Malwarebytes

FEBRUARY 14, 2024

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. Big game ransomware attacks are devastating but relatively rare compared to other forms of cyberattack.

Ransomware 79

Ransomware Cybercrime Backups Malware 79

Security Affairs

OCTOBER 22, 2021

FIN7 hacking group created fake cybersecurity companies to hire experts and involve them in ransomware attacks tricking them of conducting a pentest. The FIN7 hacking group is attempting to enter in the ransomware business and is doing it with an interesting technique.

Cybercrime 109

Cybercrime Ransomware Cybersecurity Backups 109

Malwarebytes

JANUARY 25, 2024

The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. In how far new moves on the front of a United Nations Cybercrime Treaty will have a short-term effect on the behavior of state-sponsored groups is very hard to predict. Prevent intrusions.

Ransomware 85

Ransomware Government Social Engineering Spyware 85

Security Affairs

APRIL 25, 2024

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply. Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 104

Ransomware Retail Cyber Attacks Backups 104

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. The threat actors demand the payment of 3.5

Ransomware 115

Ransomware Backups Encryption Healthcare 115

Krebs on Security

JUNE 9, 2020

that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. The average ransomware payment by ransomware strain. Image: Crowdstrike.

Ransomware 356

Ransomware System Administration Backups Technology 356

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 114

Ransomware Encryption Backups Malware 114

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.

Antivirus 108

Antivirus Insurance Ransomware Healthcare 108

Malwarebytes

FEBRUARY 19, 2024

For the last two years the absolute worst, most prolific, most globally significant “big game” ransomware gang has been LockBit. This evening its position as ransomware’s biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UK’s National Crime Agency (NCA).

Ransomware 74

Ransomware Backups Malware Software 74

Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The FBI continues to observe ransomware operators abusing third-party vendors and services as an attack vector. ” reported the PIN.

Ransomware 110

Ransomware Backups Encryption Phishing 110

Malwarebytes

JANUARY 9, 2024

Ransomware groups are liars, yes, but even when these dangerous cybercriminals would ransack organizations and destroy entire companies, a few select groups espoused a sort of “honor among thieves.” But, as can be expected from ransomware groups, these were nothing but lies. How to avoid ransomware Block common forms of entry.

Ransomware 84

Ransomware Passwords Backups Healthcare 84

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare 257

Healthcare Backups Ransomware Insurance 257

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware 142

Ransomware Backups Malware Firewall 142

Malwarebytes

MAY 24, 2023

The BlackBasta ransomware group has already claimed responsibility for the attack through its leak-site. A spokesman for the Central and Contact Point Cybercrime (ZAC NRW) at the Cologne public prosecutor's office confirmed corresponding knowledge of an incident in the early evening. How to avoid ransomware Block common forms of entry.

Ransomware 88

Ransomware Backups Manufacturing Encryption 88

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The company said that the ransomware attack took place on Friday night and impacted only one data center in Sweden. The company later confirmed the news of an Akira ransomware attack.

Ransomware 111

Ransomware VPN Government Retail 111

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 141

Ransomware Encryption Backups Malware 141

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 212

Ransomware Accountability Cybercrime Backups 212

Adam Levin

NOVEMBER 6, 2020

In a joint cybersecurity advisory with the Cybersecurity and Infrastructure Agency (CISA) and the Department of Health and Human Services (HHS), the FBI warned of an “increased and imminent cybercrime threat to U.S. Using air-gapped and password protected backups. hospitals and healthcare providers.”. Using multi factor authentication.

Healthcare 175

Healthcare Antivirus Backups Cybercrime 175

SecureWorld News

FEBRUARY 28, 2024

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. By co-opting the ransomware group's own communication channels, police aimed to sow doubts in the cybercrime community reliant on LockBit's tools and services.

Cybercrime 82

Cybercrime Ransomware Backups Encryption 82

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” ” Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. .” exe, and rundll32.exe.

Government 93

Government Malware Telecommunications Cybercrime 93

Thales Cloud Protection & Licensing

DECEMBER 13, 2023

Ransomware Sanctions: Do They Have Any Impact? madhav Thu, 12/14/2023 - 05:37 Ransomware is one of the most high-profile and high-value cybercrimes that organizations need to watch out for. What Can Organizations Do?

Ransomware 77

Ransomware Encryption Backups Accountability 77

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 108

Ransomware Antivirus Passwords Malware 108

SecureList

JUNE 23, 2022

These days ransomware analysis gets a lot of coverage in commercial and public reports, with vendors issuing dozens of ransomware-related publications each year. Malware analysts and security professionals can learn a lot from these reports, but not much of the content has an immediate or practical use. Clop (TA505). Lockbit2.0.

Ransomware 141

Ransomware Malware Backups Accountability 141

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 85

Energy and Utilities Ransomware Backups Malware 85

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 98

Ransomware Malware Data collection Encryption 98

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 96

Ransomware Antivirus Encryption Backups 96

Malwarebytes

MARCH 3, 2023

The Pierce County Public Transportation Benefit Area Corporation (Pierce Transit) has fallen victim to a cyberattack using LockBit ransomware. Based on the number of known attacks, Lockbit has been the most widely used ransomware-as-a-service (RaaS) for some time now. How to avoid ransomware Block common forms of entry.

Ransomware 83

Ransomware Backups Cybercrime Malware 83

Hacker Combat

APRIL 27, 2022

Ransomware is malicious software that encrypts your files and demands a fee in exchange for access. This type of malware is now the most profitable form of cybercrime since victims feel compelled to pay, even if there are no guarantees that their data will be recovered. Create a backup. Get rid of the ransomware.

Ransomware 105

Ransomware Encryption Wireless Malware 105

Malwarebytes

FEBRUARY 14, 2023

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot (alias "TrickLoader"), a mainstream banking Trojan turned malware-as-a-service (MaaS) platform for other criminals. Have an incident response (IR) plan.

Ransomware 69

Ransomware Backups Banking Social Engineering 69

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware 92

Ransomware Antivirus Backups Malware 92

Security Affairs

FEBRUARY 16, 2023

Talos researchers observed a financially motivated threat actor using a new ransomware dubbed MortalKombat and a clipper malware named Laplas. Unlike other ransomware families, MortalKombat did not show any wiper behavior or delete the volume shadow copies on the infected system.

Ransomware 84

Ransomware Cryptocurrency Malware Small Business 84

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 128

Ransomware Backups Encryption DNS 128

eSecurity Planet

AUGUST 12, 2021

Accenture officials are saying they staved off a ransomware attack this week by a cybercriminal ring using the LockBit malware even as the hacker group claimed to have captured data from the massive global IT and business consulting firm and has threatened to release it. Trends in Ransomware. A CNBC reporter on Aug.

Ransomware 104

Ransomware Backups Cybercrime Artificial Intelligence 104

Security Affairs

OCTOBER 19, 2021

FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations. Like other ransomware operations, BlackMatter also set up its leak site where it publishes data exfiltrated from the victims before encrypting their system.

Ransomware 115

Ransomware Backups Encryption Cybercrime 115

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. Other ransomware attacks recently hit US hospitals. Threat actors continue to target hospitals.

Ransomware 125

Ransomware Healthcare Data breaches Cyber Attacks 125

Security Affairs

JUNE 17, 2023

Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 90

Data breaches DDOS Backups Firewall 90