Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 99

Ransomware Encryption Antivirus VPN 99

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020.

Ransomware 74

Ransomware VPN Cybercrime Advertising 74

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 112

Ransomware Hacking Engineering Manufacturing 112

Security Affairs

JANUARY 2, 2021

Below the list of the top stories of 2020. August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware. BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. SecurityAffairs – hacking, Top stories 2020).

Firewall 104

Firewall VPN Hacking Accountability 104

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Hacking 116

Hacking Ransomware Manufacturing Healthcare 116

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. ” continues the EUROPOL. Europol said.

VPN 77

VPN Cybercrime Ransomware Advertising 77

Security Affairs

FEBRUARY 12, 2024

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware.

Ransomware 110

Ransomware Encryption VPN Manufacturing 110

Adam Levin

DECEMBER 16, 2020

If 2020 taught us anything, it’s to expect the unexpected–and do the best we can in a rapidly changing world. Use a VPN: If you need to transmit sensitive information online, look into a VPN provider, or see if your workplace can provide one. That’s always the case when it comes to cybersecurity.

VPN 245

VPN Antivirus Passwords Backups 245

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. Yes, what you’ve read is right! As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware 105

Ransomware Hacking Manufacturing Healthcare 105

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 126

Ransomware VPN Advertising Government 126

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files. Pierluigi Paganini.

Ransomware 136

Ransomware Encryption VPN Malware 136

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. ” Kaspersky spotted the activity of the group by investigating two weaponized documents that were uploaded to VirusTotal in July 2020 and March 2021. .

VPN 117

VPN Internet Internet Software 117

Krebs on Security

MARCH 2, 2022

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti , one of the more rapacious and ruthless ransomware gangs in operation today. – Penetration Testers/Hackers: Those on the front lines battling against corporate security teams to steal data, and plant ransomware.

Ransomware 211

Ransomware Antivirus Malware Cybercrime 211

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 109

Ransomware Manufacturing Healthcare Education 109

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 81

VPN Firewall Firmware Authentication 81

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The MU-000140-MW flash alert includes indicators of compromise to detect associated with this ransomware gang. Consider installing and using a VPN. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption VPN Backups 144

Security Affairs

NOVEMBER 25, 2020

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year.

Banking 125

Banking Ransomware Phishing Marketing 125

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. The other handle that appeared tied to Wazawaka was “Orange,” the founder of the RAMP ransomware forum. This post is an attempt to remedy that.

VPN 209

VPN Ransomware Cybercrime Accountability 209

Security Affairs

APRIL 24, 2020

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. SecurityAffairs – Sodinokibi Ransomware, hacking).

Software 101

Software Ransomware VPN Advertising 101

Security Affairs

DECEMBER 6, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. SecurityAffairs – hacking, ransomware).

Ransomware 91

Ransomware VPN Encryption Authentication 91

Security Affairs

JULY 20, 2020

Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina , one of the largest internet service providers in Argentina, was hit by a ransomware attack. SecurityAffairs – hacking, REVil ransomware). million ransom. Pierluigi Paganini.

Ransomware 118

Ransomware VPN Advertising Internet 118

Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 107

Ransomware Cyber Attacks Manufacturing Healthcare 107

Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. ” reads the report published by ClearSky.

VPN 112

VPN Telecommunications Advertising Hacking 112

Krebs on Security

MARCH 20, 2020

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. A joint advisory on CVE-2020-9054 from the U.S. which boasts some 100 million devices deployed worldwide.

IoT 248

IoT DDOS VPN Firewall 248

Security Affairs

JUNE 21, 2021

The Taiwanese memory and storage chip maker ADATA was hit by the Ragnar Locker ransomware gang that also published more than 700GB of stolen data. The Ragnar Locker ransomware gang has published on its leak sites more than 700GB of data stolen from Taiwanese memory and storage chip maker ADATA. Consider installing and using a VPN.

Ransomware 134

Ransomware Passwords VPN Authentication 134

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.”

Ransomware 107

Ransomware Cryptocurrency Malware Internet 107

eSecurity Planet

SEPTEMBER 29, 2021

Ransomware is everywhere these days, striking fear into the hearts of IT and business managers alike. And studies support that perception, showing ransomware growing in both prevalence and effectiveness. Best Ransomware Removal Tools. Attacks against corporate assets like servers and network equipment are growing. EnigmaSoft.

Ransomware 107

Ransomware VPN Backups Malware 107

SecureList

DECEMBER 7, 2021

In the past twelve months, the word “ransomware” has popped up in countless headlines worldwide across both print and digital publications: The Wall Street Journal , the BBC , the New York Times. That is precisely why we have chosen ransomware as our story of the year for Kaspersky’s annual Security Bulletin.

Ransomware 125

Ransomware B2B B2C Government 125

eSecurity Planet

FEBRUARY 19, 2024

Akira ransomware vulnerabilities have also surfaced in older Cisco products, and SolarWinds patched some remote code execution flaws in its Access Rights Manager product. February 15, 2024 Akira Ransomware Affects Old Vulnerability in Cisco Products Type of vulnerability: Remote unauthenticated access and potential credential data theft.

VPN 111

VPN DNS Ransomware Software 111

Security Affairs

JANUARY 10, 2020

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The flaw can be used in combination with the CVE-2019-11539 remote command injection issue gain access to private VPN networks. SecurityAffairs – Pulse Secure VPN , hacking).

VPN 67

VPN InfoSec Advertising Cybersecurity 67

DoublePulsar

JANUARY 4, 2020

A security vulnerability in a popular enterprise remote access product is being used to deliver ransomware into organisations , with targeted delivery to also delete backups and disable endpoint security controls. I realised in some recent incidents, impacted companies ran Pulse Secure VPN (it’s super easy to spot with Shodan).

VPN 52

VPN Ransomware Passwords Internet 52

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . Experts identified Tor hidden services and clearnet URLs via various open-source reporting that could be associated with the activity of the Hades ransomware. ” concludes the report.

Ransomware 136

Ransomware Encryption Malware VPN 136

Approachable Cyber Threats

OCTOBER 16, 2020

Back in June, the Department of Homeland Security (DHS) issued an advisory that married together two of today’s major cybersecurity concerns: remote access technology and ransomware. VPNs continue to be problematic as well. VPN technology allows better security and more granularity in terms of access. million exposed RDP ports.

Ransomware 98

Ransomware VPN Internet Internet 98

eSecurity Planet

OCTOBER 5, 2021

Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data. Ransomware Protection and Recovery Steps. Ransomware removal tools. Ransomware recovery services. Data backup.

Ransomware 138

Ransomware Backups Encryption Insurance 138

SecureList

JUNE 17, 2021

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). The ransomware family was DearCry. Ransomware is written in Python. Background. Product affected.

Ransomware 133

Ransomware Encryption VPN System Administration 133

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 107

Banking Ransomware Advertising VPN 107