Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. The threat actors had access to the company systems between September 4 and September 30, 2023, when they deployed ransomware.

Data breaches 106

Data breaches Ransomware Manufacturing Encryption 106

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 125

Ransomware Encryption Backups Manufacturing 125

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. ” GAP #1. 428 hospitals.”

Ransomware 275

Ransomware Healthcare Cybercrime Government 275

Security Affairs

JUNE 15, 2024

NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack on Synnovis had a severe impact of multiple London hospitals, forcing them to cancel more than hundreds of scheduled operations.

Ransomware 96

Ransomware Healthcare Cyber Attacks Hacking 96

SC Magazine

MARCH 30, 2021

The healthcare sector’s information security could use a check up. According to a new study by Varonis that tracked 3 billion files across 58 health care firms, one in five files were visible to all employees – including one in eight containing sensitive information. It is not really keeping up with that trust.”

Healthcare 122

Healthcare Account Security Accountability Risk 122

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering 109

Engineering Ransomware Hacking Education 109

Security Affairs

MARCH 16, 2024

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. Due to the increased security measures placed in our systems, some functions may be slower than usual.”

Ransomware 108

Ransomware Computers and Electronics Data breaches Hacking 108

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Winter was the least active time (14.6%

Ransomware 121

Ransomware Manufacturing Retail Insurance 121

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Identity Theft 95

Identity Theft Ransomware Data breaches Insurance 95

Security Affairs

SEPTEMBER 8, 2023

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. “This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features.

Ransomware 136

Ransomware VPN Authentication Hacking 136

Security Affairs

JANUARY 2, 2022

The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. SecurityAffairs – hacking, Lapsus$ ransomware). Source TheRecord. Pierluigi Paganini.

Media 141

Media Ransomware Telecommunications Accountability 141

Security Affairs

JUNE 10, 2024

The UK NHS issued an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals. The UK National Health Service (NHS) issued an urgent call for O-type blood donations due to the recent ransomware attack on Synnovis that disrupted operations at several healthcare organizations in London.

Ransomware 85

Ransomware Healthcare Cyber Attacks Hacking 85

Security Boulevard

JANUARY 21, 2024

Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

Media 76

Media Accountability Hacking Scams 76

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. ” reads the analysis published by Cisco Talos.

Ransomware 125

Ransomware Hacking VPN Phishing 125

Security Affairs

DECEMBER 15, 2023

Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms.

Ransomware 104

Ransomware Financial Services Cyber Attacks Cybersecurity 104

Security Affairs

DECEMBER 19, 2022

Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language. The researchers estimated that combined revenue surpasses US$550 million. AGENDA.THIAFBB.”

Ransomware 126

Ransomware Encryption Healthcare Education 126

Security Affairs

OCTOBER 14, 2023

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investigation into claims made by the Lockbit ransomware gang that added the company to the list of victims on its leak site.

Ransomware 131

Ransomware Technology Healthcare Government 131

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware 104

Ransomware Digital transformation Retail Antivirus 104

Security Affairs

JULY 22, 2022

Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with Windows 11 Insider Preview build 22528.1000 the OS supports an account lockout policy enabled by default to block brute force attacks. Follow me on Twitter: @securityaffairs and Facebook.

Accountability 93

Accountability Passwords Ransomware Hacking 93

Security Affairs

FEBRUARY 27, 2024

New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Trend Micro confirmed that Black Basta and Bl00dy ransomware groups are actively exploiting both flaws and shared details about their attack chains.

Ransomware 116

Ransomware Malware Software Authentication 116

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Disable unused ports.

Ransomware 99

Ransomware DDOS Passwords Backups 99

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems.

Ransomware 105

Ransomware Surveillance Healthcare Accountability 105

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 116

Ransomware Manufacturing Healthcare Education 116

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 117

Ransomware System Administration Antivirus Malware 117

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Today, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom.

Financial Services 123

Financial Services Hacking Ransomware Data breaches 123

Security Affairs

AUGUST 27, 2022

Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Trend Micro researchers recently discovered a new piece of targeted ransomware, tracked as Agenda, that was written in the Go programming language. ” reads the report published by Trend Micro.

Ransomware 97

Ransomware Encryption Accountability Antivirus 97

Security Boulevard

AUGUST 21, 2022

The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on The Shared Security Show. The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Security Boulevard.

Authentication 98

Authentication Accountability Hacking Ransomware 98

Security Affairs

OCTOBER 6, 2023

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos.

Ransomware 118

Ransomware Insurance Banking Hacking 118

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 109

Ransomware Government Hacking Cyber Attacks 109

Security Affairs

DECEMBER 9, 2023

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. The security breach exposed personal information belonging to patients, employees, and dependents.

Healthcare 117

Healthcare Data breaches Ransomware Insurance 117

Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The FBI continues to observe ransomware operators abusing third-party vendors and services as an attack vector. ” reported the PIN.

Ransomware 108

Ransomware Backups Encryption Phishing 108

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware 87

Ransomware Firmware Hacking Manufacturing 87

Security Affairs

JULY 8, 2022

Emsisoft has released a free decryption tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft released a free decryptor tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom.

Ransomware 123

Ransomware Encryption Malware Accountability 123

Security Affairs

APRIL 23, 2023

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. ” reads the statement published by the insurer.

Insurance 80

Insurance Ransomware Education Accountability 80

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 106

Ransomware Antivirus Passwords Malware 106

Security Affairs

JULY 7, 2021

Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama electric cooperative that serves about 25,000 members, was hit by a ransomware attack. We are thankful that no information has been accessed during this event.”. Pierluigi Paganini.

Ransomware 135

Ransomware Accountability Data breaches Hacking 135

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties.

Ransomware 130

Ransomware Healthcare Cryptocurrency Encryption 130