Security Affairs

DECEMBER 31, 2022

Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. million in 2021.

Healthcare 87

Healthcare Ransomware Backups Hacking 87

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 139

Ransomware Encryption Backups Malware 139

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site.

Ransomware 124

Ransomware Healthcare Encryption Cyber Attacks 124

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 124

Ransomware Backups Encryption DNS 124

Security Affairs

AUGUST 11, 2021

Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT and consulting giant Accenture was hit by a ransomware attack carried out by LockBit 2.0 — Cyble (@AuCyble) August 11, 2021. SecurityAffairs – hacking, ransomware).

Ransomware 141

Ransomware Backups Hacking Data breaches 141

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt reads the security advisory published by the vendor.

Ransomware 112

Ransomware Encryption Backups Firmware 112

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

FEBRUARY 12, 2022

CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Cybersecurity agencies from the U.K., ” reads the joint advisory.

Ransomware 90

Ransomware Backups Encryption Accountability 90

Security Affairs

APRIL 23, 2021

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. If anyone's dealing with the QLocker QNAP NAS ransomware, feel free to DM me.

Ransomware 118

Ransomware Backups Media Malware 118

Security Affairs

FEBRUARY 7, 2022

Cybersecurity firm Avast has released a decryption tool to allow victims of TargetCompany ransomware to recover their files for free. Czech cybersecurity software firm Avast has released a decryption tool that could allow victims of the TargetCompany ransomware to recover their files for free under certain circumstances.

Ransomware 98

Ransomware Backups Encryption Passwords 98

Security Affairs

OCTOBER 15, 2021

IT and consulting giant Accenture confirmed a data breach after the ransomware attack conducted by LockBit operators in August 2021. Global IT consultancy giant Accenture discloses a data breach after the LockBit ransomware attack that hit the company in August 2021. SecurityAffairs – hacking, ransomware).

Data breaches 103

Data breaches Ransomware Backups Hacking 103

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. The good news is in the latter attack the victims restored its backups. Pierluigi Paganini.

Ransomware 96

Ransomware Passwords Backups Firmware 96

Security Affairs

DECEMBER 25, 2021

Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. New ransomware variant, "Rook Ransomware", found on VT practicing searches/hunting on my day off. “The ransomware attempts to terminate any process that may interfere with encryption.

Ransomware 116

Ransomware Malware Encryption Backups 116

Security Affairs

AUGUST 13, 2021

Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare vulnerability in their attacks against Windows servers.

Ransomware 120

Ransomware Backups Education Malware 120

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0

Ransomware 111

Ransomware Retail Manufacturing Encryption 111

Security Affairs

FEBRUARY 5, 2022

The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. Like other ransomware gangs, Lockbit 2.0

Ransomware 87

Ransomware Backups Encryption Accountability 87

Security Affairs

NOVEMBER 8, 2021

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Bleeping Computer, citing screenshots posted on Twitter, reported that 3,100 servers were infected with the ransomware. Update November 8, 2021. SecurityAffairs – hacking, ransomware).

Computers and Electronics 112

Computers and Electronics Ransomware Retail Spyware 112

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. ESETresearch has identified Linux and FreeBSD variants of the #Hive #Ransomware.

Encryption 106

Encryption Ransomware Spyware Malware 106

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose Corporation has announced it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose first detected the malware/ransomware on Bose’s U.S.

Ransomware 117

Ransomware Malware Cyber Attacks Backups 117

Security Affairs

FEBRUARY 10, 2023

North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S.

Ransomware 80

Ransomware Healthcare Cryptocurrency Government 80

Security Affairs

FEBRUARY 26, 2023

The producers of fruit and vegetables Dole Food Company disclosed a ransomware attack that impacted its operations. Dole reported 2021 revenues of $6.5 The company announced that it has suffered a ransomware attack that impacted its operations. ” reads a notice published by the company. ” reads the notice.

Ransomware 93

Ransomware Backups Cyber Attacks Hacking 93

Security Affairs

FEBRUARY 14, 2022

The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. Secret Service (USSS) to provide information on BlackByte ransomware. ” reads the advisory.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88

Security Affairs

OCTOBER 18, 2021

It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor hidden service. The REvil ransomware gang has shut down its operation once again after a threat actor has hijacked their Tor leak site and payment portal. ddd1ms) October 17, 2021. REvil gives additional update.

Ransomware 87

Ransomware Hacking Backups Media 87

Security Affairs

FEBRUARY 8, 2023

Cybersecurity and Infrastructure Security Agency (CISA) released a script to recover VMware ESXi servers infected with ESXiArgs ransomware. Good news for the victims of the recent wave of ESXiArgs ransomware attacks, the U.S. Experts noticed that only a few thousand systems were encrypted worldwide. Then the U.S.

Ransomware 87

Ransomware Encryption Backups Cybersecurity 87

Security Affairs

SEPTEMBER 3, 2021

The Conti ransomware operators are targeting Microsoft Exchange servers leveraging recently disclosed ProxyShell vulnerability exploits. The Conti ransomware gang is targeting Microsoft Exchange servers leveraging exploits with recently disclosed ProxyShell vulnerabilities. ” continues the report. start C:x64.exe

Ransomware 92

Ransomware Backups Hacking Encryption 92

Security Affairs

JULY 6, 2021

Taiwanese vendor QNAP addressed a critical flaw, tracked as CVE-2021-28809, that could be exploited to compromise vulnerable NAS devices. Taiwanese vendor QNAP fixed a critical vulnerability, tracked as CVE-2021-28809 , that could be exploited by attackers to compromise vulnerable NAS devices. HBS 3 v3.0.210507 and later QTS 4.3.4:

Backups 112

Backups Ransomware IoT Hacking 112

Security Affairs

SEPTEMBER 1, 2021

The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends or holidays. The FBI and CISA warn organizations to keep high their defenses against ransomware attacks during weekends or holidays. ” reads the advisory published by CISA.

Ransomware 104

Ransomware Risk Encryption Passwords 104

Security Affairs

AUGUST 27, 2021

The Federal Bureau of Investigation (FBI) published a flash alert related to the operations of the Hive ransomware gang. The Federal Bureau of Investigation (FBI) has released a flaw alert on the Hive ransomware attacks that includes technical details and indicators of compromise associated with the operations of the gang.

Ransomware 97

Ransomware Encryption Spyware Backups 97

Security Affairs

FEBRUARY 10, 2021

The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher, has disclosed a ransomware attack. The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher series, has suffered a ransomware attack. link] — Fabian Wosar (@fwosar) February 9, 2021.

Ransomware 89

Ransomware Encryption Backups Cyber Attacks 89

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 95

Ransomware Malware Data collection Encryption 95

Security Affairs

OCTOBER 22, 2021

Darkside and BlackMatter ransomware operators have moved a large amount of their Bitcoin reserves after the recent shutdown of REvil’s infrastructure. The gangs behind the Darkside and BlackMatter ransomware operations have moved 107 BTC ($6.8 — Omri Segev Moyal (@GelosSnake) October 22, 2021. Pierluigi Paganini.

Ransomware 100

Ransomware Backups Cryptocurrency Hacking 100

Security Affairs

OCTOBER 24, 2021

Experts from cybersecurity firm Emsisoft announced the availability of a free decryptor for past victims of the BlackMatter ransomware. Cybersecurity firm Emsisoft has released a free decryption tool for past victims of the BlackMatter ransomware. More details can be found here: [link] — Fabian Wosar (@fwosar) October 24, 2021.

Ransomware 96

Ransomware Encryption Backups Healthcare 96

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. The gold rush of 2020.

Ransomware 119

Ransomware Cybercrime Malware Marketing 119

SC Magazine

JUNE 25, 2021

A ransomware attack on an Iowa-based eye clinic earlier this year led to the access and possible theft of data belonging to 500,000 patients.(Photo A ransomware attack on Iowa-based Wolfe Eye Clinic earlier this year led to the access and possible theft of data belonging to 500,000 patients. Photo by John Moore/Getty Images).

Ransomware 103

Ransomware Insurance Hacking Media 103

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 108

Healthcare Ransomware Encryption Passwords 108

CyberSecurity Insiders

DECEMBER 14, 2021

With CyberScan, customers can uncover cyber exposures and blind spots within their production environment by running on-demand and automated scans on backup snapshots against known vulnerabilities. Timing of this announcement comes as cyberthreats, security breaches, and ransomware attacks continue to plague organizations around the globe.

Cyber Risk 52

Cyber Risk Ransomware Risk Backups 52