Security Affairs

MAY 5, 2024

According to the countdown active on the seized, law enforcement that are currently controlling the website will reveal the identities of the LockBitSupps and other members of the gang on May 7, 2024, at 14:00:00 UTC. It’s coming ON 2024-05-07 14:00:00 UTC!!! Lockbit ransomware group states law enforcement is lying.

Ransomware 121

Ransomware Cybercrime Cyber Attacks Encryption 121

Malwarebytes

FEBRUARY 6, 2024

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. Top of the list is “Big Game” ransomware, the most serious cyberthreat to businesses all around the world. READ THE REPORT

Ransomware 102

Ransomware Cybercrime Malware Social Engineering 102

Security Boulevard

MAY 28, 2024

This group is known for deploying the Black Basta ransomware attack. On May 15, 2024, Microsoft released details about how this financially motivated group […] The post Black Basta Ransomware Attack: Microsoft Quick Assist Flaw appeared first on TuxCare.

Social Engineering 75

Social Engineering Ransomware Engineering Encryption 75

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. The threat actors had access to the company systems between September 4 and September 30, 2023, when they deployed ransomware.

Data breaches 98

Data breaches Ransomware Manufacturing Encryption 98

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware campaign targeting various organizations in multiple countries, Cisco Talos reported. The GhostLocker 2.0 GhostLocker 2.0 GhostLocker 2.0

Ransomware 110

Ransomware Encryption Cybercrime Hacking 110

Malwarebytes

APRIL 4, 2024

On April 2, 2024, Jackson County tweeted that it had identified significant disruptions within its IT systems, “potentially attributable to a ransomware attack” Jackson County is one of 114 counties in Missouri, with a population of approximately 718,000 people, mostly in Kansas City. Stop malicious encryption.

Ransomware 106

Ransomware Backups Malware Software 106

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. The threat actors demand the payment of 3.5

Ransomware 105

Ransomware Backups Encryption Healthcare 105

SecureList

JANUARY 17, 2024

Verdict: prediction fulfilled ✅ Media blackmail: businesses to learn they were hacked from hackers’ public posts with a countdown to release Ransomware operators create blogs to showcase new successful hacks of businesses and reveal stolen data. This points to a continuous rise in companies falling prey to ransomware.

Marketing 110

Marketing Cryptocurrency Malware Ransomware 110

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware 97

Ransomware Digital transformation Retail Antivirus 97

Security Affairs

JANUARY 24, 2024

Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT. Fortra GoAnywhere Managed File Transfer is a comprehensive solution for secure file transfer, data encryption, and compliance management.

Authentication 105

Authentication Hacking Engineering Encryption 105

Thales Cloud Protection & Licensing

MARCH 12, 2024

Ransomware Attacks: The Constant and Evolving Cybersecurity Threat madhav Tue, 03/12/2024 - 13:00 Enterprise data collection is skyrocketing, driven by factors like connected devices, cloud computing, personal data collection and digital transactions. Ransomware remains a constant and chilling threat.

Ransomware 62

Ransomware Cybersecurity Encryption Data collection 62

Malwarebytes

FEBRUARY 28, 2024

On Wednesday February 21, 2024, Change Healthcare—a subsidiary of UnitedHealth Group—experienced serious system outages due to a cyberattack. According to Reuters , the group behind the attack is the ALPHV/BlackCat ransomware group. In our monthly ransomware reviews you will typically find them in the top five of ransomware groups.

Healthcare 110

Healthcare Ransomware Backups Technology 110

SecureList

APRIL 15, 2024

They generated a custom version of the ransomware, which used the aforementioned account credential to spread across the network and perform malicious activities, such as killing Windows Defender and erasing Windows Event Logs in order to encrypt the data and cover its tracks. In this article, we revisit the LockBit 3.0

Ransomware 95

Ransomware Encryption Passwords Accountability 95

Security Affairs

MAY 7, 2024

The FBI, UK National Crime Agency, and Europol have unmasked the identity of the admin of the LockBit ransomware operation, aka ‘LockBitSupp’ and ‘putinkrab’ , and issued sanctions against him. The NCA added that of the 194 affiliates identified as using LockBit’s services up until February 2024: 148 built attacks.

Ransomware 90

Ransomware Cybercrime Healthcare Encryption 90

Malwarebytes

APRIL 10, 2024

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of “highly selective data,” which relates to “all Change Health clients that have sensitive data being processed by the company.”

Healthcare 92

Healthcare Ransomware Backups Software 92

Security Affairs

JANUARY 9, 2024

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The LockBit ransomware operation has claimed responsibility for the cyberattack that hit the Capital Health hospital network in November 2023. Capital Health Regional Medical Center is a member of Capital Health System.

Ransomware 96

Ransomware Healthcare Encryption Cyber Attacks 96

SecureList

NOVEMBER 23, 2023

As we look to 2024, we believe that the consumer threat landscape will be heavily influenced by political, cultural, and technological events and trends. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024. Malicious clones of the banned apps may rise to fill the void in 2024.

VPN 95

VPN Scams Education Internet 95

CyberSecurity Insiders

APRIL 11, 2023

To almost all who are familiar with ransomware attacks, it just means data encryption until a ransom is paid. However, in recent years, especially after the first lockdown, hackers involved in spreading this file-encrypting tactic have evolved or changed their tactics to create more seriousness among victims.

Cyber threats 91

Cyber threats Ransomware Encryption Data breaches 91

NetSpi Executives

MARCH 26, 2024

While most people may imagine mainframe computers to be an antiquated world of massive machinery, tape spools, and limited possibilities, they actually receive widespread use today in 2024 as the backbone infrastructure that allows billions of financial transactions to occur daily on a global scale.

Penetration Testing 59

Penetration Testing Encryption Insurance Healthcare 59

Malwarebytes

APRIL 10, 2024

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of “highly selective data,” which relates to “all Change Health clients that have sensitive data being processed by the company.”

Healthcare 77

Healthcare Ransomware Backups Software 77

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption 138

Encryption Computers and Electronics Password Management Passwords 138

Malwarebytes

FEBRUARY 19, 2024

For the last two years the absolute worst, most prolific, most globally significant “big game” ransomware gang has been LockBit. This evening its position as ransomware’s biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UK’s National Crime Agency (NCA).

Ransomware 70

Ransomware Backups Malware Software 70

NetSpi Executives

MARCH 26, 2024

While most people may imagine mainframe computers to be an antiquated world of massive machinery, tape spools, and limited possibilities, they actually receive widespread use today in 2024 as the backbone infrastructure that allows billions of financial transactions to occur daily on a global scale.

Penetration Testing 52

Penetration Testing Encryption Insurance Healthcare 52

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. The Black Basta ransomware group added Southern Water to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 29, 2024. southernwater.co[.]uk

Hacking 109

Hacking Encryption Ransomware Insurance 109

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. We have seen news of ChatGPT leaking user’s information and law enforcement asking for backdoors in encryption routines.

Malware 76

Malware Passwords Identity Theft Banking 76

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. Pin was active on Opensc around March 2012, and authored 13 posts that mostly concerned data encryption issues, or how to fix bugs in code. Last week, the United States joined the U.K.

Ransomware 244

Ransomware Cybercrime Accountability Malware 244

SecureList

NOVEMBER 14, 2023

In this article, we will review the past year’s trends to see which of our 2023 predictions have come true, and try to predict what is to come in 2024. The malware posed as ransomware, demanding money from the victims for “decrypting” their data. A review of last year’s predictions 1.

Hacking 108

Hacking Energy and Utilities Media Malware 108

Security Affairs

APRIL 10, 2024

The organization disclosed a data breach after a ransomware attack, the incident impacted 533,809 individuals. The data breach occurred on January 24, 2024, and was discovered on January 25 when GHC-SCW identified unauthorized access to its network. “The attacker attempted to encrypt GHC-SCW’s system but was unsuccessful.”

Data breaches 107

Data breaches Ransomware Insurance Encryption 107

Malwarebytes

MARCH 6, 2024

For the second time in only four months, all is not well on the ALPHV (aka BlackCat) ransomware gang’s dark web site. ” The ALPHV ransomware dark web site has a new look So far, so FBI, but all is not what it seems. .” ALPHV is arguably the second most dangerous ransomware group in the world.

Ransomware 100

Ransomware Healthcare Backups Accountability 100

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Ransomware Ransomware will remain the No. 1 scourge of industrial enterprises in 2024. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises.

Ransomware 71

Ransomware Energy and Utilities Marketing Backups 71

Malwarebytes

MARCH 25, 2024

In October 2023, The British Library was attacked by the Rhysida ransomware gang in a devastating cyberattack. The ransomware itself was launched on October 28, 2023, but the library believes that the Rhysida group infiltrated its systems at least three days before that.

Ransomware 84

Ransomware Backups Encryption Software 84

eSecurity Planet

FEBRUARY 26, 2024

February 19, 2024 Microsoft Exchange Servers Vulnerable to Privilege Escalation Attacks Type of vulnerability: Critical severity privilege escalation vulnerability. The problem: CVE-2024-21410 allows remote attackers to carry out NTLM relay attacks on Microsoft Exchange Servers, providing them with privileged access.

Risk 111

Risk Authentication System Administration Ransomware 111

Malwarebytes

FEBRUARY 22, 2024

One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management (RMM) tools by ransomware gangs in their attacks. The Barclays banking scam we wrote about in February 2024 is an example of this approach. Exploited by Royal, BianLian, ALPHV.

Ransomware 74

Ransomware Scams Social Engineering Encryption 74

Malwarebytes

APRIL 22, 2024

Turning back the clock on encryption: How to perform ransomware backups in one-click ThreatDown earns highest ratings across EDR and MDR categories in G2 Spring 2024 results K-12 district hit with $500k Medusa ransomware attack FakeBat campaign continues, now also targeting VMware users Stay safe!

Backups 68

Backups Scams Ransomware Encryption 68

Malwarebytes

FEBRUARY 9, 2024

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. 2023 was an explosive year for ransomware.

Ransomware 69

Ransomware Education Social Engineering Manufacturing 69

Security Affairs

JANUARY 23, 2024

Fortra warns customers of a new authentication bypass vulnerability tracked as CVE-2024-0204 (CVSS score 9.8), impacting the GoAnywhere MFT (Managed File Transfer) product. Fortra GoAnywhere Managed File Transfer is a comprehensive solution for secure file transfer, data encryption, and compliance management.

Authentication 98

Authentication Engineering Encryption Hacking 98