment data to make identification more difficult before transferring it via Telegram’s API into a chat channel. ” concluded the post.

Encryption 101

Encryption Advertising Cybercrime Marketing 101

Security Affairs

FEBRUARY 24, 2021

The wave of attacks exploiting multiple zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) software began in mid-December 2020, threat actors use to deploy a shell dubbed DEWMODE on the target networks. Security experts from FireEye linked the cyber attacks to the cybercrime group UNC2546, aka FIN11.

Manufacturing 116

Manufacturing Ransomware Cybercrime Hacking 116

Security Affairs

AUGUST 24, 2021

The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. OnePercent Group actors encrypt the data and exfiltrate it from the victims’ systems. The attachment’s macros infect the system with the IcedID1 banking trojan.

Ransomware 127

Ransomware Encryption Banking Phishing 127

Security Affairs

OCTOBER 11, 2020

The actors behind FONIX RaaS advertised several products on various cybercrime forums. FONIX first appeared in the threat landscape in July 2020, fortunately, the number of infections associated with this threat is still small. ” reads the analysis published by Sentinel Labs. ” concludes the report.

Ransomware 87

Ransomware Encryption Advertising DDOS 87

Security Affairs

FEBRUARY 16, 2023

Unlike most Mirai variants, the V3G4 variant uses different XOR encryption keys for string encryption. The botnet also attempts to terminate a list of processes, included in the hardcoded ‘stop list,’ by checking their names on the infected device.

IoT 96

IoT DDOS Encryption Malware 96