2024, Information Security and Ransomware

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative.

Ransomware

Ransomware Hacking Healthcare Retail

Microsoft Patch Tuesday for February 2024 fixed 2 actively exploited 0-days

Security Affairs

FEBRUARY 14, 2024

Microsoft Patch Tuesday security updates for February 2024 addressed 72 flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2024 resolved a total of 72 vulnerabilities, including two actively exploited zero-days.

Information Security

Information Security Internet Internet Ransomware

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Security Affairs

NOVEMBER 14, 2023

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. Resecurity, Inc.

Ransomware

Ransomware Cyber threats Government Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers

Security Affairs

FEBRUARY 20, 2024

Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The IT giant addressed the issue with the release of Patch Tuesday security updates for February 2024. Out of 97,000 servers, 28,500 have been verified to be vulnerable to CVE-2024-21410.

Authentication

Authentication Internet Internet Ransomware

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year.

Cyber threats

Cyber threats Energy and Utilities Artificial Intelligence Cyber Attacks

Ransomware drama: Law enforcement seized Lockbit group’s website again

Security Affairs

MAY 5, 2024

According to the countdown active on the seized, law enforcement that are currently controlling the website will reveal the identities of the LockBitSupps and other members of the gang on May 7, 2024, at 14:00:00 UTC. It’s coming ON 2024-05-07 14:00:00 UTC!!! Lockbit ransomware group states law enforcement is lying.

Ransomware

Ransomware Cybercrime Cyber Attacks Encryption

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Ransomware Attacks: In 2023, a whopping 72.7% of organizations faced ransomware. Market Growth: AI cyber security technology is projected to grow by 23.6% million, up 15% in three years.

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

The Year in Review and 2024 Predictions

Security Boulevard

DECEMBER 24, 2023

We cover various topics, such as Twitter’s influence, the future of Mastodon, the ban of TikTok in certain states, and the rising issue of ransomware. In addition, we give credit to Scott for […] The post The Year in Review and 2024 Predictions appeared first on Shared Security Podcast.

Ransomware

Ransomware Data privacy Technology InfoSec

City of Wichita disclosed a data breach after the recent ransomware attack

Security Affairs

MAY 17, 2024

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. ” reads the Notice of Data Event updated on May 14, 2024.

Data breaches

Data breaches Ransomware Hacking Cybercrime

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware

Ransomware Malware Manufacturing Healthcare

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

So, let’s explore what 2024 and beyond has in store for all of us in the digital world. I have concluded the increasing involvement of offensive nation-states directly supports most of the 2024 cybersecurity predictions. 2024 Cybersecurity Predictions 1. In 2024: 1. They will suffer disproportionately.

Risk

Risk Cybersecurity CISO Technology

Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs

Security Affairs

FEBRUARY 27, 2024

New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Both vulnerabilities were reported on February 13, 2024, through the company vulnerability disclosure channel via the ConnectWise Trust Center.

Ransomware

Ransomware Malware Software Authentication

Security Roundup March 2024

BH Consulting

MARCH 21, 2024

Creeping cyber risk grabbing global headlines Ransomware keeps reminding us of the strong connection between a cybersecurity incident and financial loss. CNN reports that ransomware victims in the US healthcare sector say they’re “haemorrhaging money”, as disruption affects their daily operations.

Cyber threats

Cyber threats Ransomware Healthcare Risk

Electronic prescription provider MediSecure impacted by a ransomware attack

Security Affairs

MAY 16, 2024

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. ” reported ABC. million customers.

Ransomware

Ransomware Data breaches Government Insurance

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. The threat actors had access to the company systems between September 4 and September 30, 2023, when they deployed ransomware.

Data breaches

Data breaches Ransomware Manufacturing Encryption

LockBit ransomware gang claims the attack on the sandwich chain Subway

Security Affairs

JANUARY 21, 2024

The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise. The Lockbit ransomware group added Subway to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 02, 2024 at 21:44:16 UTC.

Ransomware

Ransomware Hacking Data breaches Cybercrime

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware

Ransomware Backups Healthcare Firewall

City of Wichita hit by a ransomware attack

Security Affairs

MAY 6, 2024

The City of Wichita in Kansas was forced to shut down its computer systems after a ransomware attack. The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. We are working with specialists to thoroughly review and assess systems before putting them back online.

Ransomware

Ransomware Data breaches Hacking Cybercrime

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Security Affairs

JANUARY 24, 2024

Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT. The security experts also published a proof-of-concept (PoC) exploit that allows the creation of new admin users on vulnerable instances exposed online.

Authentication

Authentication Hacking Engineering Encryption

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware

Ransomware Manufacturing Hacking Insurance

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware

Ransomware VPN Education Hacking

Jackson County, Missouri, discloses a ransomware attack

Security Affairs

APRIL 3, 2024

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.”

Ransomware

Ransomware Hacking Technology Cybersecurity

A ransomware attack took 100 Romanian hospitals down

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. BTC (about 157,000 EURO).

Ransomware

Ransomware Backups Encryption Healthcare

Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware campaign targeting various organizations in multiple countries, Cisco Talos reported. The GhostLocker 2.0 246 located in Moscow, Russia.”

Ransomware

Ransomware Encryption Cybercrime Hacking

ICS and OT threat predictions for 2024

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Ransomware Ransomware will remain the No. 1 scourge of industrial enterprises in 2024. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises.

Ransomware

Ransomware Energy and Utilities Marketing Backups

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware

Ransomware Architecture Malware Passwords

Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

Security Affairs

MARCH 20, 2024

Multiple threat actors are exploiting the recently disclosed JetBrains TeamCity flaw CVE-2024-27198 in attacks in the wild. Trend Micro researchers are exploiting the recently disclosed vulnerabilities CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score 7.3) reads the advisory published by JetBrains.

Malware

Malware Authentication Cryptocurrency Ransomware

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware

Ransomware Digital transformation Retail Antivirus

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 19, 2024

Eight Names of Ransomware Actors Revealed, So What? records on Chinese users Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea U.S.

Artificial Intelligence

Artificial Intelligence Data breaches Ransomware Hacking

LockBit ransomware gang claims the attack on Capital Health

Security Affairs

JANUARY 9, 2024

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The LockBit ransomware operation has claimed responsibility for the cyberattack that hit the Capital Health hospital network in November 2023. It also announced additional security measures to protect its infrastructure.

Ransomware

Ransomware Healthcare Encryption Cyber Attacks

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware

Ransomware VPN Government Retail

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. In February 2024, the U.S.

Ransomware

Ransomware Healthcare Government Technology

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023.

Healthcare

Healthcare Ransomware Government Insurance

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs

MARCH 8, 2024

The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain.

Ransomware

Ransomware Data breaches Unstructured Data Architecture

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

pic.twitter.com/5OUODUt3fu — Dominic Alvieri (@AlvieriD) May 20, 2024 The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. Sunoco is the largest at 8 billion gallons.

Hacking

Hacking Ransomware Phishing Malware

Group Health Cooperative data breach impacted 530,000 individuals

Security Affairs

APRIL 10, 2024

The organization disclosed a data breach after a ransomware attack, the incident impacted 533,809 individuals. The data breach occurred on January 24, 2024, and was discovered on January 25 when GHC-SCW identified unauthorized access to its network. A ransomware group contacted the organization claiming the theft of data.

Data breaches

Data breaches Ransomware Insurance Encryption

If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

Malwarebytes

FEBRUARY 12, 2024

Today on the Lock and Code podcast … If your IT and security teams think malware is bad, wait until they learn about everything else. In fact, some attacks have gone so “quiet” that they involve no malware at all. But not every organization has that at hand. What, then, are IT-constrained businesses to do?

Malware

Malware Ransomware Antivirus Information Security

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

An international law enforcement operation codenamed ‘Operation Cronos’ led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries has disrupted the LockBit ransomware operation. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Financial Services Manufacturing

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Security Affairs

SEPTEMBER 27, 2023

Following the recently announced data leak from Sony , the notorious ransomware syndicate Ransomed.vc It is possible the actors behind the attack originate from several competing hacktivist groups which later transformed into ransomware operators. The research follows a recent report by the Department of Homeland Security (DHS).

Ransomware

Ransomware Telecommunications Data breaches Government

Critical flaw found in deprecated VMware EAP. Uninstall it immediately

Security Affairs

FEBRUARY 21, 2024

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6).

Authentication

Authentication Ransomware Software Information Security

CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Security Affairs

MARCH 5, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-21338 (CVSS Score 7.8) CISA orders federal agencies to fix this vulnerability by March 25, 2024.

Cybersecurity

Cybersecurity Ransomware Software Risk

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl.

Cybercrime

Cybercrime Retail Artificial Intelligence Hacking

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches

Data breaches Phishing Ransomware Malware

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for the hack of a local power grid Microsoft released red teaming tool PyRIT for Generative AI CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week FTC charged Avast with selling users’ browsing data to advertising companies (..)

Spyware

Spyware Cyber Insurance Hacking Advertising

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Microsoft Patch Tuesday for February 2024 fixed 2 actively exploited 0-days

Webinars

Trending Sources

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Webinars

Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Ransomware drama: Law enforcement seized Lockbit group’s website again

26 Cyber Security Stats Every User Should Be Aware Of in 2024

The Year in Review and 2024 Predictions

City of Wichita disclosed a data breach after the recent ransomware attack

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs

Security Roundup March 2024

Electronic prescription provider MediSecure impacted by a ransomware attack

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

LockBit ransomware gang claims the attack on the sandwich chain Subway

US cyber and law enforcement agencies warn of Phobos ransomware attacks

City of Wichita hit by a ransomware attack

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Jackson County, Missouri, discloses a ransomware attack

A ransomware attack took 100 Romanian hospitals down

Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks

ICS and OT threat predictions for 2024

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

LockBit ransomware gang claims the attack on Capital Health

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Group Health Cooperative data breach impacted 530,000 individuals

If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

Operation Cronos: law enforcement disrupted the LockBit operation

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Critical flaw found in deprecated VMware EAP. Uninstall it immediately

CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected