Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 124

Malware Ransomware Encryption Phishing 124

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services. The gang claimed they had stolen databases containing 6.5

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Security Affairs

OCTOBER 22, 2024

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol’s ‘ Operation Endgame ‘ that disrupted its operations in May. The Bumblebee malware loader has resurfaced in new attacks, four months after Europol disrupted it during “ Operation Endgame ” in May.

Malware 124

Malware Phishing Ransomware Hacking 124

Security Affairs

OCTOBER 27, 2024

Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. “On Friday, October 25, the St.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

JUNE 13, 2025

Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware , using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway.

Ransomware 114

Ransomware Hacking Software Cybercrime 114

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company.

Ransomware 119

Ransomware Software Cybercrime Encryption 119

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 115

Cybercrime Ransomware Healthcare Education 115

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

Security Affairs

MARCH 10, 2025

Microsoft researchers reported that North Korea-linked APT tracked as Moonstone Sleet has employed the Qilin ransomware in limited attacks. Microsoft observed a North Korea-linked APT group, tracked as Moonstone Sleet, deploying Qilin ransomware in limited attacks since February 2025. ” Microsoft wrote on X. .

Ransomware 118

Ransomware Healthcare VPN Malware 118

Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Knight, also known as Cyclops 2.0,

Government 144

Government Hacking Ransomware Insurance 144

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 124

Ransomware Hacking Accountability Cyber Attacks 124

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. “On September 8, 2024, we suffered a ransomware attack on our computer system.

Ransomware 125

Ransomware Insurance Encryption Healthcare 125

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Quarterly figures According to Kaspersky Security Network, in Q3 2024: As many as 6.7 million attacks involving malware, adware or potentially unwanted mobile apps were prevented.

Mobile 101

Mobile Adware Banking Malware 101

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications.

Ransomware 123

Ransomware Manufacturing Malware Hacking 123

Penetration Testing

NOVEMBER 17, 2024

In October 2024, Huntress analysts uncovered a previously unreported ransomware strain, dubbed SafePay, deployed across two distinct incidents.

Ransomware 138

Ransomware Cybersecurity Malware 138

SecureList

NOVEMBER 28, 2024

This is our latest roundup, covering activity we observed during Q3 2024. Earlier in 2024, a secure USB drive was found to be compromised and malicious code was injected into the access management software installed on the USB drive. After that, we did not observe any new activity related to this actor until mid-July 2024.

Malware 118

Malware Government Software Spyware 118

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack.

Ransomware 126

Ransomware Telecommunications Healthcare Insurance 126

Krebs on Security

MAY 14, 2024

CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. ” CVE-2024-30040 is a security feature bypass in MSHTML , a component that is deeply tied to the default Web browser on Windows systems. . Kaspersky said it has since seen the exploit used together with QakBot and other malware.

Social Engineering 295

Social Engineering Backups Malware Banking 295

Security Affairs

MARCH 30, 2025

The Walmart-owned membership warehouse club chain Sams Club is investigating claims of a Cl0p ransomware security breach. Sam’s Club reported $86 billion in net sales for fiscal year 2024, with a revenue growth of 2.2% The ransomware gang did not leak the alleged stolen data as proof of the data breach.

Ransomware 116

Ransomware Data breaches Software Hacking 116

SecureList

DECEMBER 4, 2024

The statistics in this report cover the period from November 2023 through October 2024. The report doesn’t cover mobile statistics, which we will share in our annual mobile malware report. Prevented ransomware attacks on the computers of 303,298 unique users. Detected 85,013,784 unique malicious URLs.

Mobile 92

Mobile Malware Banking Ransomware 92

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. ShrinkLocker ransomware was first discovered in May 2024 by researchers from Kaspersky. It first checks if BitLocker is enabled and, if not, installs it. ” concludes the report.

Ransomware 123

Ransomware Encryption Passwords Backups 123

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. ” reported RIA Novosti.

Ransomware 118

Ransomware Healthcare Hacking Malware 118

Krebs on Security

NOVEMBER 14, 2024

Nor did he respond to reporting here in January 2024 that he ran an IT company with a 34-year-old Russian man named Aleksandr Ermakov , who was sanctioned by authorities in Australia, the U.K. In February, he and Ermakov were arrested on charges of operating a short-lived ransomware affiliate program in 2021 called Sugar (a.k.a.

Retail 274

Retail Advertising Cryptocurrency Cybercrime 274

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Ransomware attacks on U.S. terabytes of data.

Ransomware 126

Ransomware Healthcare Antivirus Data breaches 126

Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. The experts believe threat actors exploited the zero-dayCVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features. This launches the malware routine.”

Healthcare 86

Healthcare Ransomware VPN Malware 86

SecureList

DECEMBER 27, 2024

Statistics across all threats In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 1.5 The percentage of ICS computers on which malicious objects were blocked during the third quarter of 2024 was highest in July and September, and lowest inAugust. Regions and the world.

Malware 104

Malware Spyware Internet Internet 104

Security Affairs

JUNE 6, 2025

A joint advisory from the US and Australian authorities states that Play ransomware has hit approximately 900 organizations over the past three years. In December 2023, CISA, the FBI, and ACSC warned of Play ransomware’s operation that hit 300 victims by October 2023. ” The Play ransomware group follows a double extortion model.

Ransomware 97

Ransomware Encryption Antivirus Malware 97

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications. What Are ClickFix Campaigns?

Scams 123

Scams Malware Phishing Social Engineering 123

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Security Affairs

DECEMBER 3, 2024

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. No ransomware gang has claimed responsibility for the attack. million year-to-date.

Ransomware 119

Ransomware Encryption Technology Cybersecurity 119

Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware 121

Ransomware Cyber Attacks Hacking Cybersecurity 121

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware 98

Ransomware Malware Social Engineering Phishing 98

Security Affairs

JUNE 15, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote (..)

Malware 74

Malware Spyware Ransomware Hacking 74

Penetration Testing

NOVEMBER 10, 2024

Sophos X-Ops recently uncovered Frag ransomware in a series of cyberattacks exploiting a vulnerability in Veeam backup servers, designated CVE-2024-40711.

Ransomware 70

Ransomware Backups Cybersecurity Malware 70

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. This type of malware is designed to compromise user credentials, which are then sold on dark-web forums.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Security Affairs

NOVEMBER 17, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 114

Malware Antivirus Encryption Education 114