Heimadal Security

FEBRUARY 25, 2022

Cuba Ransomware was launched in 2019, and since then it has not been particularly active in comparison to other operations, like REvil, Avaddon, Conti, and DoppelPaymer. As BleepingComputer explained, the Mandiant analysts have discovered that the Cuba ransomware operation targets the United States first and then Canada. What Happened?

Hacking 90

Hacking Ransomware Cybersecurity 90

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware 136

Ransomware Hacking Malware Encryption 136

Bleeping Computer

DECEMBER 1, 2021

BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [.].

Ransomware 144

Ransomware Hacking 144

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems.

Ransomware 98

Ransomware Hacking Internet Internet 98

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware 127

Ransomware Firmware Antivirus Accountability 127

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. The stores are co-owned by 3.5

Retail 123

Retail Ransomware Encryption Hacking 123

CyberSecurity Insiders

JUNE 21, 2021

Australia’s labor party has introduced a bill titled Ransomware Payments Bill 2021 that makes it mandatory for victimized companies to notify the Australian Cyber Security Center (ACSC) before making a ransom payment to a hacker’s gang. A National Ransomware Strategy was being encouraged by labor from February this year.

Ransomware 91

Ransomware Cryptocurrency Cybersecurity Government 91

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Xeinadin has over 60,000 clients across the UK and Ireland.

Accountability 122

Accountability Ransomware Data breaches Hacking 122

Security Affairs

OCTOBER 2, 2022

Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC. The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC , which supports the federal government and the United States Department of Defense. SecurityAffairs – hacking, NJVC).

Hacking 95

Hacking Ransomware Data breaches Government 95

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .

Ransomware 89

Ransomware Cryptocurrency Cybercrime Malware 89

Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 141

Ransomware Hacking Computers and Electronics Malware 141

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime 117

Cybercrime Ransomware DDOS Encryption 117

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp.

Cyber Attacks 110

Cyber Attacks Ransomware Insurance Hacking 110

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware 106

Ransomware Government VPN Manufacturing 106

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Preventing ransomware. Ransomware attacks and costs.

Ransomware 97

Ransomware Backups Software Encryption 97

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 107

Ransomware Data breaches Passwords Government 107

Bleeping Computer

JANUARY 11, 2022

The Night Sky ransomware gang has started to exploit the critical CVE-2021-4422 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems. [.].

Ransomware 143

Ransomware Hacking 143

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International announced it has suffered a ransomware attack that impacted many systems of the company, Bleeping Computer reported. ” reported Bleeping Computer. .”

Ransomware 115

Ransomware Insurance Technology Encryption 115

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware 92

Ransomware Cyber threats Firmware Backups 92

Security Boulevard

DECEMBER 21, 2021

Malware: Ransomware Attacks Don Not Let Up at the End of 2021. In what seems like an appropriate end to a year defined by an increased focus on ransomware, December proved to be a busy month for cyber defenders. Organizations of all kinds around the world fell victim to or became aware of ransomware attacks.

Ransomware 105

Ransomware Cryptocurrency Accountability Malware 105

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. million in 2021.

Healthcare 88

Healthcare Ransomware Backups Hacking 88

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 111

Ransomware Cryptocurrency Cybercrime VPN 111

Security Boulevard

MARCH 31, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. How not to disclosure a Hack. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. More and More Ransomware Attacks.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 118

Ransomware Architecture Malware Passwords 118

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing 116

Manufacturing Hacking Data breaches Ransomware 116

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site.

Ransomware 123

Ransomware Healthcare Encryption Cyber Attacks 123

Security Affairs

JANUARY 8, 2024

Ultra provides critical tactical capabilities including cybersecurity and remote cryptographic management systems for clients including the DoD, FBI, DEA, NATO, AT&T… pic.twitter.com/MrnRNNiJsa — Dominic Alvieri (@AlvieriD) December 27, 2023 The ransomware gang stole around 30 gigabytes of sensitive documents from the US company.

Hacking 109

Hacking Data breaches Ransomware Manufacturing 109

SecureWorld News

JANUARY 19, 2023

That is how James McQuiggan, CISSP, Security Awareness Advocate for KnowBe4, kicked off the recent SecureWorld Remote Sessions webcast titled, "Ransomware, Ransom-war, and Ran-some-where: What We Can Learn When the Hackers Get Hacked." Some scary statistics: Ransomware attacks increased 13% from 2020 to 2021.

Hacking 93

Hacking Backups Ransomware Retail 93

Security Affairs

MAY 15, 2021

XSS forum (previously known as DaMaGeLab) one of the most popular hacking forums, announced that it would ban the ads published by ransomware gangs. The popular hacking forum XSS forum, previously known as DaMaGeLab, announced that that it would ban the ads published by ransomware gangs. ddd1ms) May 14, 2021.

Hacking 78

Hacking Ransomware Cybercrime Malware 78

CSO Magazine

MARCH 17, 2022

The ransomware scourge reached unprecedented levels in 2021, with ransomware threat actors demanding, and in many cases receiving, ransom payments in the millions of dollars. million to its ransomware attackers in May 2021, although in a subsequent operation, the U.S Colonial Pipeline paid $4.43

Ransomware 119

Ransomware Backups Hacking 119

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A The group claims to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

Hacking 138

Hacking Banking Ransomware Passwords 138

CyberSecurity Insiders

APRIL 23, 2021

Later, the Satya Nadella led company issued a statement that it could be the work of a Chinese Hacking group named Hafinium. Channel Nine 9 cyber attack- Australian Television Network dubbed Channel Nine was targeted by a cyber attack on March 28th,2021 halting several news bulletins and morning shows for the day.

Cyber Attacks 145

Cyber Attacks Insurance Cyber Insurance Ransomware 145

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? billion login credentials, has been leaked on a popular hacking forum. Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. ransomware attack. ransomware operators.

Hacking 95

Hacking VPN Passwords Ransomware 95

Security Affairs

AUGUST 21, 2021

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. “The LockFile ransomware was first observed on the network of a U.S.

Ransomware 135

Ransomware Financial Services Hacking Encryption 135

Security Boulevard

JANUARY 10, 2022

2021 was a busy year for the cyber security community. Picus has curated a list of the top five threats observed in 2021, detailing ten lessons defenders can learn from them. . In January 2021, Volexity detected a large amount of egress data traffic on its customers’ Microsoft Exchange Servers [1]. CVE-2021-26885.

Cyber threats 141

Cyber threats Ransomware Risk Architecture 141

Security Affairs

AUGUST 5, 2021

The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the other ransomware operations that do the same are REvil , RansomExx/Defray , Mespinoza , HelloKitty , and Babuk.

Ransomware 137

Ransomware Encryption Healthcare Cybercrime 137

Security Affairs

OCTOBER 4, 2021

ransomware, operators will leak files on 07 Oct, 2021. ransomware operators hit the Israeli aerospace and defense firm E.M.I.T. At the time of this writing, the ransomware gang has yet to share any files as proof of the attack, the countdown will end on 07 October 2021. Like other ransomware operations, LockBit 2.0

Ransomware 121

Ransomware Hacking Mobile Advertising 121