Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. LockBit remained the most active group through 2023.

Ransomware 120

Ransomware Manufacturing Retail Insurance 120

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. The attack was carried out by the Cactus ransomware gang , which claims to have stolen terabytes of corporate data from the company. The Cactus ransomware relies on multiple legitimate tools (e.g.

Ransomware 125

Ransomware Hacking Data breaches Digital transformation 125

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day in the Windows Common Log File System (CLFS) actively exploited in ransomware attacks. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks.

Cybercrime 92

Cybercrime Ransomware Education Media 92

Security Affairs

MAY 20, 2023

Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks. The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. Then they use OpenSSH and Impacket to move laterally and deploy the Clop ransomware payload.

Cybercrime 88

Cybercrime Ransomware Security Intelligence Hacking 88

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Diaconu pleaded guilty on December 1, 2023. ” reads the press release published by DoJ.

Cybercrime 100

Cybercrime Cryptocurrency Advertising Passwords 100

Security Affairs

MARCH 13, 2024

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. The hacked third-party company manages the Acer employee attendance data. ph1ns told Bleeping Computer that Acer was hacked, but threat actors did not deploy any ransomware.

Data breaches 108

Data breaches Computers and Electronics Hacking Cybercrime 108

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Today, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom.

Financial Services 121

Financial Services Hacking Ransomware Data breaches 121

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 110

Ransomware Backups VPN Authentication 110

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 79

Ransomware Cybercrime Cybersecurity Hacking 79

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 110

Government Surveillance Cybercrime Ransomware 110

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization.

Hacking 126

Hacking Ransomware Healthcare Cyber Attacks 126

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware 105

Ransomware Data collection Hacking Cybersecurity 105

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Who is Hunters International?

Ransomware 109

Ransomware Hacking Insurance Healthcare 109

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept. defense contractors.

Cybercrime 294

Cybercrime Passwords Authentication Malware 294

Security Affairs

DECEMBER 30, 2023

The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. The INC RANSOM ransomware group claims responsibility for hacking the American multinational corporation Xerox Corp and threatens to disclose the alleged stolen data.

Ransomware 122

Ransomware InfoSec Data breaches Hacking 122

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.

Ransomware 133

Ransomware Encryption Malware Accountability 133

Security Affairs

AUGUST 21, 2023

The BlackCat/ALPHV ransomware group claims to have hacked the Japanese maker of watches Seiko and added the company to its data leak site. On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack.

Hacking 86

Hacking Ransomware Data breaches Cyber Attacks 86

Security Affairs

OCTOBER 17, 2023

What is the impact of ransomware on organizations? According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack.

Social Engineering 112

Social Engineering Ransomware Engineering Phishing 112

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 130

Ransomware Manufacturing InfoSec Hacking 130

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 105

Ransomware Encryption Antivirus VPN 105

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 86

Ransomware Backups VPN Authentication 86

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.

Cybersecurity 107

Cybersecurity Spyware Data breaches Passwords 107

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Xeinadin has over 60,000 clients across the UK and Ireland.

Accountability 123

Accountability Ransomware Data breaches Hacking 123

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Identity Theft 94

Identity Theft Ransomware Data breaches Insurance 94

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 104

Ransomware Malware Manufacturing Healthcare 104

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 112

Ransomware Cryptocurrency Cybercrime VPN 112

Security Affairs

FEBRUARY 11, 2023

The Clop ransomware group claims to have breached over 130 organizations exploiting the GoAnywhere MFT zero-day. The Clop ransomware group claims to have stolen sensitive data from over 130 organizations by exploiting a zero-day vulnerability ( CVE-2023-0669 ) in Fortra’s GoAnywhere MFT secure file transfer tool, BleepingComputer reported.

Ransomware 84

Ransomware Hacking Internet Internet 84

Security Affairs

SEPTEMBER 26, 2023

Sony launched an investigation into an alleged data breach after the RansomedVC group claimed the hack of the company. Sony announced it is investigating allegations of a data breach after the RansomedVC extortion group claimed to have hacked the company and added the company to its Tor leak site. “We We wont ransom them!

Hacking 110

Hacking Data breaches Ransomware Scams 110

Security Affairs

APRIL 6, 2023

Ransomware gang Money Message claims to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Hacking 78

Hacking Ransomware Manufacturing Education 78

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. The stores are co-owned by 3.5

Retail 124

Retail Ransomware Encryption Hacking 124

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 107

Ransomware Government Hacking Cyber Attacks 107

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 124

Ransomware Encryption Backups Manufacturing 124

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering 108

Engineering Ransomware Hacking Education 108

Security Affairs

NOVEMBER 23, 2023

AutoZone disclosed a data breach resulting from the hack of their MOVEit Transfer installation. The car parts giant is notifying 184,995 individuals that the massive MOVEit hacking campaign compromised their personal information. ” reads the Notice Letter published by the Main Attorney General. million Genworth 2.5 million “U.S.

Data breaches 109

Data breaches Hacking Retail Identity Theft 109

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The company said that the ransomware attack took place on Friday night and impacted only one data center in Sweden. The company later confirmed the news of an Akira ransomware attack.

Ransomware 107

Ransomware VPN Government Retail 107

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 119

Ransomware Architecture Malware Passwords 119