Security Affairs

MAY 18, 2021

Researchers from blockchain analysis firm Elliptic estimated that Darkside ransomware gang has made over $90 million from its attacks. Experts from blockchain analysis firm Elliptic estimated that the Darkside ransomware gang has earned over $90 million from ransom payments from its victims since October 2020. million. .

Ransomware 86

Ransomware Malware Hacking Information Security 86

Security Affairs

DECEMBER 10, 2021

BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language.

Ransomware 97

Ransomware Malware Cybercrime Encryption 97

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The Threat Report Portugal: Q1 2020 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2020. The campaigns were classified as either phishing or malware. Phishing and Malware Q1 2020.

Threat Reports 99

Threat Reports Phishing Banking Malware 99

Security Affairs

JANUARY 5, 2024

A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500.

Ransomware 106

Ransomware Hacking Encryption Malware 106

Security Affairs

MAY 17, 2024

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. Wichita is the most populous city in the U.S.

Data breaches 90

Data breaches Ransomware Hacking Cybercrime 90

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 99

Malware Identity Theft Banking Ransomware 99

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. They are followed by banking Trojans , whose share in the total amount of malicious attachments showed growth for the first time in a while.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

JANUARY 2, 2021

Below the list of the top stories of 2020. While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware. SecurityAffairs – hacking, Top stories 2020).

Firewall 106

Firewall VPN Hacking Accountability 106

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware 77

Ransomware VPN Cybercrime Advertising 77

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. March 23 – COVID19-themed campaign delivers a new variant of Netwalker Ransomware. MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware.

Scams 109

Scams Mobile Advertising Malware 109

Security Affairs

DECEMBER 18, 2020

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware. SecurityAffairs – hacking, ransomware).

Mobile 137

Mobile Ransomware Encryption Malware 137

CyberSecurity Insiders

JUNE 29, 2023

Granules, the Indian Pharmaceutical company that manufactures Paracetamol has released an official statement that a ransomware attack that targeted its servers last month has resulted in substantial loss of revenue and profitability.

Ransomware 83

Ransomware Backups Manufacturing Encryption 83

Security Affairs

NOVEMBER 25, 2020

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year.

Banking 131

Banking Ransomware Phishing Marketing 131

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware 138

Ransomware Hacking Malware Encryption 138

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 120

Ransomware Hacking Engineering Manufacturing 120

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Hacking 123

Hacking Ransomware Manufacturing Healthcare 123

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 12, 2024

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware.

Ransomware 116

Ransomware Encryption VPN Manufacturing 116

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The MU-000140-MW flash alert includes indicators of compromise to detect associated with this ransomware gang. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

MARCH 16, 2024

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. According to the 2020 census, the Scranton School District serves a resident population of 76,997.

Ransomware 107

Ransomware Computers and Electronics Data breaches Hacking 107

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 99

Malware DDOS Hacking Cybercrime 99

Security Affairs

NOVEMBER 26, 2020

discloses a ransomware attack that took place in September 2020. revealed that a ransomware attack hit its systems in September 2020. “On September 14, 2020, USF experienced an IT security event [.] “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini.

Ransomware 142

Ransomware Data breaches Encryption Malware 142

Security Affairs

APRIL 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. April 14 – Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware. April 17 – Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week.

Scams 105

Scams Malware Phishing Surveillance 105

Security Affairs

SEPTEMBER 28, 2020

The operators behind new ransomware dubbed Mount Locker have adopted the same tactic of other gangs threatening the victims to leak stolen data. A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. MountLocker #Ransomware claimed Makalot Industrial Co. as a victim.

Ransomware 134

Ransomware Encryption Advertising Engineering 134

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files.

Ransomware 140

Ransomware Encryption VPN Malware 140

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. ” reads the security advisory published by the vendor. . Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 113

Ransomware Cryptocurrency Malware Internet 113

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”.

Ransomware 121

Ransomware Cybercrime Malware Marketing 121

Approachable Cyber Threats

SEPTEMBER 14, 2021

When we thought about 2020, it felt like hackers and ransomware should have been at the top (these fall under system intrusion). When we thought about 2020, it felt like hackers and ransomware should have been at the top (these fall under system intrusion). What did “the internet” think was causing breaches in 2020?

Data breaches 98

Data breaches Social Engineering Engineering Phishing 98

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 139

Ransomware Encryption Backups Malware 139

Security Affairs

JUNE 10, 2022

The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has been active since at least January 2020. The ransomware encrypts files on the targeted systems using the “.cuba” The ransomware encrypts files on the targeted systems using the “.cuba”

Ransomware 124

Ransomware Malware Encryption Hacking 124

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020.

Ransomware 87

Ransomware Cybersecurity Education Government 87

Security Affairs

OCTOBER 22, 2020

According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. I’m proud to present the ENISA Threat Landscape Report 2020 , the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020.

Cyber threats 106

Cyber threats Digital transformation Advertising IoT 106

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

Security Affairs

MAY 18, 2020

A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. Pierluigi Paganini.

Ransomware 125

Ransomware Government Advertising Malware 125

Security Affairs

AUGUST 9, 2022

Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel , which is considered a division of the Lazarus APT Group, . SecurityAffairs – hacking, Maui ransomware).

Ransomware 133

Ransomware Computers and Electronics Healthcare Malware 133

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. billion in 2019. Pierluigi Paganini.

Ransomware 128

Ransomware Encryption IoT Malware 128

Security Affairs

MAY 9, 2021

CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant.

Ransomware 121

Ransomware Penetration Testing Malware Cybercrime 121