Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators.

Cybercrime 85

Cybercrime Government Ransomware Cryptocurrency 85

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 106

Ransomware Encryption Antivirus VPN 106

Security Affairs

MAY 17, 2024

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. Wichita is the most populous city in the U.S.

Data breaches 73

Data breaches Ransomware Hacking Cybercrime 73

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

MARCH 6, 2023

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group.

Ransomware 74

Ransomware Cybercrime Malware Phishing 74

Security Affairs

MARCH 22, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 15 to March 21, 2020. March 21, 2020 – New Coronavirus-themed attack uses fake WHO chief emails. March 19, 2020 – Coronavirus news used by Emotet and Trickbot to evade detection. Pierluigi Paganini.

Advertising 102

Advertising Cybercrime Scams Phishing 102

Security Affairs

MARCH 16, 2024

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. According to the 2020 census, the Scranton School District serves a resident population of 76,997.

Ransomware 107

Ransomware Computers and Electronics Data breaches Hacking 107

Security Affairs

DECEMBER 26, 2021

The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday, but according to the company the security breach had a limited impact on its operations.

Ransomware 130

Ransomware Cybercrime Advertising Information Security 130

Security Affairs

JUNE 16, 2023

DoJ charged a Russian national with conspiring to carry out LockBit ransomware attacks against U.S. The Justice Department announced charges against the Russian national Ruslan Magomedovich Astamirov (20) for his role in numerous LockBit ransomware attacks against systems in the United States, Asia, Europe, and Africa.

Ransomware 84

Ransomware Healthcare Education Government 84

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., “Cryptocurrency article contest!

Ransomware 217

Ransomware Cryptocurrency DDOS Scams 217

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”.

Ransomware 121

Ransomware Cybercrime Malware Marketing 121

Security Affairs

NOVEMBER 1, 2021

The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). SecurityAffairs – hacking, cybercrime).

DDOS 124

DDOS Ransomware Cybercrime Encryption 124

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. . added the company.

Ransomware 89

Ransomware Cryptocurrency Cybercrime Malware 89

Security Affairs

DECEMBER 10, 2021

BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language. Pierluigi Paganini.

Ransomware 97

Ransomware Malware Cybercrime Encryption 97

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware 141

Ransomware Cybercrime Advertising Software 141

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

NOVEMBER 14, 2023

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. Resecurity, Inc.

Ransomware 111

Ransomware Cyber threats Government Hacking 111

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 136

Ransomware Encryption Malware Cybercrime 136

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. For example, both ransomware and info stealers target Bitcoin.

Banking 115

Banking Cybercrime Malware Accountability 115

Security Affairs

DECEMBER 27, 2019

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. 1) Targeted ransomware attacks on the rise. 1) Targeted ransomware attacks on the rise. In 2020, we will witness an increase in targeted ransomware attacks. 3) IoT devices under attack.

Cybersecurity 78

Cybersecurity IoT Ransomware Advertising 78

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. Pierluigi Paganini.

Malware 99

Malware DDOS Hacking Cybercrime 99

Security Affairs

DECEMBER 17, 2021

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. ” reads the analysis published by AdvIntel. “A

Ransomware 129

Ransomware Energy and Utilities Cybercrime Malware 129

Security Affairs

MAY 10, 2021

FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware gang. Federal Bureau of Investigation confirmed that the Colonial Pipeline was shut down due to a cyber attack carried out by the Darkside ransomware gang. This is an unprecedented tactic in the cybercrime ecosystem.

Ransomware 139

Ransomware Energy and Utilities Healthcare Cybercrime 139

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 116

Ransomware Manufacturing Healthcare Education 116

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 83

Cybercrime Software Ransomware Cyber Attacks 83

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers.

Ransomware 144

Ransomware Cyber Insurance Insurance Advertising 144

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach.

Banking 103

Banking Ransomware Cybercrime Malware 103

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. Pierluigi Paganini.

Ransomware 111

Ransomware Retail Advertising Malware 111

Security Affairs

MAY 17, 2023

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks.

Ransomware 75

Ransomware Healthcare Cybercrime Encryption 75

Security Affairs

MAY 9, 2021

CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant.

Ransomware 121

Ransomware Penetration Testing Malware Cybercrime 121

Security Affairs

MAY 22, 2021

Conti ransomware targeted over 400 organizations worldwide, 290 in the US, and at least 16 healthcare and first responder networks. The Federal Bureau of Investigation (FBI) revealed that the Conti ransomware gang has hit at least 16 healthcare and first responder organizations. SecurityAffairs – hacking, Conti Ransomware).

Ransomware 117

Ransomware Healthcare Cyber Attacks Cybercrime 117

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. No samples seen yet.

Ransomware 112

Ransomware Encryption Engineering Cybercrime 112

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. 3 (@pancak3lullz) October 15, 2020.

Ransomware 136

Ransomware Malware Advertising Cybercrime 136

Security Affairs

MARCH 3, 2021

A couple of weeks ago, security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. The attackers exfiltrate sensitive data from the target systems and then published it on the CLOP ransomware gang’s leak site.

Ransomware 129

Ransomware Cybersecurity Cyber Attacks Data breaches 129

Security Affairs

AUGUST 18, 2021

Researchers conducted a new analysis of the Diavol ransomware and found new evidence of the link with the gang behind the TrickBot botnet. In July, researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider , the cybercrime gang behind the TrickBot botnet.

Ransomware 100

Ransomware DNS Cybercrime Malware 100

Security Affairs

DECEMBER 10, 2021

The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. ” reads the ransomware profile.

Ransomware 91

Ransomware Cybercrime Encryption Malware 91

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020.

Ransomware 97

Ransomware Encryption Malware Cybercrime 97