Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 112

Ransomware Encryption Backups Malware 112

Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The FBI continues to observe ransomware operators abusing third-party vendors and services as an attack vector. ” reported the PIN.

Ransomware 106

Ransomware Backups Encryption Phishing 106

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 124

Ransomware Encryption Backups Manufacturing 124

Security Affairs

APRIL 25, 2024

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply. Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 104

Ransomware Retail Cyber Attacks Backups 104

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

Malwarebytes

JANUARY 25, 2024

The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. The volume is expected to grow because AI lowers the barrier for entry-level cybercriminals to carry out effective access and information gathering operations.

Ransomware 81

Ransomware Government Social Engineering Spyware 81

Security Affairs

DECEMBER 31, 2022

Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. million in 2016 to close to 16.5

Healthcare 87

Healthcare Ransomware Backups Hacking 87

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.

Antivirus 103

Antivirus Insurance Ransomware Healthcare 103

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare 265

Healthcare Backups Ransomware Insurance 265

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 105

Cybercrime Malware Backups Manufacturing 105

Malwarebytes

JANUARY 9, 2024

Ransomware groups are liars, yes, but even when these dangerous cybercriminals would ransack organizations and destroy entire companies, a few select groups espoused a sort of “honor among thieves.” But, as can be expected from ransomware groups, these were nothing but lies. How to avoid ransomware Block common forms of entry.

Ransomware 80

Ransomware Passwords Backups Healthcare 80

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. Other ransomware attacks recently hit US hospitals. Threat actors continue to target hospitals.

Ransomware 121

Ransomware Healthcare Data breaches Cyber Attacks 121

Malwarebytes

MAY 24, 2023

The BlackBasta ransomware group has already claimed responsibility for the attack through its leak-site. A spokesman for the Central and Contact Point Cybercrime (ZAC NRW) at the Cologne public prosecutor's office confirmed corresponding knowledge of an incident in the early evening. How to avoid ransomware Block common forms of entry.

Ransomware 85

Ransomware Backups Manufacturing Encryption 85

Malwarebytes

FEBRUARY 19, 2024

For the last two years the absolute worst, most prolific, most globally significant “big game” ransomware gang has been LockBit. This evening its position as ransomware’s biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UK’s National Crime Agency (NCA).

Ransomware 71

Ransomware Backups Malware Software 71

Krebs on Security

MAY 31, 2022

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti.

Ransomware 259

Ransomware Government Hacking Media 259

SecureWorld News

FEBRUARY 28, 2024

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. Police taunted that LockbitSupp "has engaged with law enforcement," hinting he may be compromised as an informant. Nonetheless.

Cybercrime 92

Cybercrime Ransomware Backups Encryption 92

Security Affairs

OCTOBER 19, 2021

FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations. Like other ransomware operations, BlackMatter also set up its leak site where it publishes data exfiltrated from the victims before encrypting their system.

Ransomware 111

Ransomware Backups Encryption Cybercrime 111

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware 140

Ransomware Backups Malware Firewall 140

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware 107

Ransomware VPN Government Retail 107

Malwarebytes

MARCH 3, 2023

The Pierce County Public Transportation Benefit Area Corporation (Pierce Transit) has fallen victim to a cyberattack using LockBit ransomware. Based on the number of known attacks, Lockbit has been the most widely used ransomware-as-a-service (RaaS) for some time now. How to avoid ransomware Block common forms of entry.

Ransomware 80

Ransomware Backups Cybercrime Malware 80

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Over the past several years, government agencies and its partners have responded to a significant number of ransomware attacks, including recent attacks against Colonial Pipeline and and U.S.

Data breaches 113

Data breaches Ransomware Backups Technology 113

IT Security Guru

AUGUST 16, 2021

million to cybercrime, as per official police statistics. One of the most damaging forms of cybercrime comes in the form of Ransomware. . Not only that, but 81% of cyber security experts believe we are likely to see more ransomware than ever across the next few years, thanks to its increasing prevalence.

Ransomware 102

Ransomware Cybercrime Backups Encryption 102

Hacker Combat

APRIL 27, 2022

Ransomware is malicious software that encrypts your files and demands a fee in exchange for access. This type of malware is now the most profitable form of cybercrime since victims feel compelled to pay, even if there are no guarantees that their data will be recovered. Create a backup. Get rid of the ransomware.

Ransomware 105

Ransomware Encryption Wireless Malware 105

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 139

Ransomware Encryption Backups Malware 139

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. Healthcare and Public Health sector with ransomware. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. ” reads the alert. .”

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 104

Ransomware Antivirus Passwords Malware 104

Security Affairs

MAY 22, 2023

Satellite TV giant Dish Network disclosed a data breach after the February ransomware attack and started notifying impacted individuals. In early February, the company admitted that the outage was caused by a ransomware attack. According to BleepingComputer , the company was a victim of the Black Basta ransomware operation.

Ransomware 81

Ransomware Data breaches Identity Theft Backups 81

eSecurity Planet

AUGUST 12, 2021

Accenture officials are saying they staved off a ransomware attack this week by a cybercriminal ring using the LockBit malware even as the hacker group claimed to have captured data from the massive global IT and business consulting firm and has threatened to release it. Further reading: How Zero Trust Security Can Protect Against Ransomware.

Ransomware 97

Ransomware Backups Cybercrime Artificial Intelligence 97

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 82

Energy and Utilities Ransomware Backups Malware 82

Security Affairs

FEBRUARY 12, 2022

CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Cybersecurity agencies from the U.K., ” reads the joint advisory.

Ransomware 90

Ransomware Backups Encryption Accountability 90

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers. .”

Ransomware 144

Ransomware Cyber Insurance Insurance Advertising 144

SecureWorld News

JANUARY 19, 2023

That is how James McQuiggan, CISSP, Security Awareness Advocate for KnowBe4, kicked off the recent SecureWorld Remote Sessions webcast titled, "Ransomware, Ransom-war, and Ran-some-where: What We Can Learn When the Hackers Get Hacked." Some scary statistics: Ransomware attacks increased 13% from 2020 to 2021. He ran-some-where.

Hacking 95

Hacking Backups Ransomware Retail 95

Security Affairs

OCTOBER 26, 2021

The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. SecurityAffairs – hacking, Ranzy Locker ransomware).

Ransomware 127

Ransomware Firmware Antivirus Accountability 127

Security Affairs

MAY 10, 2021

The city of Tulsa, Oklahoma, has been hit by a ransomware attack over the weekend that impacted its government’s network and shut down its websites. Shortly after the attack, that took place Friday night, the city issued a statement to inform that no customer information has been comprised in the security breach.

Ransomware 133

Ransomware Accountability Backups Hacking 133

Security Affairs

MAY 4, 2024

The company has released a statement informing customers of the ongoing attack and has “disabled” all company computer systems in Italy as a precautionary measure. The company has yet to disclose a data breach e never mentioned in its update that it was the victim of a ransomware attack. ” Researchers at the platform Ransomfeed.it

Ransomware 89

Ransomware Data breaches Malware Backups 89

Security Affairs

NOVEMBER 13, 2023

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site. At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site.

Ransomware 116

Ransomware Authentication Backups Manufacturing 116

Malwarebytes

JANUARY 15, 2023

The real world impact of cybercrime rears its head once more, with word that 14 schools in the UK have been caught out by ransomware. There’s no word if any of the schools affected paid the ransom and had their data leaked anyway, or if the ransomware gang stuck to its word and “only” leaked in cases of non-payment.

Ransomware 76

Ransomware Backups Education VPN 76