Banking, Cybercrime, Information Security and Ransomware

Spanish bank Globalcaja confirms Play ransomware attack

Security Affairs

JUNE 5, 2023

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients.

Banking

Banking Ransomware Data breaches Hacking

Conti ransomware gang started leaking files stolen from Bank Indonesia

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. A bank spokesperson told Reuters that the ransomware attack did not impact services.

Banking

Banking Ransomware Cybercrime Malware

Pacific City Bank hit by AVOS Locker Ransomware

Security Affairs

SEPTEMBER 5, 2021

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services.

Banking

Banking Ransomware Financial Services Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS). Bank of America’s systems were not compromised.”

Data breaches

Data breaches Banking Identity Theft Ransomware

Flagstar Bank suffered a data breach once again

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv.

Data breaches

Data breaches Banking Hacking Mobile

Chilean bank BancoEstado hit by REVil ransomware

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7.

Banking

Banking Ransomware Advertising VPN

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.

Malware

Malware Ransomware Banking Healthcare

The newer cybercrime triad: TrickBot-Emotet-Conti

Security Affairs

NOVEMBER 20, 2021

Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. “This created a major interruption within the ransomware supply chains.

Cybercrime

Cybercrime Ransomware Banking Malware

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Our research team also found some bank logs for sale, info stealers were possibly used to steal these logs. Bank logs : These are sets of data containing sensitive information about a bank account. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking

Banking Cybercrime Malware Accountability

Grief ransomware gang hit US National Rifle Association (NRA)

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. In 2019, the U.S. Pierluigi Paganini.

Ransomware

Ransomware Banking Cybercrime Hacking

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. macaw extension to the file name of the encrypted files.

Ransomware

Ransomware Cybercrime Banking Encryption

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Security Affairs

NOVEMBER 8, 2023

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. TransForm is a non-profit group that provides IT services to the above hospitals.

Ransomware

Ransomware Healthcare VPN Insurance

Operation Synergia led to the arrest of 31 individuals

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. The international law enforcement operation was launched to curb the escalation and professionalisation of transnational cybercrime.

Cybercrime

Cybercrime Banking Phishing Malware

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasury trading operations at an American subsidiary of Industrial & Commercial Bank of China Ltd. trillion under management.

Ransomware

Ransomware Banking Financial Services Marketing

Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

Security Affairs

DECEMBER 4, 2023

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198).

Ransomware

Ransomware Malware Banking Hacking

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Flagstar Bank discloses a data breach that impacted 1.5 Million individuals

Security Affairs

JUNE 22, 2022

US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 US-based Flagstar Bank disclosed a data breach that impacted roughly 1.5 This is the second time that Flagstar was the victim of a security breach, in March 2021 it was hit by Clop ransomware gang.

Data breaches

Data breaches Banking Ransomware Hacking

FBI links the Diavol ransomware to the TrickBot gang

Security Affairs

JANUARY 20, 2022

The Federal Bureau of Investigation (FBI) officially linked the Diavol ransomware operation to the infamous TrickBot gang. The FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang , the group that is behind the TrickBot banking trojan. SecurityAffairs – hacking, Diavol ransomware).

Ransomware

Ransomware Banking Malware Encryption

News URSNIF variant doesn’t support banking features

Security Affairs

OCTOBER 21, 2022

Mandiant researchers warn of a significant shift from Ursnif ‘s original purpose, the malware initially used in banking frauds is now used to deliver next-stage payloads and steal sensitive data. The new variant, first observed in June 2022 and dubbed LDR4, is not a banking trojan, but a generic backdoor. . Pierluigi Paganini.

Banking

Banking Malware Hacking Ransomware

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. Experts from Sophos analyzed the code of Entropy ransomware employed in two distinct attacks. In 2019, the U.S.

Ransomware

Ransomware Malware Cybercrime Banking

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

Government

Government Ransomware Cybercrime Banking

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems.

Healthcare

Healthcare Ransomware Cybercrime Advertising

Nexus, an emerging Android banking Trojan targets 450 financial apps

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking

Banking Cryptocurrency Malware Advertising

Australian Firstmac Limited disclosed a data breach after cyber attack

Security Affairs

MAY 13, 2024

Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. “It is important to note that our systems are secure. .” “It is important to note that our systems are secure. Firstmac Limited is an Australian owned company with experience in home and investment loans.

Data breaches

Data breaches Cyber Attacks Identity Theft Banking

Ransomware attack on MGM Resorts costs $110 Million

Security Affairs

OCTOBER 6, 2023

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos.

Ransomware

Ransomware Insurance Banking Hacking

Ransomware realities in 2023: one employee mistake can cost a company millions

Security Affairs

OCTOBER 17, 2023

What is the impact of ransomware on organizations? According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack.

Social Engineering

Social Engineering Ransomware Engineering Phishing

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. ” reads the message published by the ransomware operators.

Hacking

Hacking Ransomware Advertising Encryption

Emsisoft releases free decryptor for the victims of the Diavol ransomware

Security Affairs

MARCH 19, 2022

Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft has released a free decryption tool to help Diavol ransomware victims recover their files without paying a ransom. Pierluigi Paganini.

Ransomware

Ransomware Encryption Banking Malware

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Security Affairs

MARCH 31, 2021

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. To lure victims, cybercriminals pose as bank representatives or customer support team members on Twitter. From January to early March 2021, this scheme grew in scope 2.5-fold

Banking

Banking Scams Accountability Media

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches

Data breaches VPN Hacking Banking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for over two weeks,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division.

Malware

Malware Cybercrime Banking Hacking

Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom

Security Affairs

NOVEMBER 8, 2022

million current and former customers were exposed as a result of a ransomware attack. of current and former customers were exposed as a result of a recent ransomware attack. The company discovered the ransomware attack on October 12 it also announced that no ransom payment will be made to the threat actors for the data theft. .

Ransomware

Ransomware Insurance Data breaches Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. Pierluigi Paganini.

Hacking

Hacking Ransomware DDOS Manufacturing

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 18, 2024

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders U.S.

Cybercrime

Cybercrime Ransomware Malware Data breaches

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware

Ransomware Backups Malware Firewall

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Artificial Intelligence

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye.

Ransomware

Ransomware Malware Telecommunications Advertising

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials.

Ransomware

Ransomware Banking Cyber Insurance Advertising

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A The group claims to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

Hacking

Hacking Banking Ransomware Passwords

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware

Ransomware Telecommunications Banking Advertising

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

Security Affairs

FEBRUARY 19, 2019

According to a new research conducted by Group-IB experts, 74 percent of Russian banks were not ready for cyberattacks. Even so, 74 percent of Russian banks were not ready for cyberattacks , 29 percent were found to be actively infected with malware, and in 52 percent of cases traces of past attacks were detected.

Banking

Banking Marketing Cybercrime Information Security

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.

Social Engineering

Social Engineering Data breaches Ransomware Cybercrime

Spanish bank Globalcaja confirms Play ransomware attack

Conti ransomware gang started leaking files stolen from Bank Indonesia

Webinars

Trending Sources

Pacific City Bank hit by AVOS Locker Ransomware

Webinars

Bank of America customer data compromised after a third-party services provider data breach

Flagstar Bank suffered a data breach once again

Chilean bank BancoEstado hit by REVil ransomware

Carbanak malware returned in ransomware attacks

The newer cybercrime triad: TrickBot-Emotet-Conti

Info stealers and how to protect against them

Grief ransomware gang hit US National Rifle Association (NRA)

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Operation Synergia led to the arrest of 31 individuals

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Flagstar Bank discloses a data breach that impacted 1.5 Million individuals

FBI links the Diavol ransomware to the TrickBot gang

News URSNIF variant doesn’t support banking features

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Experts warn of ransomware attacks against government organizations of small states

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Nexus, an emerging Android banking Trojan targets 450 financial apps

Australian Firstmac Limited disclosed a data breach after cyber attack

Ransomware attack on MGM Resorts costs $110 Million

Ransomware realities in 2023: one employee mistake can cost a company millions

REvil ransomware gang hacked gaming firm Gaming Partners International

Emsisoft releases free decryptor for the victims of the Diavol ransomware

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Black Basta ransomware operators leverage QBot for lateral movements

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

FIN11 gang started deploying ransomware to monetize its operations

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Stay Connected