Blog - Cyber Security Informer

Egregor Ransomware Analysis: Origins, M.O., Victims

Heimadal Security

JANUARY 6, 2022

Such is the case with Egregor ransomware. Since anticipation and prevention are more than welcome, let’s find out more about Egregor and what you can do to combat this type of ransomware in […]. The post Egregor Ransomware Analysis: Origins, M.O., Victims appeared first on Heimdal Security Blog.

Ransomware

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware.

Ransomware

Ransomware Retail Banking Encryption

The Egregor takedown: New tactics to battle ransomware groups show promise

SC Magazine

FEBRUARY 18, 2021

this month cracked down on the Egregor ransomware gang, shutting down its leak website, seizing computers and arresting individuals who are allegedly linked to ransomware attacks that netted $80 million in illicit profits from more than 150 victimized companies. Law enforcement officials from Ukraine, France and the U.S.

Ransomware

Ransomware Cybercrime Media Cyber threats

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Maze, Egregor and Sekhmet Master Decryption Keys Provided by Their Developer

Heimadal Security

FEBRUARY 10, 2022

Decryptors for three popular ransomware families have been recently released by their supposed operator on the BleepingComputer forums. The ransomware operations under discussion are Maze ransomware, Egregor ransomware as well as Sekhmet ransomware.

Ransomware

Ransomware Cybersecurity

Crytek Data Breach: the Company Confirmed Its Data Being Leaked

Heimadal Security

AUGUST 11, 2021

News that Egregor ransomware impacted Crytek enterprise back in October 2020 has been confirmed by the enterprise itself. The post Crytek Data Breach: the Company Confirmed Its Data Being Leaked appeared first on Heimdal Security Blog. The company started to notify the affected clients. Who Is Crytek?

Data breaches

Data breaches Encryption Ransomware Cybersecurity

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware

Ransomware Backups Malware Firewall

Emotet tests new attack chain in low volume campaigns

Security Affairs

APRIL 30, 2022

The infamous banking trojan was also used to deliver other malicious code, such as Trickbot and QBot trojans, or ransomware such as Conti , ProLock , Ryuk , and Egregor. The Emotet botnet was resurrected by its former operator, who was convinced by the Conti ransomware gang. To nominate, please visit:? Pierluigi Paganini.

Ransomware

Ransomware Banking Cybercrime Malware

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

The Qbot malware operation had numerous collaborations in the past with other ransomware gangs, including ProLock , Egregor , DoppelPaymer , and MegaCortex. Its modular structure allows operators to implement new features to extend their capabilities.

Malware

Malware Education Banking Media

Discover 2022’s Nastiest Malware

Webroot

OCTOBER 14, 2022

Since the mainstreaming of ransomware payloads and the adoption of cryptocurrencies that facilitate untraceable payments, malicious actors have been innovating new methods and tactics to evade the latest defenses. The post Discover 2022’s Nastiest Malware appeared first on Webroot Blog. The 6 Nastiest Malware of 2022.

Malware

Malware Antivirus DDOS Cyber Insurance

FBI warns of ransomware gang – What you need to know about the OnePercent group

CyberSecurity Insiders

OCTOBER 14, 2021

This blog was written by an independent guest blogger. The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. Ransomware is then downloaded and the breach is underway. How to spot their scam and protect yourself.

Social Engineering

Social Engineering Ransomware Engineering Phishing

Cyber News Rundown: Gaming Industry in Crosshairs of Cybercriminals

Webroot

JANUARY 13, 2021

Vancouver’s TransLink Suffers Ransomware Attack. Nearly a month after officials identified technical issues with IT systems at Metro Vancouver’s TransLink transportation authority, the interruption was discovered to be the work of the Egregor Ransomware group.

Cryptocurrency

Cryptocurrency Data breaches Accountability Healthcare

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. Group-IB Threat Intelligence & Attribution team found that Hancitor is being actively used by the threat actors to deploy Cuba ransomware. Cuba ransomware has been active since at least January 2020.

Ransomware

Ransomware Education Manufacturing Malware

New Emotet variant uses a module to steal data from Google Chrome

Security Affairs

JUNE 9, 2022

The infamous banking trojan was also used to deliver other malicious code, such as Trickbot and QBot trojans, or ransomware such as Conti , ProLock , Ryuk , and Egregor. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:?

Malware

Malware Banking Passwords Hacking

LockBit Ransomware Is Now Encrypting Windows Domains

Heimadal Security

JULY 28, 2021

The LockBit ransomware was launched in September 2019 as a ransomware-as-a-service. The post LockBit Ransomware Is Now Encrypting Windows Domains appeared first on Heimdal Security Blog. The post LockBit Ransomware Is Now Encrypting Windows Domains appeared first on Heimdal Security Blog.

Encryption

Encryption Ransomware Malware Software

The New Record for Ransomware Demands Now at $30 Million

Heimadal Security

MARCH 18, 2021

Over the past year, ransomware attacks are not showing any signs of slowing down, with the average ransom paid to cybercriminals by organizations being triple now. The post The New Record for Ransomware Demands Now at $30 Million appeared first on Heimdal Security Blog.

Ransomware

Ransomware Cybersecurity

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare

Healthcare Ransomware Cybersecurity Malware

FUJIFILM Had Shut Down Its Network After a Suspected Ransomware Attack

Heimadal Security

JUNE 3, 2021

FUJIFILM disclosed that their Tokyo headquarters have suffered a cyberattack on Tuesday night that looks like a ransomware […]. The post FUJIFILM Had Shut Down Its Network After a Suspected Ransomware Attack appeared first on Heimdal Security Blog.

Ransomware

Ransomware Cybersecurity

Diavol Ransomware, a New Ransomware in the Cybersecurity Landscape

Heimadal Security

JULY 2, 2021

The researchers at FortiGuard Labs linked a new ransomware strain dubbed Diavol ransomware to Wizard Spider. It looks like Diavol and Conti ransomware payloads got deployed on different systems in a ransomware attack that was blocked back in June.

Ransomware

Ransomware Cybersecurity

Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware

Security Affairs

AUGUST 20, 2021

Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Retail Cryptocurrency Data breaches

A taste of the latest release of QakBot

Security Affairs

MAY 6, 2021

Additionally, QakBot is able to move laterally on the internal environment for stealing sensitive data, making internal persistence, or even for deploying other final payloads like ransomware. In recent reports , it could be used to drop other malware such as ProLock and Egregor ransomware. Dribbling AVs with XLM macros.

Malware

Malware Encryption Banking Software

Cyber Security Informer

Egregor Ransomware Analysis: Origins, M.O., Victims

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Webinars

Trending Sources

The Egregor takedown: New tactics to battle ransomware groups show promise

Webinars

Maze, Egregor and Sekhmet Master Decryption Keys Provided by Their Developer

Crytek Data Breach: the Company Confirmed Its Data Being Leaked

Black Basta ransomware operators leverage QBot for lateral movements

Emotet tests new attack chain in low volume campaigns

New QBot campaign delivered hijacking business correspondence

Discover 2022’s Nastiest Malware

FBI warns of ransomware gang – What you need to know about the OnePercent group

Cyber News Rundown: Gaming Industry in Crosshairs of Cybercriminals

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

New Emotet variant uses a module to steal data from Google Chrome

LockBit Ransomware Is Now Encrypting Windows Domains

The New Record for Ransomware Demands Now at $30 Million

Conti’s Ransomware Toll on the Healthcare Industry

FUJIFILM Had Shut Down Its Network After a Suspected Ransomware Attack

Diavol Ransomware, a New Ransomware in the Cybersecurity Landscape

Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware

A taste of the latest release of QakBot

Stay Connected