Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. UNC2447 extortion activity employed the FIVEHANDS ransomware, the threat actors aggressively threatened victims to disclose their hack on the media to sell the data on hacker forums. .

Cybercrime 106

Cybercrime Ransomware Malware Mobile 106

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 90

Encryption Ransomware VPN Malware 90

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp.

Cyber Attacks 113

Cyber Attacks Ransomware Insurance Hacking 113

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. The malware changes the extension of the encrypted files to ‘.royal’.

Encryption 97

Encryption Ransomware Malware Healthcare 97

Security Affairs

MAY 2, 2024

In November 2021, the US Department of Justice charged Vasinskyi, REvil ransomware affiliate, for orchestrating the ransomware attacks on Kaseya MSP platform that took place on July 4, 2021. victims, and we are disrupting the broader cybercrime ecosystem.” ” reads the press release published by DoJ.

Ransomware 90

Ransomware Cryptocurrency Cybercrime Encryption 90

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. ’ This firewall even goes as far as to block the latest versions of the encryption service TLS (v1.3) Related: How China challenged Google in Operation Aurora.

Hacking 243

Hacking Passwords Firewall Internet 243

Security Affairs

JANUARY 8, 2024

“According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Swiss Air Force) ” reported the SwissInfo website.

Hacking 111

Hacking Data breaches Ransomware Manufacturing 111

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. Pierluigi Paganini.

Data breaches 119

Data breaches Hacking Banking Financial Services 119

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 82

Cybercrime Software Ransomware Cyber Attacks 82

Security Affairs

DECEMBER 4, 2021

“The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware 138

Ransomware Hacking Malware Encryption 138

Security Affairs

MARCH 23, 2021

.” Since the disclosure of the vulnerabilities in Accellion FTA multiple cybercrime groups targeted organizations worldwide. In February, security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Data breaches 123

Data breaches Hacking Cybercrime Cyber Attacks 123

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 104

Phishing Advertising Cryptocurrency Encryption 104

Security Affairs

MAY 13, 2024

In December 2021, experts at Check Point Research observed the resurgence of the Phorpiex botnet. The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. com,” and “Jenny[@]gsd[.]com.”

Phishing 70

Phishing Ransomware Security Awareness Authentication 70

Security Affairs

JUNE 13, 2023

million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. The availability of the database in the cybercrime ecosystem poses a severe risk for the company users.

Data breaches 87

Data breaches Passwords Cybercrime Encryption 87

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. ” Around Apr.

VPN 199

VPN Ransomware Cybercrime Accountability 199

Security Affairs

DECEMBER 18, 2023

Some info stealers may use encryption techniques to hide their communication with command-and-control servers, making it more challenging for security systems to detect malicious activities. Illegal activities : Accessing someone else’s bank account information without authorization is illegal and considered a form of cybercrime.

Banking 115

Banking Cybercrime Malware Accountability 115

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. SecurityAffairs – hacking, Macaw Locker).

Ransomware 117

Ransomware Cybercrime Banking Encryption 117

Security Affairs

SEPTEMBER 4, 2021

The complete source code for the Babuk ransomware is available for sale on a Russian-speaking hacking forum. A threat actor has leaked the source code for the Babuk ransomware on a Russian-speaking hacking forum. Metropolitan Police Department, encrypted its files and demanded a $4 million ransom. Pierluigi Paganini.

Hacking 101

Hacking Ransomware Encryption Cybercrime 101

Security Boulevard

FEBRUARY 24, 2021

Fraud and identity theft are on the rise, with online shopping hacks and COVID-related scams popular among cybercriminals. . Fortunately, emerging trends in the financial technology sector may have the potential to turn the tide of cybercrime and keep our financial data safe. . Blockchain systems.

Cybersecurity 105

Cybersecurity Artificial Intelligence Risk Cybercrime 105

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The availability of the master decryption key allows the victims to recover their encrypted files for free. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. Threat actors have published ID cards as proof of hack.

Retail 125

Retail Ransomware Encryption Hacking 125

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. SecurityAffairs – hacking, GravityRAT). Pierluigi Paganini.

Encryption 131

Encryption Malware Media Authentication 131

Security Affairs

NOVEMBER 1, 2021

The HelloKitty ransomware group, like other ransomware gangs, implements a double extortion model, stealing sensitive documents from victims before encrypting them. CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials. SecurityAffairs – hacking, cybercrime).

DDOS 126

DDOS Ransomware Cybercrime Encryption 126

Security Affairs

JULY 29, 2021

The cybercrime group shut down its operations and provided the decryption keys to BleepingComputer website. The group has also shut down its servers and deleted profiles on hacking forums, they also shut down their leak site. “Haron ransomware was first discovered in July 2021. reported The Record. Pierluigi Paganini.

Ransomware 137

Ransomware Cybercrime Encryption Architecture 137

Malwarebytes

MARCH 15, 2021

In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report , which analyzed the top cybercrime goals of 2020 amidst the global pandemic. The post The Malwarebytes 2021 State of Malware report: Lock and Code S02E04 appeared first on Malwarebytes Labs. Other cybersecurity news.

Malware 59

Malware VPN Cybercrime Encryption 59

Security Affairs

SEPTEMBER 27, 2021

Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. Some channels have 10,000s of followers.”

Cybercrime 126

Cybercrime Hacking Mobile DDOS 126

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 86

Malware Banking Healthcare Penetration Testing 86

Security Affairs

AUGUST 5, 2021

Lile other ransomware operations, BlackMatter also set up its leak sitewhere it will publish data exfiltrated from the victims before encrypting their system. So it is BlackMatter: [link] And then the similarities to DarkSide ( [link] ) not surprising… — MalwareHunterTeam (@malwrhunterteam) August 5, 2021.

Ransomware 138

Ransomware Encryption Healthcare Cybercrime 138

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!! Zero Trust.

Ransomware 97

Ransomware Backups Software Encryption 97

Security Affairs

DECEMBER 10, 2021

Another one used to encrypt companies' networks. demonslay335 @VK_Intel pic.twitter.com/YttzWWUD3c — MalwareHunterTeam (@malwrhunterteam) December 8, 2021. Unlike other malware, ALPHV (BlackCat) is the first Rust ransomware that was used in attacks in the wild by a cybercrime organization. Also look at that UI.

Ransomware 98

Ransomware Malware Cybercrime Encryption 98

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. The REvil group was one of the most active ransomware gangs in the first half of 2021, in October 2021 the gang shut down its operations due to the pressure of law enforcement.

Ransomware 112

Ransomware Encryption Engineering Cybercrime 112

Security Affairs

JANUARY 12, 2022

Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7. 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91 2021-12-09 16:18:46 2021-12-09 20:00:13 149.154.167.91

Malware 134

Malware Manufacturing Cryptocurrency Cybercrime 134

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. SecurityAffairs – hacking, AvosLocker).

Ransomware 120

Ransomware Encryption Advertising Malware 120

Security Affairs

FEBRUARY 9, 2023

Experts spotted a new variant of ESXiArgs ransomware targeting VMware ESXi servers, authors have improved the encryption process, making it much harder to recover the encrypted virtual machines. The attack exploits a heap-overflow vulnerability in VMware ESXi and is tracked as CVE-2021-21974 which was patched in February 2021.

Ransomware 89

Ransomware Encryption Hacking Cybercrime 89

Security Affairs

MARCH 3, 2021

Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server. The company is also going to retire legacy FTA server software by April 30, 2021. SecurityAffairs – hacking, GootKit). reported FireEye.

Ransomware 129

Ransomware Cybersecurity Cyber Attacks Data breaches 129