Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. Like other ransomware operations, LockBit 2.0

Encryption 144

Encryption Ransomware Malware Hacking 144

The Last Watchdog

DECEMBER 2, 2021

Ransomware attacks have reached a record high this year, with nearly 250 attacks recorded to date and months to go. As we’ve seen with major attacks like Kaseya and Colonial Pipeline, cybercriminals have continued to innovate, developing new tools and tactics to encrypt and exfiltrate data. billion this year.

Ransomware 262

Ransomware Technology Cybersecurity Backups 262

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime 120

Cybercrime Ransomware DDOS Encryption 120

Security Affairs

DECEMBER 22, 2022

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms.

Ransomware 127

Ransomware Encryption Malware Education 127

Krebs on Security

SEPTEMBER 15, 2021

TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned. ET: TTEC confirmed a ransomware attack.

Ransomware 331

Ransomware Banking Cryptocurrency Media 331

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. It’s just some kind of sabotage.”

Ransomware 271

Ransomware Healthcare Cybercrime Government 271

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site.

Ransomware 126

Ransomware Healthcare Encryption Cyber Attacks 126

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. The AvosLocker ransomware appends the .avoslinux

Ransomware 121

Ransomware Encryption Advertising Malware 121

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 118

Ransomware Insurance Technology Encryption 118

Security Affairs

FEBRUARY 9, 2023

Experts warn of new ESXiArgs ransomware attacks using an upgraded version that makes it harder to recover VMware ESXi virtual machines. Experts spotted a new variant of ESXiArgs ransomware targeting VMware ESXi servers, authors have improved the encryption process, making it much harder to recover the encrypted virtual machines.

Ransomware 88

Ransomware Encryption Hacking Cybercrime 88

Security Affairs

JULY 15, 2021

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. Once the virtual machines are shut down, the ransomware will encrypt .vmdk vmdk (virtual hard disk), .vmsd

Ransomware 144

Ransomware Encryption Malware Hacking 144

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. pic.twitter.com/POYlPYGjsz — MalwareTech (@MalwareTechBlog) March 21, 2021.

Ransomware 140

Ransomware Encryption VPN Malware 140

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Bloomberg was informed about the payment by two people familiar with the attack. The pipeline allows carrying 2.5 The pipeline allows carrying 2.5

Cyber Attacks 113

Cyber Attacks Ransomware Insurance Hacking 113

Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4.

Ransomware 108

Ransomware Cybersecurity Encryption VPN 108

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware 94

Ransomware Cyber threats Firmware Backups 94

Security Affairs

DECEMBER 14, 2021

Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. Experts warn that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. SecurityAffairs – hacking, ransomware).

Ransomware 142

Ransomware Encryption Engineering Malware 142

Security Affairs

JULY 7, 2022

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. Pierluigi Paganini.

Healthcare 124

Healthcare Ransomware Encryption Government 124

Security Affairs

AUGUST 5, 2021

The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the other ransomware operations that do the same are REvil , RansomExx/Defray , Mespinoza , HelloKitty , and Babuk.

Ransomware 139

Ransomware Encryption Healthcare Cybercrime 139

Security Affairs

JULY 15, 2022

Cyble researchers warn of three new ransomware operations named Lilith, RedAlert and 0mega targeting organizations worldwide. Researchers from threat intelligence firm Cyble warn of new ransomware gangs that surfaced recently, named Lilith, RedAlert, and 0mega. The ransomware targets a limited types of files, including log files (.log),

Ransomware 127

Ransomware Encryption Malware Hacking 127

Security Affairs

JUNE 5, 2021

Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. ” concludes the report.

Ransomware 123

Ransomware Malware Encryption Financial Services 123

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 140

Ransomware Encryption Backups Malware 140

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

NOVEMBER 1, 2021

The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). ” reads the flash alert.

DDOS 125

DDOS Ransomware Cybercrime Encryption 125

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware 132

Ransomware Cryptocurrency Government Small Business 132

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. No samples seen yet. ” . .

Ransomware 113

Ransomware Encryption Engineering Cybercrime 113

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 126

Ransomware Backups Encryption DNS 126

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

Security Affairs

AUGUST 21, 2021

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. “The LockFile ransomware was first observed on the network of a U.S.

Ransomware 137

Ransomware Financial Services Hacking Encryption 137

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 118

Ransomware System Administration Antivirus Malware 118

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties. “The

Ransomware 130

Ransomware Healthcare Cryptocurrency Encryption 130

Security Affairs

MARCH 9, 2023

The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was employed in attacks against several media and entertainment organizations worldwide. to deploy the ransomware.

Ransomware 90

Ransomware Encryption Media Phishing 90

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. Vasinskyi was extradited to the U.S.

Ransomware 90

Ransomware Cryptocurrency Cybercrime Encryption 90

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt reads the security advisory published by the vendor.

Ransomware 115

Ransomware Encryption Backups Firmware 115

Security Affairs

JANUARY 7, 2022

Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers from MalwareHunterteam first spotted a new ransomware family dubbed Night Sky that implements a double extortion model in attacks aimed at businesses. No sample seen yet.

Ransomware 129

Ransomware Encryption Hacking Internet 129

Security Affairs

JUNE 19, 2022

Experts warn of a new ech0raix ransomware campaign targeting QNAP Network Attached Storage (NAS) devices. Bleeping Computer and MalwareHunterTeam researchers, citing user reports and sample submissions on the ID Ransomware platform, warn of a new wave of ech0raix ransomware attacks targeting QNAP Network Attached Storage (NAS) devices.

Ransomware 90

Ransomware Encryption Internet Internet 90

Security Affairs

DECEMBER 30, 2021

The AvosLocker ransomware operators released a free decryptor after they accidentally encrypted the system of US Government entity. The AvosLocker ransomware operation provided a free decryptor after they encrypted the systems of a US government agency. pancak3lullz) December 29, 2021. Pierluigi Paganini.

Ransomware 108

Ransomware Government Encryption Malware 108

Security Affairs

JANUARY 18, 2022

A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group. scrypt.txt.” .

Ransomware 134

Ransomware Encryption Malware Passwords 134