SecureWorld News

MARCH 29, 2024

Cybercriminals can then exploit the compromised device for various purposes, such as stealing personal information, conducting financial fraud, recruiting it into a botnet, or encrypting data and holding it for ransom. A stepping stone to impactful cybercrime This tactic has tangible real-world implications.

Cybercrime 83

Cybercrime Advertising Engineering Antivirus 83

Security Affairs

SEPTEMBER 19, 2022

AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. ” continue the experts.

Encryption 94

Encryption Cybercrime Hacking Malware 94

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. In early January, independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Hacking 116

Hacking Encryption Ransomware Insurance 116

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 116

Encryption Ransomware Cybercrime Malware 116

Security Boulevard

JUNE 6, 2023

Telegram, a popular encrypted messaging app known for its commitment to privacy and security, has ironically become a hub for cybercriminal activities. The platform is increasingly hosting channels that facilitate hacking, distribute stolen data, and provide a marketplace for cybercrime tools and services.

Risk 52

Risk Hacking Cyber threats Cybercrime 52

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. ” continues the report.

Encryption 86

Encryption Ransomware Cybercrime Engineering 86

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. In their online statement about the hack (updated on Feb. Image: Ke-la.com.

Hacking 242

Hacking Ransomware Media Accountability 242

Security Affairs

JUNE 8, 2021

Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications. The FBI and Australian Federal Police (AFP) ran an encrypted chat platform that was used by crime gangs and intercepted their communications.

Encryption 125

Encryption Cryptocurrency Cybercrime Advertising 125

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files. Pierluigi Paganini.

Encryption 88

Encryption Ransomware VPN Malware 88

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. The malware changes the extension of the encrypted files to ‘.royal’.

Encryption 96

Encryption Ransomware Malware Healthcare 96

Malwarebytes

JULY 8, 2022

One of the biggest problems in the cybercrime section of the report relates to backups. Specifically: The lack of backups when dealing with hacking incidents. Assuming the attackers don’t just vanish into the night, the business may decide to pay the ransom and recover the encrypted files. According to the report : 74.6%

Encryption 107

Encryption Backups Cybercrime Ransomware 107

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. SecurityAffairs – hacking, Gaming Partners International (GPI)).

Hacking 126

Hacking Ransomware Advertising Encryption 126

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption 90

Encryption Phishing Accountability Authentication 90

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 318

Social Engineering Mobile Cybercrime Passwords 318

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. UNC2447 extortion activity employed the FIVEHANDS ransomware, the threat actors aggressively threatened victims to disclose their hack on the media to sell the data on hacker forums. .

Cybercrime 105

Cybercrime Ransomware Malware Mobile 105

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The researchers conducted five separate encryption speed tests in a controlled environment (with 6 CPUs, 8192MB RAM, SSD, and 220000 files to be encrypted), limited to local drive encryption only.

Encryption 89

Encryption Ransomware Malware Backups 89

Heimadal Security

NOVEMBER 16, 2021

Moses Staff, a new cybercrime organization, has recently taken credit for multiple attacks targeting Israeli companies, which appear to be politically motivated since no ransom requests are made. Yesterday, Check Point security […].

Hacking 83

Hacking Cybercrime Encryption Cybersecurity 83

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. ’ This firewall even goes as far as to block the latest versions of the encryption service TLS (v1.3) Related: How China challenged Google in Operation Aurora.

Hacking 243

Hacking Passwords Firewall Internet 243

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. The year 2016 saw banks in Russia hacked one after another.

Cybercrime 136

Cybercrime Banking Malware Ransomware 136

Security Affairs

DECEMBER 1, 2023

The Turtle ransomware reads files into memory, encrypt them with AES (in CTR mode), rename the files, then overwrites the original contents of the files with the encrypted data. The malware adds the extension “ TURTLERANSv0 ” to the filenames of encrypted files. The binary also lacks of obfuscation. concludes the analysis.

Ransomware 127

Ransomware Encryption Malware Cybercrime 127

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 87

Encryption Malware Cryptocurrency Software 87

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. The ATM black box attacks are quite popular in the cybercrime underground and several threat actors offer the hardware equipment and malware that could be used to compromise the ATMs.

Hacking 115

Hacking Firmware Encryption Manufacturing 115

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups.” ” reads an update provided by the company. .”

Backups 90

Backups Encryption Data breaches Passwords 90

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”. SecurityAffairs – hacking, SOVA Android banking malware).

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. .” SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media 141

Media Hacking Passwords Data breaches 141

Krebs on Security

MARCH 11, 2024

You’ll be surprised at the number of people that relied on our ‘auto-encrypt’ functionality. “Shadowcrew was the precursor to today’s Darknet Markets and laid the foundation for the way modern cybercrime channels still operate today,” Johnson said. “And yes, this is an extortion!!!!

Marketing 283

Marketing Scams Cryptocurrency Cybercrime 283

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

MARCH 23, 2021

.” Since the disclosure of the vulnerabilities in Accellion FTA multiple cybercrime groups targeted organizations worldwide. In February, security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Data breaches 124

Data breaches Hacking Cybercrime Cyber Attacks 124

Security Affairs

DECEMBER 4, 2021

The ransomware encrypts files on the targeted systems using the “ cuba” extension. The FBI discourages paying the ransom because there is no guarantee to recover the encrypted files. SecurityAffairs – hacking, ransomware). Cuba ransomware has been active since at least January 2020. Pierluigi Paganini.

Ransomware 138

Ransomware Hacking Malware Encryption 138

Joseph Steinberg

JUNE 9, 2022

According to published reports, immediately after discovering the unauthorized encryption of data by ransomware on some district computers, technology personnel shut down the districtwide computer system, and commenced an investigation along with outside cybersecurity experts.

Ransomware 350

Ransomware Artificial Intelligence Education Cybercrime 350

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. Pierluigi Paganini.

Data breaches 121

Data breaches Hacking Banking Financial Services 121

Security Affairs

MARCH 15, 2021

The CEO of the encrypted communications firm Sky Global has been indicted in the US on charges of facilitating international drug trafficking. The head of the Canada-based company Sky Global that provides encrypted communications, Jean-Francois Eap, has been indicted in the US on charges of facilitating international drug trafficking.

Encryption 83

Encryption Cybercrime Software Hacking 83

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 82

Cybercrime Software Ransomware Cyber Attacks 82

Security Affairs

JANUARY 8, 2024

“According to this and other leaked documents, the Department of Defence purchased technology for the Air Force’s encrypted communications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Swiss Air Force) ” reported the SwissInfo website.

Hacking 111

Hacking Data breaches Ransomware Manufacturing 111

Malwarebytes

MARCH 11, 2021

SKY ECC platform remains secure and no authorized Sky ECC device has been hacked.”. The police stated they were able to make these arrests because they were able to intercept and read messages on encrypted phones provided by SKY ECC. All SKY ECC communications are encrypted through private tunnels via private distributed networks.

Encryption 65

Encryption Hacking Cybercrime Advertising 65

Heimadal Security

MARCH 11, 2021

Thanks to a joint operation of the Belgian, Dutch, and French police that covered the monitoring of encrypted communication channels due to the unlocking of the Sky ECC network, European law enforcement agencies have managed to make several arrests. ??#Breaking in a […].

Hacking 101

Hacking Encryption Cybercrime Cybersecurity 101