2020, Hacking, Malware and Ransomware - Cyber Security Informer

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware

Ransomware VPN Education Hacking

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime

Cybercrime Ransomware DDOS Encryption

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware

Ransomware Encryption Antivirus VPN

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware

Ransomware Hacking Malware Encryption

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Trickbot malware induces new Diavol Ransomware Strain

CyberSecurity Insiders

JULY 8, 2021

Trickbot banking malware is back in news for inducing a new ransomware variant into the wild. Researchers from Fortinet’s FortiGuard Labs has have found that the new malware strain is acting similar to that of Conti Ransomware with a change that it Asymmetric encryption algorithms unlike other file encrypting malware variants.

Malware

Malware Ransomware Healthcare Encryption

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking

Hacking Cybercrime Ransomware Government

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation.

Ransomware

Ransomware Hacking Encryption Malware

Ransomware operators target CVE-2020-14882 WebLogic flaw

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882).

Ransomware

Ransomware Malware Internet Internet

DarkSide ransomware made $90 million since October 2020

Security Affairs

MAY 18, 2021

Researchers from blockchain analysis firm Elliptic estimated that Darkside ransomware gang has made over $90 million from its attacks. Experts from blockchain analysis firm Elliptic estimated that the Darkside ransomware gang has earned over $90 million from ransom payments from its victims since October 2020. million. .

Ransomware

Ransomware Malware Hacking Information Security

Maze Ransomware Gang Allegedly Retires

Adam Levin

NOVEMBER 4, 2020

The infamous Maze ransomware gang has announced they will cease operations, effective immediately. . On November 1, the hacking group behind several high profile ransomware attacks in 2020 issued a rambling press release, riddled with spelling errors, on the dark web announcing, “it is officially closed.”.

Ransomware

Ransomware Scams Hacking Malware

BlackCat ransomware, a very sophisticated malware written in Rust

Security Affairs

DECEMBER 10, 2021

BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language.

Ransomware

Ransomware Malware Cybercrime Encryption

Ransomware in 2020: A Banner Year for Extortion

Threatpost

DECEMBER 28, 2020

From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom, ransomware gangs disrupted organizations to inordinate levels in 2020.

Ransomware

Ransomware Malware Hacking

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. The upshot? ” Meanwhile, the U.S.

Ransomware

Ransomware Accountability Cybercrime Malware

A TrickBot malware developer sentenced to 64 months in prison

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware

Malware Identity Theft Banking Ransomware

Scranton School District in Pennsylvania suffered a ransomware attack

Security Affairs

MARCH 16, 2024

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. According to the 2020 census, the Scranton School District serves a resident population of 76,997.

Ransomware

Ransomware Computers and Electronics Data breaches Hacking

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

JULY 1, 2020

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. billion in revenu e in Q1 2020 and has 27,000 employees across the globe.

Ransomware

Ransomware Hacking Encryption Banking

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

The 2020 Olympics are, after a bit of a delayed start , officially in full swing. And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. 2010 Vancouver.

Scams

Scams Hacking Malware Mobile

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware

Ransomware VPN Cybercrime Advertising

Coronavirus-themed attacks March 22 – March 28, 2020

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. March 23 – COVID19-themed campaign delivers a new variant of Netwalker Ransomware. MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware.

Scams

Scams Mobile Advertising Malware

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. They are followed by banking Trojans , whose share in the total amount of malicious attachments showed growth for the first time in a while.

Phishing

Phishing Ransomware Spyware Banking

Fake mobile version of Cyberpunk 2077 spreads ransomware

Security Affairs

DECEMBER 18, 2020

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware. SecurityAffairs – hacking, ransomware).

Mobile

Mobile Ransomware Encryption Malware

Victims of FonixCrypter ransomware could decrypt their files for free

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware

Ransomware Encryption Malware Cybercrime

Ransomware Attack on Ferrari

CyberSecurity Insiders

OCTOBER 3, 2022

Ferrari, the luxury car maker, was recently hit by a ransomware attack that apparently led to data leak that is now being posted online on an installment basis. NOTE 1- Since the year 2020, RansomEXX has been highly prevalent on the dark web and has mainly targeted companies from the United States and Europe.

Ransomware

Ransomware Cryptocurrency Encryption Accountability

Ransom-what? Learning from Hacked Hackers

SecureWorld News

JANUARY 19, 2023

That is how James McQuiggan, CISSP, Security Awareness Advocate for KnowBe4, kicked off the recent SecureWorld Remote Sessions webcast titled, "Ransomware, Ransom-war, and Ran-some-where: What We Can Learn When the Hackers Get Hacked." Some scary statistics: Ransomware attacks increased 13% from 2020 to 2021.

Hacking

Hacking Backups Ransomware Retail

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware

Ransomware VPN Cybercrime Advertising

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware

Malware DDOS Hacking Cybercrime

Coronavirus-themed attacks April 05 – April 11, 2020

Security Affairs

APRIL 12, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from April 05 to April 11, 2020. April 09 – Phishers prefer Tesla, top 3 malware strains in COVID19 phishing campaigns. April 09 – Australian Signals Directorate (ASD) is hacking crooks behind COVID19-themed attacks.

Scams

Scams Advertising Malware Phishing

CISA MAR report provides technical details of FiveHands Ransomware

Security Affairs

MAY 9, 2021

CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant.

Ransomware

Ransomware Penetration Testing Malware Cybercrime

Experts linked Maui ransomware to North Korean Andariel APT

Security Affairs

AUGUST 9, 2022

Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel , which is considered a division of the Lazarus APT Group, . SecurityAffairs – hacking, Maui ransomware).

Ransomware

Ransomware Computers and Electronics Healthcare Malware

Ransomware hits US Fertility the largest US fertility network

Security Affairs

NOVEMBER 26, 2020

discloses a ransomware attack that took place in September 2020. revealed that a ransomware attack hit its systems in September 2020. “On September 14, 2020, USF experienced an IT security event [.] “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini.

Ransomware

Ransomware Data breaches Encryption Malware

FBI issued an alert on Ragnar Locker ransomware activity

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The MU-000140-MW flash alert includes indicators of compromise to detect associated with this ransomware gang. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware

Ransomware Encryption VPN Backups

Black Kingdom ransomware is targeting Microsoft Exchange servers

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. SecurityAffairs – hacking, Microsoft Exchange).

Ransomware

Ransomware Encryption VPN Malware

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware

Ransomware Encryption Backups Malware

AgeLocker ransomware operation targets QNAP NAS devices

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The malware was designed to abuse NAS resources and mine cryptocurrency. SecurityAffairs – hacking, QNAP).

Ransomware

Ransomware Cryptocurrency Malware Internet

Ransomware news headlines trending on Google

CyberSecurity Insiders

NOVEMBER 29, 2022

First is the news related to Southampton County of Virginia, as information is out that personal information of many county populaces was stolen in a ransomware attack that occurred in September 2022. Lorenz Ransomware spreading gang focused more on public sector companies from February 2021 to October 2022.

Ransomware

Ransomware Healthcare Encryption Cybercrime

Chip maker Advantech hit by Conti ransomware gang

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. SecurityAffairs – hacking, Advantech).

Ransomware

Ransomware Encryption IoT Malware

Could Your Company Survive a Ransomware Attack?

CyberSecurity Insiders

AUGUST 26, 2022

One of the most ruthless cyberattacks is a ransomware attack. What Is a Ransomware Attack? Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. Ransomware attacks are about as old as the internet itself.

Ransomware

Ransomware Education Software Malware

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Security Affairs

NOVEMBER 14, 2023

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. Resecurity, Inc.

Ransomware

Ransomware Cyber threats Government Hacking

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Security Affairs

JUNE 10, 2022

The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has been active since at least January 2020. The ransomware encrypts files on the targeted systems using the “.cuba” The ransomware encrypts files on the targeted systems using the “.cuba”

Ransomware

Ransomware Malware Encryption Hacking

Mount Locker ransomware operators demand multi-million dollar ransoms

Security Affairs

SEPTEMBER 28, 2020

The operators behind new ransomware dubbed Mount Locker have adopted the same tactic of other gangs threatening the victims to leak stolen data. A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. MountLocker #Ransomware claimed Makalot Industrial Co. as a victim.

Ransomware

Ransomware Encryption Advertising Engineering

Texas Department of Transportation (TxDOT) hit by a ransomware attack

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. Pierluigi Paganini.

Ransomware

Ransomware Government Advertising Malware

2020 was a golden year for ransomware gangs, with evolving tactics and increasing payouts

SC Magazine

MARCH 18, 2021

Ransomware gangs are evolving their operations at a rapid pace and making off with increasingly large pay days, according to a new report from Palo Alto Networks Unit 42. In 2020 groups were demanding as much as $30 million to unlock a victim’s files and systems. High-end ransoms have gone up significantly too.

Ransomware

Ransomware Manufacturing Media Insurance

Attackers took over the Perl.com domain in September 2020

Security Affairs

MARCH 3, 2021

The Perl.com domain was hijacked in January, but a senior editor at the site revealed that the hackers took control of the domain in September 2020. The Perl.com domain was hijacked in January 2021, but according to Brian Foy , senior editor of Perl.com, the attack took place months before, in September 2020. Pierluigi Paganini.

Social Engineering

Social Engineering Malware Hacking Engineering

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Trending Sources

Akira ransomware received $42M in ransom payments from over 250 victims

Cuba ransomware gang hacked 49 US critical infrastructure organizations

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Trickbot malware induces new Diavol Ransomware Strain

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Ransomware operators target CVE-2020-14882 WebLogic flaw

DarkSide ransomware made $90 million since October 2020

Maze Ransomware Gang Allegedly Retires

BlackCat ransomware, a very sophisticated malware written in Rust

Ransomware in 2020: A Banner Year for Extortion

Who Wrote the ALPHV/BlackCat Ransomware Strain?

A TrickBot malware developer sentenced to 64 months in prison

Scranton School District in Pennsylvania suffered a ransomware attack

Maze Ransomware operators hacked the Xerox Corporation

The Olympics: a timeline of scams, hacks, and malware

NetWalker ransomware operators have made $25 million since March 2020

Coronavirus-themed attacks March 22 – March 28, 2020

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Fake mobile version of Cyberpunk 2077 spreads ransomware

Victims of FonixCrypter ransomware could decrypt their files for free

Ransomware Attack on Ferrari

Ransom-what? Learning from Hacked Hackers

NetWalker ransomware operators have made $25 million since March 2020

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

Coronavirus-themed attacks April 05 – April 11, 2020

CISA MAR report provides technical details of FiveHands Ransomware

Experts linked Maui ransomware to North Korean Andariel APT

Ransomware hits US Fertility the largest US fertility network

FBI issued an alert on Ragnar Locker ransomware activity

Black Kingdom ransomware is targeting Microsoft Exchange servers

Experts warn of attacks using a new Linux variant of SFile ransomware

AgeLocker ransomware operation targets QNAP NAS devices

Ransomware news headlines trending on Google

Chip maker Advantech hit by Conti ransomware gang

Could Your Company Survive a Ransomware Attack?

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Mount Locker ransomware operators demand multi-million dollar ransoms

Texas Department of Transportation (TxDOT) hit by a ransomware attack

2020 was a golden year for ransomware gangs, with evolving tactics and increasing payouts

Attackers took over the Perl.com domain in September 2020

Stay Connected