Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. In August 2021 , an affiliate of the Conti ransomware gang claimed access to corporate networks belonging to a U.S.-based based commodity transportation services company. Pierluigi Paganini.

Cybercrime 112

Cybercrime VPN Ransomware Hacking 112

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware 131

Ransomware Firmware Antivirus Accountability 131

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime 133

Cybercrime Education Accountability Phishing 133

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. Vasinskyi was extradited to the U.S.

Ransomware 92

Ransomware Cryptocurrency Cybercrime Encryption 92

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Bloomberg was informed about the payment by two people familiar with the attack. The pipeline allows carrying 2.5 The pipeline allows carrying 2.5

Cyber Attacks 115

Cyber Attacks Ransomware Insurance Hacking 115

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., ” Stern wrote.

Ransomware 215

Ransomware Cryptocurrency DDOS Scams 215

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime 80

Cybercrime Scams DDOS Banking 80

Security Affairs

OCTOBER 3, 2021

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. Pierluigi Paganini.

Cybercrime 90

Cybercrime Artificial Intelligence Ransomware Cryptocurrency 90

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 108

Cybercrime Malware Backups Manufacturing 108

Security Affairs

AUGUST 5, 2021

The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the other ransomware operations that do the same are REvil , RansomExx/Defray , Mespinoza , HelloKitty , and Babuk.

Ransomware 140

Ransomware Encryption Healthcare Cybercrime 140

Security Affairs

NOVEMBER 1, 2021

The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). SecurityAffairs – hacking, cybercrime).

DDOS 127

DDOS Ransomware Cybercrime Encryption 127

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. Pierluigi Paganini.

Cybercrime 106

Cybercrime Ransomware Antivirus Software 106

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group

Cybercrime 80

Cybercrime VPN Ransomware Hacking 80

Security Affairs

OCTOBER 20, 2023

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law enforcement operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure.

Ransomware 95

Ransomware Cybercrime Malware Hacking 95

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 120

Ransomware Insurance Technology Encryption 120

Security Affairs

DECEMBER 26, 2021

The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday, but according to the company the security breach had a limited impact on its operations.

Ransomware 133

Ransomware Cybercrime Advertising Information Security 133

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators.

Cybercrime 87

Cybercrime Government Ransomware Cryptocurrency 87

Security Affairs

MARCH 6, 2023

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group.

Ransomware 77

Ransomware Cybercrime Malware Phishing 77

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware).

Ransomware 94

Ransomware Cybercrime Malware Hacking 94

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

NOVEMBER 8, 2023

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. TransForm is a non-profit group that provides IT services to the above hospitals.

Ransomware 117

Ransomware Healthcare VPN Insurance 117

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 112

Ransomware Data breaches Passwords Government 112

Security Affairs

MARCH 19, 2023

Dutch maritime logistics company Royal Dirkzwager suffered a ransomware attack, the company was hit by the Play ransomware gang. The Play ransomware group hit the Dutch maritime logistics company Royal Dirkzwager. Company CEO Joan Blaas said that the ransomware attack did not impact the operations of the company.

Ransomware 91

Ransomware Cybercrime Hacking Cyber Attacks 91

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. macaw extension to the file name of the encrypted files.

Ransomware 119

Ransomware Cybercrime Banking Encryption 119

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware 120

Ransomware Cybercrime Government Cyber Attacks 120

Security Affairs

SEPTEMBER 16, 2021

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444 ). The campaigns observed August 2021 likely employed emails impersonating contracts and legal agreements, the messages used documents that were hosted on file-sharing sites. .

Ransomware 96

Ransomware Cybercrime Hacking Information Security 96

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

Government 139

Government Ransomware Cybercrime Banking 139

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 123

Ransomware Architecture Malware Passwords 123

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. ” reads the message published by the ransomware group on its Tor leak site.

Accountability 127

Accountability Ransomware Data breaches Hacking 127

Security Affairs

DECEMBER 10, 2021

BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language. Pierluigi Paganini.

Ransomware 100

Ransomware Malware Cybercrime Encryption 100

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 136

Ransomware Encryption Malware Cybercrime 136

Security Affairs

DECEMBER 31, 2022

Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. million in 2021.

Healthcare 90

Healthcare Ransomware Backups Hacking 90

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. No samples seen yet.

Ransomware 115

Ransomware Encryption Engineering Cybercrime 115

Security Affairs

JULY 30, 2022

I’m proud to announce the release of the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report, Enjoy it! Ransomware has become one of the most dangerous threats for organizations worldwide. Ransomware operations continue to evolve and are becoming more efficient and causing more devastating attacks.

Ransomware 87

Ransomware Cybercrime Cyber Attacks Encryption 87

Security Affairs

AUGUST 12, 2021

Threat actors behind the Magniber Ransomware are using PrintNightmare exploits in attacks aimed at Windows servers. Threat actors behind the Magniber Ransomware are exploiting the PrintNightmare flaws ( CVE-2021-1675 , CVE-2021-34527 , and CVE-2021-36958 ) to infect Windows servers. ” CrowdStrike concludes.

Ransomware 116

Ransomware Cybercrime Encryption Hacking 116

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 102

Marketing Cybercrime DDOS Internet 102

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. ph1ns told Bleeping Computer that Acer was hacked, but threat actors did not deploy any ransomware.

Data breaches 113

Data breaches Computers and Electronics Hacking Cybercrime 113