Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Bloomberg was informed about the payment by two people familiar with the attack. The pipeline allows carrying 2.5 The pipeline allows carrying 2.5

Cyber Attacks 112

Cyber Attacks Ransomware Insurance Hacking 112

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime 119

Cybercrime Ransomware DDOS Encryption 119

Security Affairs

OCTOBER 15, 2021

A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA revealed three more attacks launched by Ransomware gangs against US water and wastewater treatment facilities (WWS) this year.

Ransomware 94

Ransomware Cyber threats Firmware Backups 94

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., ” Stern wrote.

Ransomware 210

Ransomware Cryptocurrency DDOS Scams 210

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 117

Ransomware Insurance Technology Encryption 117

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 114

Ransomware Cryptocurrency Cybercrime VPN 114

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 109

Ransomware Data breaches Passwords Government 109

Security Boulevard

JUNE 20, 2021

The post BSides Tampa 2021 – Jeremy Rasmussen’s ‘Ransomware – The Real Pandemic’ appeared first on Security Boulevard. Our thanks to BSides Tampa for publishing their outstanding videos on the organization's YouTube channel. Enjoy the Education!

Ransomware 93

Ransomware Education InfoSec Information Security 93

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 121

Ransomware Architecture Malware Passwords 121

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. ” reads the message published by the ransomware group on its Tor leak site.

Accountability 125

Accountability Ransomware Data breaches Hacking 125

Security Boulevard

DECEMBER 27, 2021

Our thanks to BSides Greenville / BSidesGVL for publishing their Track1 , Track 2 and Track 3 of their well-crafted videos from the BSides Greenville / BSidesGVL 2021 conference on the Organization’s’ YouTube channel.

Ransomware 75

Ransomware Education InfoSec Information Security 75

Security Affairs

DECEMBER 31, 2022

Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. million in 2021.

Healthcare 88

Healthcare Ransomware Backups Hacking 88

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Hot for Security

APRIL 22, 2021

An infamous group of ransomware operators is pressuring Apple supplier Quanta Computer to pay $50 million to keep stolen MacBook designs under wraps, following a successful breach of its servers. The ransomware gang is now reportedly trying to coerce Apple to pay the ransom, or else the hackers will continue to post new files every day.

Ransomware 105

Ransomware Media Cyber Attacks Information Security 105

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 114

Hacking Ransomware Computers and Electronics Marketing 114

Security Affairs

AUGUST 5, 2021

The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the other ransomware operations that do the same are REvil , RansomExx/Defray , Mespinoza , HelloKitty , and Babuk.

Ransomware 139

Ransomware Encryption Healthcare Cybercrime 139

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site.

Ransomware 125

Ransomware Healthcare Encryption Cyber Attacks 125

Security Affairs

NOVEMBER 28, 2023

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core members of a ransomware group. ” concludes the press release.

Ransomware 101

Ransomware Malware Phishing Hacking 101

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023.

Healthcare 106

Healthcare Ransomware Government Insurance 106

Security Affairs

AUGUST 18, 2022

A new version of the BlackByte ransomware appeared in the threat landscape, version 2.0 BlackByte ransomware Version 2.0 In February, the US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. Pierluigi Paganini.

Ransomware 108

Ransomware Hacking Cybercrime Information Security 108

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 117

Ransomware System Administration Antivirus Malware 117

Security Affairs

SEPTEMBER 30, 2023

The ALPHV/BlackCat ransomware gang added the hotel chain Motel One to the list of victims on its Tor leak site. The ALPHV/BlackCat ransomware gang added Motel One to the list of victims on its Tor leak site. Exposed records include customers’ names, addresses, dates of reservation, payment method, and contact information.

Hacking 114

Hacking Ransomware Manufacturing Media 114

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. The BlackByte ransomware group claims to have stolen gigabytes of documents from Asahi Group Holdings, including financial and sales reports. Asahi Group Holdings, Ltd. Asahi Group Holdings, Ltd.

Manufacturing 120

Manufacturing Ransomware Hacking Data breaches 120

Security Affairs

DECEMBER 26, 2021

The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday, but according to the company the security breach had a limited impact on its operations.

Ransomware 131

Ransomware Cybercrime Advertising Information Security 131

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization.

Hacking 127

Hacking Ransomware Healthcare Cyber Attacks 127

Security Affairs

JULY 15, 2021

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. Once the virtual machines are shut down, the ransomware will encrypt .vmdk ” reported BleepingComputer.

Ransomware 144

Ransomware Encryption Malware Hacking 144

Security Affairs

DECEMBER 1, 2021

Sabbath ransomware is a new threat that has been targeting critical infrastructure in the United States and Canada since June 2021. A new ransomware group called Sabbath (aka UNC2190) has been targeting critical infrastructure in the United States and Canada since June 2021. ” reads the post published by Mandiant.

Ransomware 119

Ransomware Education Hacking Encryption 119

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware). ” concludes the report.

Ransomware 93

Ransomware Cybercrime Malware Hacking 93

Security Affairs

NOVEMBER 1, 2021

The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). ” reads the flash alert.

DDOS 125

DDOS Ransomware Cybercrime Encryption 125

Security Affairs

AUGUST 21, 2021

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. “The LockFile ransomware was first observed on the network of a U.S.

Ransomware 137

Ransomware Financial Services Hacking Encryption 137

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware 132

Ransomware Cryptocurrency Government Small Business 132

Security Affairs

SEPTEMBER 16, 2021

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444 ). The campaigns observed August 2021 likely employed emails impersonating contracts and legal agreements, the messages used documents that were hosted on file-sharing sites. .

Ransomware 94

Ransomware Cybercrime Hacking Information Security 94

Security Affairs

JANUARY 26, 2023

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. cybersecurity and intelligence authorities.

Ransomware 92

Ransomware VPN Healthcare Manufacturing 92

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. ” reads the announcement published by DoJ.

Ransomware 129

Ransomware Healthcare Cryptocurrency Encryption 129

Security Affairs

AUGUST 13, 2021

The SynAck ransomware gang released the master decryption keys for their operations and rebranded as a new group dubbed El_Cometa group. Good news for the victims of the SynAck ransomware gang, the group released the master decryption keys to allow victims to decrypt their files for free. Pierluigi Paganini.

Ransomware 138

Ransomware Authentication Malware Hacking 138

Security Affairs

DECEMBER 19, 2021

The TellYouThePass ransomware resurged and exploits the Apache Log4j flaw (Log4Shell) to target both Linux and Windows systems. “On December 13, Sangfor’s terminal security team and Anfu’s emergency response center jointly monitored a ransomware called Tellyouthepass, which has attacked both platforms. .

Ransomware 126

Ransomware Internet Internet Hacking 126