Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4.

Ransomware 108

Ransomware Cybersecurity Encryption VPN 108

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware 117

Ransomware Firmware Mobile InfoSec 117

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

JULY 9, 2021

Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. Bloomberg was informed about the payment by two people familiar with the attack.

Data breaches 142

Data breaches Insurance Ransomware Identity Theft 142

Security Affairs

JANUARY 14, 2022

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. The gang was distributing the LockerGoga and MegaCortex ransomware families. and Europe.

Ransomware 114

Ransomware DDOS Telecommunications Malware 114

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn.

Encryption 117

Encryption Ransomware Cybercrime Malware 117

Security Affairs

OCTOBER 25, 2022

The Hive ransomware gang, which claimed the responsibility for the Tata Power data breach, started leaking data. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.”. “All key files. key files. Pierluigi Paganini.

Ransomware 89

Ransomware Data breaches Cyber Attacks Engineering 89

Security Affairs

JUNE 21, 2021

The Taiwanese memory and storage chip maker ADATA was hit by the Ragnar Locker ransomware gang that also published more than 700GB of stolen data. The Ragnar Locker ransomware gang has published on its leak sites more than 700GB of data stolen from Taiwanese memory and storage chip maker ADATA. Consider installing and using a VPN.

Ransomware 138

Ransomware Passwords VPN Authentication 138

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 99

Ransomware DDOS Passwords Backups 99

Security Affairs

SEPTEMBER 3, 2021

FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware 98

Ransomware Passwords Backups Firmware 98

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files. ” continues the paper.

Encryption 89

Encryption Ransomware VPN Malware 89

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021.

Education 106

Education Ransomware Phishing Passwords 106

Security Affairs

AUGUST 29, 2021

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing. Moderate Ongoing VPN Plus Server Important Ongoing VPN Server Moderate Ongoing.

VPN 121

VPN Encryption Authentication Hacking 121

Security Affairs

SEPTEMBER 8, 2021

The ransomware group has been active since August 2021 and implement a double extortion model like other gangs. He is also the admin of a recently launched underground service named RAMP that focuses on ransomware operations. 2,959 out of 22,500 victims are US entities. Follow me on Twitter: @securityaffairs and Facebook.

VPN 92

VPN Ransomware Hacking Accountability 92

Security Affairs

SEPTEMBER 10, 2020

US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020.

Ransomware 66

Ransomware VPN Banking Data breaches 66

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 98

Artificial Intelligence VPN Hacking Firewall 98

Security Affairs

AUGUST 8, 2021

ransomware gang BlackMatter ransomware also targets VMware ESXi servers Conti ransomware affiliate leaked gang’s training material and tools Conti Leak Indicators – What to block, in your SOC…. Do You Trust Your Smart TV? If you want to also receive for free the international pre ss subscribe here.

VPN 99

VPN Ransomware Manufacturing IoT 99

Security Affairs

AUGUST 29, 2023

Citrix reported that successful exploitation requires that the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. Then threat actors sent data as an image file to a web-accessible path: cp /var/tmp/test.tar.gz /netscaler/ns_gui/vpn/medialogininit.png. php) on victim machines.

VPN 104

VPN Ransomware DNS Malware 104

Malwarebytes

JULY 23, 2021

Two months after fully restoring its systems, CNA Financial, the leading US insurance company that was attacked by a group using Phoenix CryptoLocker ransomware, issued a legal notice of an information security incident to the Consumer Protection Bureau in New Hampshire. CNA’s network was compromised in March 2021.

Ransomware 90

Ransomware Unstructured Data Accountability Consumer Protection 90

SC Magazine

JUNE 24, 2021

Babuk, the ransomware group behind the Washington, D.C. Today’s columnist, Jane Adams of Secureworks, offers insights on what these changing strategies mean to security teams. The fallout from the DarkSide ransomware attack on Colonial Pipeline on May 7 caused apparent disruption in parts of the ransomware ecosystem.

Ransomware 73

Ransomware Encryption VPN Software 73

Security Affairs

DECEMBER 11, 2021

The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group The group focuses on data theft and extortion, but the researchers pointed out that it doesn’t use ransomware.

Cybercrime 79

Cybercrime VPN Ransomware Hacking 79

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 103

Healthcare Ransomware Encryption Passwords 103

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An SecurityAffairs – hacking, ransomware).

VPN 86

VPN Firewall Firmware Authentication 86

Security Affairs

NOVEMBER 3, 2021

Experts believe threat actors selling initial access to the organizations have obtained these credentials by expliting well-known vulnerabilities in remote access solutions, including Remote Desktop Protocol (RDP), VPN, Citrix, and SonicWall. In October 2021 , a threat actor claimed access to the network of a U.S.-based

Cybercrime 110

Cybercrime VPN Ransomware Hacking 110

Security Affairs

DECEMBER 3, 2022

The post Security Affairs newsletter Round 396 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 93

Spyware Data breaches VPN Hacking 93

Security Affairs

MAY 9, 2021

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 89

Data breaches DDOS VPN Hacking 89

Security Affairs

NOVEMBER 20, 2021

Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. The infamous banking trojan was also used to deliver other malicious code, such as Trickbot and QBot trojans, or ransomware such as Conti , ProLock , Ryuk , and Egregor. ” states the report published by AdvIntel.

Cybercrime 101

Cybercrime Ransomware Banking Malware 101

CyberSecurity Insiders

DECEMBER 24, 2021

As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the workplace and world at large. In 2021, we experienced a rapid evolution to these interactions. Privacy laws.

Cybersecurity 98

Cybersecurity Ransomware VPN Architecture 98

Security Affairs

DECEMBER 18, 2022

years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 93

Data breaches Hacking DDOS VPN 93

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. ” concludes the report.

Cybercrime 105

Cybercrime Ransomware Antivirus Software 105

Security Affairs

FEBRUARY 26, 2022

Unit 42 attributes the malware to an APT campaign codenamed TiltedTemple (aka DEV-0322 ), threat actors also exploited the Zoho ManageEngine ADSelfService Plus vulnerability ( CVE-2021-40539 ) and ServiceDesk Plus vulnerability ( CVE-2021-44077 ). based defense contractor’s internet-facing Windows server on July 27, 2021.

Backups 92

Backups VPN Healthcare Malware 92

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime 132

Cybercrime Education Accountability Phishing 132

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform. from the Lympo NTF platform. from the Lympo NTF platform.

VPN 80

VPN Ransomware Spyware DDOS 80

Security Affairs

JUNE 27, 2021

thousand servers are still vulnerable Mercedes-Benz data breach impacted roughly 1000 individuals Microsoft: Russia-linked SolarWinds hackers breached three new entities. thousand servers are still vulnerable Mercedes-Benz data breach impacted roughly 1000 individuals Microsoft: Russia-linked SolarWinds hackers breached three new entities.

Ransomware 75

Ransomware VPN Firewall Hacking 75

Security Affairs

NOVEMBER 14, 2021

The post Security Affairs newsletter Round 340 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

FEBRUARY 7, 2021

Hackers abuse Plex Media servers for DDoS amplification attacks TeamTNT group uses Hildegard Malware to target Kubernetes Systems Experts found critical flaws in Realtek Wi-Fi Module Packaging giant WestRock is still working to resume after recent Ransomware Attack Watch out! The Great Suspender Chrome extension contains Malware.

DDOS 67

DDOS Firewall Ransomware Encryption 67

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 87

Data breaches Social Engineering Ransomware Malware 87