Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The FBI continues to observe ransomware operators abusing third-party vendors and services as an attack vector. ” reported the PIN.

Ransomware 105

Ransomware Backups Encryption Phishing 105

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. Pierluigi Paganini.

Ransomware 127

Ransomware Backups Antivirus DDOS 127

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware 140

Ransomware Backups Malware Firewall 140

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware 105

Ransomware VPN Government Retail 105

Malwarebytes

FEBRUARY 5, 2024

The company never revealed the nature of the attack, but based on a brief description, we must assume it was a ransomware attack. Ransomware experts have attributed the attack to ALPHV/BlackCat, but attribution is hard. How to avoid ransomware Block common forms of entry. Create offsite, offline backups.

Backups 107

Backups Ransomware CISO Malware 107

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 138

Ransomware Encryption Backups Malware 138

CyberSecurity Insiders

JUNE 29, 2023

Granules, the Indian Pharmaceutical company that manufactures Paracetamol has released an official statement that a ransomware attack that targeted its servers last month has resulted in substantial loss of revenue and profitability.

Ransomware 83

Ransomware Backups Manufacturing Encryption 83

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 121

Ransomware Backups Healthcare Firewall 121

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 94

Ransomware Antivirus Encryption Backups 94

Security Affairs

APRIL 23, 2021

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. QNAP is urgently working on a solution to remove malware from infected devices.”

Ransomware 116

Ransomware Backups Media Malware 116

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 81

Energy and Utilities Ransomware Backups Malware 81

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Malwarebytes

FEBRUARY 22, 2023

In a statement issued Monday morning, Lehigh Valley Health Network said it had been the target of a cyberattack attributed to a ransomware gang known as BlackCat. BlackCat The ransomware-as-a-service (RaaS) group BlackCat, also known as ALPHV and Noberus, is currently one of the most active groups, and has been associated with Russia.

Healthcare 85

Healthcare Ransomware Backups DDOS 85

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware 88

Ransomware Antivirus Backups Malware 88

Security Affairs

MAY 2, 2021

Swiss cloud hosting provider Swiss Cloud has suffered a ransomware attack that seriously impacted its server infrastructure. On April 27 the Swiss cloud hosting provider was hit by a ransomware attack that brought down the company’s server infrastructure. The backup systems can be used for recovery. Pierluigi Paganini.

Ransomware 125

Ransomware Backups Cyber Attacks Malware 125

Security Affairs

DECEMBER 25, 2021

Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. New ransomware variant, "Rook Ransomware", found on VT practicing searches/hunting on my day off. “The ransomware attempts to terminate any process that may interfere with encryption.

Ransomware 115

Ransomware Malware Encryption Backups 115

Security Affairs

AUGUST 30, 2019

The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe. “At 8:44 a.m. on Monday, Aug.

Backups 90

Backups Ransomware Advertising Encryption 90

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 123

Ransomware Backups Encryption DNS 123

Security Affairs

FEBRUARY 16, 2023

Talos researchers observed a financially motivated threat actor using a new ransomware dubbed MortalKombat and a clipper malware named Laplas. Unlike other ransomware families, MortalKombat did not show any wiper behavior or delete the volume shadow copies on the infected system.

Ransomware 79

Ransomware Cryptocurrency Malware Small Business 79

Security Affairs

MAY 4, 2024

The company has yet to disclose a data breach e never mentioned in its update that it was the victim of a ransomware attack. Such drastic containment measures are typically associated with malware infections, while the unavailability of affected systems often suggests a ransomware infection.

Ransomware 75

Ransomware Data breaches Malware Backups 75

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. At the time of this writing, the Loren group has started uploading the stolen data (95%) US Healthcare organizations continue to be a privileged target of ransomware gangs.

Ransomware 123

Ransomware Healthcare Encryption Cyber Attacks 123

Security Affairs

OCTOBER 31, 2022

Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. In the second phase, once access was gained to a computer, the malware would create and execute a copy of itself on the system.In The infection chain. What should we learn from this?

Malware 96

Malware Computers and Electronics Encryption Ransomware 96

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. Other ransomware attacks recently hit US hospitals. Threat actors continue to target hospitals.

Ransomware 120

Ransomware Healthcare Data breaches Cyber Attacks 120

Security Affairs

OCTOBER 5, 2022

The security firm discovered a bug in the encryption process implemented by the Hades ransomware that can be used to recover the files encrypted by some variants. The experts pointed out that the Hades ransomware affected by the flaw did not exfiltrate any data from the victims. SecurityAffairs – hacking, Hades ransomware).

Ransomware 86

Ransomware Encryption Backups Passwords 86

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose Corporation has announced it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose first detected the malware/ransomware on Bose’s U.S.

Ransomware 116

Ransomware Malware Cyber Attacks Backups 116

Security Affairs

AUGUST 26, 2019

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. ” 2019-08-24: #Nemty #Ransomware version '1.0' Source BleepingComputer.

Ransomware 90

Ransomware Malware Antivirus Encryption 90

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 94

Ransomware Malware Data collection Encryption 94

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. “All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems.

Data breaches 113

Data breaches Ransomware Backups Technology 113

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 103

Ransomware Antivirus Passwords Malware 103

Security Affairs

JUNE 24, 2021

A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. The name ChaChi comes from two key components of the malware, Cha shell and Chi sel. . This leaves their networks more vulnerable to exploits and ransomware attacks.”

Ransomware 117

Ransomware Education DNS Backups 117

Security Affairs

NOVEMBER 13, 2023

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site. At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site.

Ransomware 115

Ransomware Authentication Backups Manufacturing 115

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 104

Cybercrime Malware Backups Manufacturing 104

Security Affairs

DECEMBER 24, 2022

“We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.”

Government 89

Government Malware Telecommunications Cybercrime 89

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

SEPTEMBER 20, 2020

National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. backup servers, network shares, servers, auditing devices).

Education 145

Education Ransomware Antivirus Backups 145