Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. The average ransom payment was $1.2

Ransomware 80

Ransomware Retail Malware Insurance 80

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. ” The ransomware attack against local governments resulted in data theft in at least 27 of the 105 incidents (26 percent). “Early ransomware attacks were simple and mostly automated.

Government 84

Government Ransomware Healthcare Education 84

Security Affairs

MAY 16, 2024

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. ” reported ABC. million customers.

Ransomware 103

Ransomware Data breaches Government Insurance 103

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “There will be panic. 428 hospitals.”

Ransomware 276

Ransomware Healthcare Cybercrime Government 276

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius ) have demanded over 145 million U.S. “Since spring 2022, Cuba ransomware actors have expanded their TTPs.

Ransomware 79

Ransomware Financial Services Manufacturing Healthcare 79

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 106

Ransomware Cryptocurrency Cybercrime VPN 106

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime 124

Cybercrime Education Accountability Phishing 124

Security Affairs

MARCH 22, 2023

The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October 2022. During the reporting period, ransomware was the most prominent threat against the sector in 2022. The researchers pointed out that the ransomware attacks doubled compared to the previous year.

Ransomware 79

Ransomware DDOS Cyber threats Phishing 79

SecureList

MAY 11, 2023

Ransomware keeps making headlines. In 2022, Kaspersky solutions detected over 74.2M attempted ransomware attacks which was 20% more than in 2021 (61.7M). In 2022, Kaspersky solutions detected over 74.2M attempted ransomware attacks which was 20% more than in 2021 (61.7M). We named it RedAlert/N13V.

Ransomware 121

Ransomware Malware Architecture Telecommunications 121

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ransomware to evade sanctions. Pierluigi Paganini.

Hacking 125

Hacking Ransomware Cybersecurity Cybercrime 125

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

Government 134

Government Ransomware Cybercrime Banking 134

Security Affairs

JANUARY 5, 2024

A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500.

Ransomware 98

Ransomware Hacking Encryption Malware 98

Security Affairs

SEPTEMBER 8, 2022

Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022. UAC-0098 historically delivered the IcedID trojan to achieve an initial compromise to the target networks before deploying human-operated ransomware. SecurityAffairs – hacking, Conti ransomware).

Ransomware 120

Ransomware Cybercrime Government Media 120

Security Affairs

MARCH 19, 2023

Dutch maritime logistics company Royal Dirkzwager suffered a ransomware attack, the company was hit by the Play ransomware gang. The Play ransomware group hit the Dutch maritime logistics company Royal Dirkzwager. Company CEO Joan Blaas said that the ransomware attack did not impact the operations of the company.

Ransomware 84

Ransomware Cybercrime Hacking Cyber Attacks 84

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 99

Cybercrime Malware Backups Manufacturing 99

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware).

Ransomware 89

Ransomware Cybercrime Malware Hacking 89

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.

Malware 108

Malware Ransomware Banking Healthcare 108

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 118

Ransomware Encryption Backups Manufacturing 118

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022). In 2022, Boeing recorded $66.61 ransomware ??????: ” ?????????:

Ransomware 125

Ransomware Manufacturing InfoSec Hacking 125

Security Affairs

JULY 8, 2022

The operators behind the TrickBot malware are systematically targeting Ukraine since the beginning of the war in February 2022. Since February, the Conti ransomware group has taken over TrickBot malware operation and also planned to replace it with BazarBackdoor malware. ” concludes IBM. Pierluigi Paganini.

Cybercrime 86

Cybercrime Malware DDOS Ransomware 86

Security Affairs

NOVEMBER 17, 2022

Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. Pierluigi Paganini. Pierluigi Paganini.

Ransomware 117

Ransomware Cybercrime Hacking Cybersecurity 117

SecureList

NOVEMBER 23, 2021

Most vaccines appeared on the market shortly afterwards and, by all appearances, it seemed as if it was no longer necessary or worthwhile to meddle in the process of their development or to steal confidential information. Ransomware groups continued to attack medical organizations. Predictions for the year 2022.

Healthcare 122

Healthcare Ransomware Cybercrime Scams 122

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 103

Ransomware Backups VPN Authentication 103

Security Affairs

OCTOBER 20, 2023

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law enforcement operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure.

Ransomware 86

Ransomware Cybercrime Malware Hacking 86

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators.

Cybercrime 81

Cybercrime Government Ransomware Cryptocurrency 81

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. ” reads the analysis published by Mandiant. .

Ransomware 124

Ransomware Cybercrime Malware Hacking 124

Security Affairs

SEPTEMBER 30, 2023

Federal Bureau of Investigation (FBI) warns of dual ransomware attacks aimed at the same victims. Federal Bureau of Investigation (FBI) is warning of dual ransomware attacks, a new worrisome trend in the threat landscape that sees threat actors targeting the same victims two times. ” continues the alert. .

Ransomware 110

Ransomware Architecture Encryption Malware 110

Security Affairs

JUNE 16, 2023

DoJ charged a Russian national with conspiring to carry out LockBit ransomware attacks against U.S. The Justice Department announced charges against the Russian national Ruslan Magomedovich Astamirov (20) for his role in numerous LockBit ransomware attacks against systems in the United States, Asia, Europe, and Africa.

Ransomware 80

Ransomware Healthcare Education Government 80

Security Affairs

NOVEMBER 8, 2023

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. TransForm is a non-profit group that provides IT services to the above hospitals.

Ransomware 106

Ransomware Healthcare VPN Insurance 106

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., “Cryptocurrency article contest!

Ransomware 226

Ransomware Cryptocurrency DDOS Scams 226

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 98

Ransomware Malware Manufacturing Healthcare 98

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware 90

Ransomware Healthcare Encryption Manufacturing 90

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. ” continues the report.

Ransomware 104

Ransomware Encryption Engineering Cybercrime 104

Security Affairs

NOVEMBER 14, 2023

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. Resecurity, Inc.

Ransomware 103

Ransomware Cyber threats Government Hacking 103

Security Affairs

AUGUST 27, 2023

ransomware builder in 2022 allowed threat actors to create new variants of the threat. Lockbit v3 , aka Lockbit Black , was detected in June 2022, but in September 2022 a builder for this variant was leaked online. The availability of the builder allowed anyone to create their own customized version of the ransomware.

Ransomware 92

Ransomware Encryption Malware Hacking 92

Security Affairs

JANUARY 10, 2024

Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk Tortilla ransomware variant. The experts were able to extract and share the private decryption key used by the ransomware operators.

Ransomware 106

Ransomware Encryption Engineering Malware 106

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 122

Cryptocurrency Cybercrime Media Government 122